mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #6990 from gojimmypi/PR-Espressif-C3-C6-S2-HW

Browse Source 
Espressif ESP32-C3 ESP32-C6 ESP32-S2 Hardware Acceleration
This commit is contained in:
JacobBarthelmeh 2023-11-22 16:21:41 -07:00 committed by GitHub
commit 2e89e46c0b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
18 changed files with 3740 additions and 811 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
IDE/Espressif/ESP-IDF/README.md
View File

@ -21,7 +21,40 @@ Including the following examples:
1. [ESP-IDF development framework](https://docs.espressif.com/projects/esp-idf/en/latest/get-started/)
## Setup for Linux
## wolfSSL as an Espressif component
There are various methods available for using wolfSSL as a component:
* Managed Component - easiest to get started.
* Local component directory - best for development.
* Install locally - least flexible, but project is fully self-contained.
## Espressif Managed Components
Visit https://components.espressif.com/components/wolfssl/wolfssl and see the instructions. Typically:
```
idf.py add-dependency "wolfssl/wolfssl^5.6.0-stable"
```
## Standard local component:
See the [template example](./examples/template/README.md). Simply created a `wolfssl` directory in the
local project `components` directory and place the [CMakeLists.txt](./examples/template/components/CMakeLists.txt)
file there. Then add a `components/wolfssl/include` directory and place the [user_settings.h](/examples/template/components/wolfssl/include/user_settings.h)
file there. If wolfSSL is in a structure such as `./workspace/wolfssl` with respect to your project at `./workspace/wolfssl`,
then the cmake file should automatically find the wolfSSL source code. Otherwise set the cmake `WOLFSSL_ROOT` variable
in the top-level CMake file. Examples:
```cmake
set(WOLFSSL_ROOT "C:/some-path/wolfssl")
set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
set(WOLFSSL_ROOT "/mnt/c/somepath/wolfssl")
```
See the specific examples for additional details.
## Setup for Linux (wolfSSL local copy)
1. Run `setup.sh` at _/path/to_`/wolfssl/IDE/Espressif/ESP-IDF/` to deploy files into ESP-IDF tree
2. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`

150
IDE/Espressif/ESP-IDF/user_settings.h
View File

@ -83,7 +83,7 @@
#define WOLFSSL_AES_DIRECT
#endif
/* when you want to use aes counter mode */
/* when you want to use AES counter mode */
/* #define WOLFSSL_AES_DIRECT */
/* #define WOLFSSL_AES_COUNTER */
@ -102,10 +102,17 @@
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
/* threshold for performance adjustment for HW primitive use */
/* NOTE HW unreliable for small values on older original ESP32!*/
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#define EPS_RSA_EXPT_XBTIS 36
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#define ESP_RSA_MULM_BITS 2000
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
/* debug options */
@ -123,46 +130,129 @@
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32)
/* when you want not to use HW acceleration on ESP32 (below for S3, etc */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
/* end CONFIG_IDF_TARGET_ESP32 */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
/* ESP32-S2 disabled by default; not implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* when you want not to use HW acceleration on ESP32-S3 */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* ESP32-C3 disabled by default, not implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
/* ESP32-C6 disabled by default, not implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* ESP32-H2 disabled by default, not implemented */
/* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#else
/* anything else unknown will have HW disabled by default */
/* Anything else encountered, disable HW accleration */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
#define CTX_CA_CERT_SIZE sizeof_root_sm2
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_CERT server_sm2
#define CTX_SERVER_CERT_SIZE sizeof_server_sm2
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_KEY server_sm2_priv
#define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif

49
wolfcrypt/src/aes.c
View File

@ -483,7 +483,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#undef WOLFSSL_AES_DIRECT
#define WOLFSSL_AES_DIRECT
/* If we choose to never have a fallback to SW: */
/* Encrypt: If we choose to never have a fallback to SW: */
#if !defined(NEED_AES_HW_FALLBACK) && (defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT))
static WARN_UNUSED_RESULT int wc_AesEncrypt( /* calling this one when NO_AES_192 is defined */
Aes* aes, const byte* inBlock, byte* outBlock)
@ -501,7 +501,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
}
#endif
/* If we choose to never have a fallback to SW */
/* Decrypt: If we choose to never have a fallback to SW: */
#if !defined(NEED_AES_HW_FALLBACK) && (defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT))
static WARN_UNUSED_RESULT int wc_AesDecrypt(
Aes* aes, const byte* inBlock, byte* outBlock)
@ -882,10 +882,9 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#ifdef NEED_AES_TABLES
#ifndef WC_AES_BITSLICED
#if (!defined(WOLFSSL_SILABS_SE_ACCEL) && \
!defined(WOLFSSL_ESP32_CRYPT_RSA_PRI) \
) || \
(defined(WOLFSSL_ESP32_CRYPT_RSA_PRI) && defined(NEED_AES_HW_FALLBACK))
#if !defined(WOLFSSL_SILABS_SE_ACCEL) || \
defined(NO_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_AES) || \
defined(NEED_AES_HW_FALLBACK)
static const FLASH_QUALIFIER word32 rcon[] = {
0x01000000, 0x02000000, 0x04000000, 0x08000000,
0x10000000, 0x20000000, 0x40000000, 0x80000000,
@ -1535,8 +1534,8 @@ static WARN_UNUSED_RESULT word32 inv_col_mul(
byte t0 = t9 ^ tb ^ td;
return t0 ^ AES_XTIME(AES_XTIME(AES_XTIME(t0 ^ te) ^ td ^ te) ^ tb ^ te);
}
#endif
#endif
#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
#endif /* WOLFSSL_AES_SMALL_TABLES */
#endif
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) || \
@ -3894,8 +3893,29 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
XMEMCPY(rk, key, keySz);
#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
(!defined(WOLFSSL_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_AES))
ByteReverseWords(rk, rk, keySz);
#endif
/* Always reverse words when using only SW */
{
ByteReverseWords(rk, rk, keySz);
}
#else
/* Sometimes reverse words when using supported HW */
#if defined(WOLFSSL_ESPIDF)
/* Some platforms may need SW fallback (e.g. AES192) */
#if defined(NEED_AES_HW_FALLBACK)
{
ESP_LOGV(TAG, "wc_AesEncrypt fallback check");
if (wc_esp32AesSupportedKeyLen(aes)) {
/* don't reverse for HW supported key lengths */
}
else {
ByteReverseWords(rk, rk, keySz);
}
}
#else
/* If we don't need SW fallback, don't need to reverse words. */
#endif /* NEED_AES_HW_FALLBACK */
#endif /* WOLFSSL_ESPIDF */
#endif /* LITTLE_ENDIAN_ORDER, etc */
switch (keySz) {
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \
@ -4345,13 +4365,20 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
return wc_AesSetKey_for_ESP32(aes, userKey, keylen, iv, dir);
}
else {
#if defined(WOLFSSL_HW_METRICS)
/* It is interesting to know how many times we could not complete
* AES in hardware due to unsupported lengths. */
wc_esp32AesUnupportedLengthCountAdd();
#endif
#ifdef DEBUG_WOLFSSL
ESP_LOGW(TAG, "wc_AesSetKey HW Fallback, unsupported keylen = %d",
keylen);
#endif
}
#endif
#endif /* WOLFSSL_ESPIDF && NEED_AES_HW_FALLBACK */
return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
} /* wc_AesSetKey() */
#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)

56
wolfcrypt/src/port/Espressif/README.md
View File

@ -1,34 +1,68 @@
# ESP32 Port
Support for the ESP32-WROOM-32 on-board crypto hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod.
Support for the ESP32 on-board cryptographic hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod.
* ESP32 - Supported
* ESP32S2 - Supported
* ESP32S3 - Supported
* ESP32C2 - Software only (contact support to request hardware acceleration)
* ESP32C3 - Supported
* ESP32C6 - Supported
* ESP32H2 - Software only (contact support to request hardware acceleration)
## ESP32 Acceleration
For detail about ESP32 HW Acceleration, you can find in [Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf)
More details about ESP32 HW Accelerationcan be found in:
* [ESP32 Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf)
* [ESP32-S2 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-s2_technical_reference_manual_en.pdf)
* [ESP32-S3 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf)
* [ESP32-C2 (aka ESP8684 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp8684_technical_reference_manual_en.pdf)
* [ESP32-C3 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-c3_technical_reference_manual_en.pdf)
* [ESP32-C6 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-c6_technical_reference_manual_en.pdf)
* [ESP32-H2 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-h2_technical_reference_manual_en.pdf)
### Building
To enable hw acceleration :
Simply run `ESP-IDF.py` in any of the [Espressif/ESP-IDF/Examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples).
See the respective project README files. Examples are also available using wolfssl as a [Managed Component](https://components.espressif.com/components/wolfssl/wolfssl).
* Uncomment out `#define WOLFSSL_ESPIDF` in `/path/to/wolfssl/wolfssl/wolfcrypt/settings.h`
* Uncomment out `#define WOLFSSL_ESP32` in `/path/to/wolfssl/wolfssl/wolfcrypt/settings.h`
Hardware acceleration is enabled by default. All settings should be adjusted in the respective project component
`user_settings.h` file. See the example in [template example](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h).
In particular, comment out the `NO_[feature_name]` macros to enable hardware encryption:
To disable portions of the hardware acceleration you can optionally define:
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
To disable specific portions of the hardware acceleration you can optionally define:
```c
/* Disabled SHA, AES and RSA acceleration */
/* Disable all SHA, AES and RSA acceleration */
#define NO_ESP32_CRYPT
/* Disabled AES acceleration */
/* Disable only AES acceleration */
#define NO_WOLFSSL_ESP32_CRYPT_AES
/* Disabled SHA acceleration */
/* Disabled only SHA acceleration */
#define NO_WOLFSSL_ESP32_CRYPT_HASH
/* Disabled RSA Primitive acceleration */
/* Disabled only RSA Primitive acceleration */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
```
See the [wolfcrypt/port/Espressif/esp32-crypt.h](https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h)
for more details on fine tuning and debugging options.
### Coding
In your application you must include `<wolfssl/wolfcrypt/settings.h>` before any other wolfSSL headers. If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` and adding your own `user_settings.h` file. You can find a good reference for this in `IDE/GCC-ARM/Header/user_settings.h`.
In your application you must include `<wolfssl/wolfcrypt/settings.h>` before any other wolfSSL headers.
If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` (typically defined in the `CMakeLists.txt`)
and adding your own `user_settings.h` file. You can find a good reference in the [Espressif examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
as well as other examples such as [IDE/GCC-ARM/Header/user_settings.h](https://github.com/wolfSSL/wolfssl/blob/master/IDE/GCC-ARM/Header/user_settings.h).
To view disassembly, add `__attribute__((section(".iram1")))` decorator. Foe example:
To view disassembly, add `__attribute__((section(".iram1")))` decorator. Foe example:

373
wolfcrypt/src/port/Espressif/esp32_aes.c
View File

@ -23,21 +23,23 @@
* WOLFSSL_SUCCESS and WOLFSSL_FAILURE values should only
* be used in the ssl layer, not in wolfCrypt
**/
#include <string.h>
#include <stdio.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
/* Reminder: user_settings.h is needed and included from settings.h
* Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
#include "sdkconfig.h" /* programmatically generated from sdkconfig */
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#ifndef NO_AES
#if defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_AES)
#include "sdkconfig.h" /* programmatically generated from sdkconfig */
#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
#include <wolfssl/wolfcrypt/aes.h>
#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
#include <wolfssl/wolfcrypt/error-crypt.h>
/* breadcrumb tag text for ESP_LOG() */
@ -49,21 +51,25 @@ static wolfSSL_Mutex aes_mutex;
/* keep track as to whether esp aes is initialized */
static int espaes_CryptHwMutexInit = 0;
#if defined(WOLFSSL_HW_METRICS)
static unsigned long esp_aes_unsupported_length_usage_ct = 0;
#endif
/*
* lock hw engine.
* this should be called before using engine.
*
* returns 0 if the hw lock was initialized and mutex lock
*/
static int esp_aes_hw_InUse()
static int esp_aes_hw_InUse(void)
{
int ret = 0;
int ret = ESP_OK;
ESP_LOGV(TAG, "enter esp_aes_hw_InUse");
if (espaes_CryptHwMutexInit == 0) {
ret = esp_CryptHwMutexInit(&aes_mutex);
if (ret == 0) {
if (ret == ESP_OK) {
/* flag esp aes as initialized */
espaes_CryptHwMutexInit = 1;
}
@ -75,8 +81,11 @@ static int esp_aes_hw_InUse()
/* esp aes has already been initialized */
}
if (ret == 0) {
/* lock hardware */
if (ret == ESP_OK) {
/* lock hardware; there should be exactly one instance
* of esp_CryptHwMutexLock(&aes_mutex ...) in code */
/* TODO - do we really want to wait?
* probably not */
ret = esp_CryptHwMutexLock(&aes_mutex, portMAX_DELAY);
}
else {
@ -84,15 +93,26 @@ static int esp_aes_hw_InUse()
}
if (ret == 0) {
if (ret == ESP_OK) {
/* Enable AES hardware */
periph_module_enable(PERIPH_AES_MODULE);
#if CONFIG_IDF_TARGET_ESP32S3
/* Select working mode. Can be typical or DMA.
* 0 => typical
* 1 => DMA */
DPORT_REG_WRITE(AES_DMA_ENABLE_REG, 0);
#if defined(CONFIG_IDF_TARGET_ESP32S2) || \
defined(CONFIG_IDF_TARGET_ESP32S3)
{
/* Select working mode. Can be typical or DMA.
* 0 => typical
* 1 => DMA */
DPORT_REG_WRITE(AES_DMA_ENABLE_REG, 0);
}
#elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
{
/* Select working mode. Can be typical or DMA.
* 0 => typical
* 1 => DMA */
DPORT_REG_WRITE(AES_DMA_ENABLE_REG, 0);
}
#endif
}
@ -117,11 +137,11 @@ static void esp_aes_hw_Leave( void )
/*
* set key to hardware key registers.
* return 0 on success; -1 if mode isn't supported.
* return ESP_OK = 0 on success; BAD_FUNC_ARG if mode isn't supported.
*/
static int esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
{
int ret = 0;
int ret = ESP_OK;
word32 i;
word32 mode_ = 0;
@ -142,15 +162,20 @@ static int esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
} /* if mode */
/*
** ESP32: see table 22-1 in ESP32 Technical Reference
** ESP32S3: see table 19-2 in ESP32S3 Technical Reference
** mode Algorithm ESP32 ESP32S3
** 0 AES-128 Encryption y y
** 1 AES-192 Encryption y n
** 2 AES-256 Encryption y y
** 4 AES-128 Decryption y y
** 5 AES-192 Decryption y n
** 6 AES-256 Decryption y y
** ESP32: see table 22-1 in ESP32 Technical Reference
** ESP32-S3: see table 19-2 in ESP32-S3 Technical Reference
** ESP32-C3:
** ESP32-C6: see table 18-2 in ESP32-C6 Technical Reference
**
** Mode Algorithm ESP32 ESP32S3 ESP32C3 ESP32C6
** 0 AES-128 Encryption y y y y
** 1 AES-192 Encryption y n n n
** 2 AES-256 Encryption y y y y
** 3 reserved n n n n
** 4 AES-128 Decryption y y y y
** 5 AES-192 Decryption y n n n
** 6 AES-256 Decryption y y y y
** 7 reserved n n n n
*/
switch(ctx->keylen){
case 24: mode_ += 1; break;
@ -158,23 +183,52 @@ static int esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
default: break;
}
#if CONFIG_IDF_TARGET_ESP32S3
if (mode_ == 1 || mode_ == 5 || mode_ == 7) {
/* Some specific modes are not supported on some targets. */
#if defined(CONFIG_IDF_TARGET_ESP32)
#define TARGET_AES_KEY_BASE AES_KEY_BASE
if (mode_ == 3 || mode_ > 6) {
/* this should have been detected in aes.c and fall back to SW */
ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
ret = BAD_FUNC_ARG;
}
#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
#define TARGET_AES_KEY_BASE AES_KEY_BASE
if (mode_ == 1 || mode_ == 3 || mode_ == 5 || mode_ > 6) {
/* this should have been detected in aes.c and fall back to SW */
ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
ret = BAD_FUNC_ARG;
}
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#define TARGET_AES_KEY_BASE AES_KEY_BASE
if (mode_ == 1 || mode_ == 3|| mode_ == 5 || mode_ > 6) {
/* this should have been detected in aes.c and fall back to SW */
ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
ret = BAD_FUNC_ARG;
}
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
#define TARGET_AES_KEY_BASE AES_KEY_0_REG
if (mode_ == 1 || mode_ == 3 || mode_ == 5 || mode_ > 6) {
/* this should have been detected in aes.c and fall back to SW */
ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
ret = BAD_FUNC_ARG;
}
#else
/* assume all modes supported, use AES_KEY_BASE */
#define TARGET_AES_KEY_BASE AES_KEY_BASE
#endif
if (ret == 0) {
/* */
if (ret == ESP_OK) {
/* update key */
for (i = 0; i < (ctx->keylen) / sizeof(word32); i++) {
DPORT_REG_WRITE((volatile uint32_t*)(AES_KEY_BASE + (i * 4)),
DPORT_REG_WRITE((volatile word32*)(TARGET_AES_KEY_BASE + (i * 4)),
*(((word32*)ctx->key) + i)
);
}
if (ret == 0) {
if (ret == ESP_OK) {
DPORT_REG_WRITE(AES_MODE_REG, mode_);
}
ESP_LOGV(TAG, " leave esp_aes_hw_Setkey");
@ -191,16 +245,78 @@ static int esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
*/
static void esp_aes_bk(const byte* in, byte* out)
{
const word32 *inwords = (const word32 *)in;
const word32* inwords;
uint32_t* outwords;
#if ESP_IDF_VERSION_MAJOR >= 4
uint32_t *outwords = (uint32_t *)out;
#else
word32 *outwords = (word32 *)out;
#endif
inwords = (const word32*)in;
outwords = (uint32_t*)out;
ESP_LOGV(TAG, "enter esp_aes_bk");
#if CONFIG_IDF_TARGET_ESP32S3
#if defined(CONFIG_IDF_TARGET_ESP32)
/* copy text for encrypting/decrypting blocks */
DPORT_REG_WRITE(AES_TEXT_BASE, inwords[0]);
DPORT_REG_WRITE(AES_TEXT_BASE + 4, inwords[1]);
DPORT_REG_WRITE(AES_TEXT_BASE + 8, inwords[2]);
DPORT_REG_WRITE(AES_TEXT_BASE + 12, inwords[3]);
/* start engine */
DPORT_REG_WRITE(AES_START_REG, 1);
/* wait until finishing the process */
while (1) {
if (DPORT_REG_READ(AES_IDLE_REG) == 1) {
break;
}
}
/* read-out blocks */
esp_dport_access_read_buffer(outwords, AES_TEXT_BASE, 4);
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* See ESP32-C3 technical reference manual:
** 19.4.3 Operation process using CPU working mode.
** The ESP32-C3 also supports a DMA mode. (not ywt implemented)
**
** Copy text for encrypting/decrypting blocks: */
DPORT_REG_WRITE(AES_TEXT_IN_BASE, inwords[0]);
DPORT_REG_WRITE(AES_TEXT_IN_BASE + 4, inwords[1]);
DPORT_REG_WRITE(AES_TEXT_IN_BASE + 8, inwords[2]);
DPORT_REG_WRITE(AES_TEXT_IN_BASE + 12, inwords[3]);
/* start engine */
DPORT_REG_WRITE(AES_TRIGGER_REG, 1);
/* wait until finishing the process */
while (DPORT_REG_READ(AES_STATE_REG) != 0) {
/* waiting for the hardware accelerator to complete operation. */
}
/* read-out blocks */
esp_dport_access_read_buffer((uint32_t*)outwords, AES_TEXT_OUT_BASE, 4);
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
/* See ESP32-C6 technical reference manual:
** 18.4.3 Operation process using CPU working mode.
** The ESP32-C6 also supports a DMA mode. (not ywt implemented)
**
** Copy text for encrypting/decrypting blocks: */
DPORT_REG_WRITE(AES_TEXT_IN_0_REG, inwords[0]);
DPORT_REG_WRITE(AES_TEXT_IN_1_REG, inwords[1]);
DPORT_REG_WRITE(AES_TEXT_IN_2_REG, inwords[2]);
DPORT_REG_WRITE(AES_TEXT_IN_3_REG, inwords[3]);
/* start engine */
DPORT_REG_WRITE(AES_TRIGGER_REG, 1);
/* wait until finishing the process */
while (DPORT_REG_READ(AES_STATE_REG) != 0) {
/* waiting for the hardware accelerator to complete operation. */
}
/* read-out blocks */
esp_dport_access_read_buffer(outwords, AES_TEXT_OUT_0_REG, 4);
#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
/* See esp32 - s3 technical reference manual:
** 19.4.3 Operation process using CPU working mode.
** The ESP32-S3 also supports a DMA mode.
@ -221,25 +337,11 @@ static void esp_aes_bk(const byte* in, byte* out)
/* read-out blocks */
esp_dport_access_read_buffer(outwords, AES_TEXT_OUT_BASE, 4);
#else
/* copy text for encrypting/decrypting blocks */
DPORT_REG_WRITE(AES_TEXT_BASE, inwords[0]);
DPORT_REG_WRITE(AES_TEXT_BASE + 4, inwords[1]);
DPORT_REG_WRITE(AES_TEXT_BASE + 8, inwords[2]);
DPORT_REG_WRITE(AES_TEXT_BASE + 12, inwords[3]);
ESP_LOGW(TAG, "Warning: esp_aes_bk called for unsupported target: %s",
CONFIG_IDF_TARGET)
/* start engine */
DPORT_REG_WRITE(AES_START_REG, 1);
/* wait until finishing the process */
while (1) {
if (DPORT_REG_READ(AES_IDLE_REG) == 1) {
break;
}
}
/* read-out blocks */
esp_dport_access_read_buffer(outwords, AES_TEXT_BASE, 4);
#endif
ESP_LOGV(TAG, "leave esp_aes_bk");
@ -249,36 +351,48 @@ static void esp_aes_bk(const byte* in, byte* out)
* wc_esp32AesSupportedKeyLen
* @brief: returns 1 if AES key length supported in HW, 0 if not
* @param aes:a value of a ley length */
WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLenValue(int keylen)
int wc_esp32AesSupportedKeyLenValue(int keylen)
{
int ret = 0;
int ret = ESP_OK;
#if defined(CONFIG_IDF_TARGET_ESP32)
if (keylen == 16 || keylen == 24 || keylen == 32) {
ret = 1;
}
else {
ret = 0; /* keylen 24 (192 bit) not supported */
ret = ESP_OK; /* keylen 24 (192 bit) not supported */
}
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
ret = 0; /* not supported */
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
if (keylen == 16 || keylen == 32) {
ret = 1;
}
else {
ret = 0; /* keylen 24 (192 bit) not supported */
ret = ESP_OK; /* keylen 24 (192 bit) not supported */
}
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
ret = 0; /* not supported */
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
ret = 0; /* not supported */
if (keylen == 16 || keylen == 32) {
ret = 1;
}
else {
ret = ESP_OK; /* keylen 24 (192 bit) not supported */
}
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
ret = 0; /* not supported */
ret = ESP_OK; /* not yet implemented */
#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
if (keylen == 16 || keylen == 32) {
ret = 1;
}
else {
ret = ESP_OK; /* keylen 24 (192 bit) not supported */
}
#else
ret = 0; /* if we don't know, then it is not supported */
ret = ESP_OK; /* if we don't know, then it is not supported */
#endif
return ret;
}
@ -287,11 +401,11 @@ WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLenValue(int keylen)
* wc_esp32AesSupportedKeyLen
* @brief: returns 1 if AES key length supported in HW, 0 if not
* @param aes: a pointer of the AES object used to encrypt data */
WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLen(struct Aes* aes)
int wc_esp32AesSupportedKeyLen(struct Aes* aes)
{
int ret;
if (aes == NULL) {
ret = 0; /* we need a valid aes object to get its keylength */
ret = ESP_OK; /* we need a valid aes object to get its keylength */
}
else {
ret = wc_esp32AesSupportedKeyLenValue(aes->keylen);
@ -303,28 +417,30 @@ WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLen(struct Aes* aes)
* wc_esp32AesEncrypt
* @brief: a one block encrypt of the input block, into the output block
* @param aes: a pointer of the AES object used to encrypt data
* @param in : a pointer of the input buffer containing plain text to be encrypted
* @param out: a pointer of the output buffer in which to store the cipher text of
* the encrypted message
* @param in : a pointer of the input buffer containing
* plain text to be encrypted
* @param out: a pointer of the output buffer in which to store the
* cipher text of the encrypted message
* @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
*/
WOLFSSL_LOCAL int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out)
int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out)
{
int ret = 0;
int ret = ESP_OK;
ESP_LOGV(TAG, "enter wc_esp32AesEncrypt");
/* lock the hw engine */
ret = esp_aes_hw_InUse();
if (ret == 0) {
if (ret == ESP_OK) {
ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT);
if (ret != 0) {
ESP_LOGE(TAG, "wc_esp32AesEncrypt failed during esp_aes_hw_Set_KeyMode");
if (ret != ESP_OK) {
ESP_LOGE(TAG, "wc_esp32AesEncrypt failed "
"during esp_aes_hw_Set_KeyMode");
}
}
/* load the key into the register */
if (ret == 0) {
if (ret == ESP_OK) {
/* process a one block of AES */
esp_aes_bk(in, out);
}
@ -338,12 +454,13 @@ WOLFSSL_LOCAL int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out)
* wc_esp32AesDecrypt
* @brief: a one block decrypt of the input block, into the output block
* @param aes: a pointer of the AES object used to decrypt data
* @param in : a pointer of the input buffer containing plain text to be decrypted
* @param out: a pointer of the output buffer in which to store the cipher text of
* the decrypted message
* @param in : a pointer of the input buffer containing
* plain text to be decrypted
* @param out: a pointer of the output buffer in which to store the
* cipher text of the decrypted message
* @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
*/
WOLFSSL_LOCAL int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
{
int ret;
@ -352,14 +469,15 @@ WOLFSSL_LOCAL int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
esp_aes_hw_InUse();
/* load the key into the register */
ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT);
if (ret != 0) {
ESP_LOGE(TAG, "wc_esp32AesDecrypt failed during esp_aes_hw_Set_KeyMode");
if (ret != ESP_OK) {
ESP_LOGE(TAG, "wc_esp32AesDecrypt failed "
"during esp_aes_hw_Set_KeyMode");
/* release hw */
esp_aes_hw_Leave();
ret = BAD_FUNC_ARG;
}
if (ret == 0) {
if (ret == ESP_OK) {
/* process a one block of AES */
esp_aes_bk(in, out);
/* release hw engine */
@ -372,16 +490,17 @@ WOLFSSL_LOCAL int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
/*
* wc_esp32AesCbcEncrypt
* @brief: Encrypts a plain text message from the input buffer, and places the
* resulting cipher text into the output buffer using cipher block chaining
* with AES.
* resulting cipher text into the output buffer using cipher block
* chaining with AES.
* @param aes: a pointer of the AES object used to encrypt data
* @param out: a pointer of the output buffer in which to store the cipher text of
* the encrypted message
* @param in : a pointer of the input buffer containing plain text to be encrypted
* @param out: a pointer of the output buffer in which to store the
cipher text of the encrypted message
* @param in : a pointer of the input buffer containing
* plain text to be encrypted
* @param sz : size of input message
* @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
*/
WOLFSSL_LOCAL int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
int ret;
int i;
@ -396,14 +515,14 @@ WOLFSSL_LOCAL int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, wor
ret = esp_aes_hw_InUse();
if (ret == 0) {
if (ret == ESP_OK) {
ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT);
if (ret != 0) {
if (ret != ESP_OK) {
ESP_LOGW(TAG, "wc_esp32AesCbcEncrypt failed HW Set KeyMode");
}
} /* if set esp_aes_hw_InUse successful */
if (ret == 0) {
if (ret == ESP_OK) {
while (blocks--) {
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
@ -419,7 +538,7 @@ WOLFSSL_LOCAL int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, wor
/* store IV for next block */
XMEMCPY(iv, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
} /* while (blocks--) */
} /* if Set Mode successful (ret == 0) */
} /* if Set Mode successful (ret == ESP_OK) */
esp_aes_hw_Leave();
ESP_LOGV(TAG, "leave wc_esp32AesCbcEncrypt");
@ -429,16 +548,17 @@ WOLFSSL_LOCAL int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, wor
/*
* wc_esp32AesCbcDecrypt
* @brief: Encrypts a plain text message from the input buffer, and places the
* resulting cipher text into the output buffer using cipher block chaining
* with AES.
* resulting cipher text into the output buffer using cipher block
* chaining with AES.
* @param aes: a pointer of the AES object used to decrypt data
* @param out: a pointer of the output buffer in which to store the cipher text of
* the decrypted message
* @param in : a pointer of the input buffer containing plain text to be decrypted
* @param out: a pointer of the output buffer in which to store the
* cipher text of the decrypted message
* @param in : a pointer of the input buffer containing
* plain text to be decrypted
* @param sz : size of input message
* @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
*/
WOLFSSL_LOCAL int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
int ret;
@ -454,14 +574,14 @@ WOLFSSL_LOCAL int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, wor
ret = esp_aes_hw_InUse();
if (ret == 0) {
if (ret == ESP_OK) {
ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT);
if (ret != 0) {
if (ret != ESP_OK) {
ESP_LOGW(TAG, "wc_esp32AesCbcDecrypt failed HW Set KeyMode");
}
}
if (ret == 0) {
if (ret == ESP_OK) {
while (blocks--) {
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
@ -477,7 +597,7 @@ WOLFSSL_LOCAL int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, wor
offset += AES_BLOCK_SIZE;
} /* while (blocks--) */
} /* if Set Mode was successful (ret == 0) */
} /* if Set Mode was successful (ret == ESP_OK) */
esp_aes_hw_Leave();
ESP_LOGV(TAG, "leave wc_esp32AesCbcDecrypt");
@ -486,3 +606,40 @@ WOLFSSL_LOCAL int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, wor
#endif /* WOLFSSL_ESP32_CRYPT */
#endif /* NO_AES */
/* Metrics */
#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
#if defined(WOLFSSL_HW_METRICS)
/* increment esp_aes_unsupported_length_usage_ct and return current value */
int wc_esp32AesUnupportedLengthCountAdd(void) {
esp_aes_unsupported_length_usage_ct++;
return esp_aes_unsupported_length_usage_ct;
}
#endif /* WOLFSSL_HW_METRICS */
/* Show AES Metrics when enabled, otherwise callable but no action. */
int esp_hw_show_aes_metrics(void)
{
int ret = ESP_OK;
#if defined(WOLFSSL_HW_METRICS)
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "------------- wolfSSL ESP HW AES Metrics----------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "esp_aes_unsupported_length_usage_ct = %lu",
esp_aes_unsupported_length_usage_ct);
#else
/* no HW math, no HW math metrics */
#endif /* WOLFSSL_HW_METRICS */
return ret;
}
#endif /* WOLFSSL_ESP32_CRYPT && !NO_WOLFSSL_ESP32_CRYPT_AES */
#endif /* WOLFSSL_ESPIDF */

1355
wolfcrypt/src/port/Espressif/esp32_mp.c
View File

File diff suppressed because it is too large Load Diff

1082
wolfcrypt/src/port/Espressif/esp32_sha.c
View File

File diff suppressed because it is too large Load Diff

468
wolfcrypt/src/port/Espressif/esp32_util.c
View File

@ -19,6 +19,28 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
/* Reminder: user_settings.h is needed and included from settings.h
* Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
#include "sdkconfig.h" /* programmatically generated from sdkconfig */
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
/* Espressif */
#include <esp_log.h>
#include <esp_err.h>
#include <hal/efuse_hal.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/wolfmath.h> /* needed to print MATH_INT_T value */
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/version.h>
/*
** Version / Platform info.
**
@ -26,23 +48,25 @@
** https://github.com/wolfSSL/wolfssl/pull/6149
*/
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/wolfmath.h> /* needed to print MATH_INT_T value */
#if defined(WOLFSSL_ESPIDF)
#include <esp_log.h>
#include "sdkconfig.h"
#define WOLFSSL_VERSION_PRINTF(...) ESP_LOGI(TAG, __VA_ARGS__)
#else
#include <stdio.h>
#define WOLFSSL_VERSION_PRINTF(...) { printf(__VA_ARGS__); printf("\n"); }
#endif
#define WOLFSSL_VERSION_PRINTF(...) ESP_LOGI(TAG, __VA_ARGS__)
/*
* If used in other platforms:
* #include <stdio.h>
* #define WOLFSSL_VERSION_PRINTF(...) { printf(__VA_ARGS__); printf("\n"); }
*/
static const char* TAG = "esp32_util";
/* some functions are only applicable when hardware encryption is enabled */
/* Variable holding number of times ESP32 restarted since first boot.
* It is placed into RTC memory using RTC_DATA_ATTR and
* maintains its value when ESP32 wakes from deep sleep.
*/
RTC_DATA_ATTR static int _boot_count = 0;
static int esp_ShowMacroStatus_need_header = 0;
/* Some helpers for macro display */
#define STRING_OF(macro) #macro
#define STR_IFNDEF(macro) STRING_OF(macro)
#if defined(WOLFSSL_ESP32_CRYPT) && \
(!defined(NO_AES) || !defined(NO_SHA) || !defined(NO_SHA256) ||\
defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512))
@ -51,6 +75,7 @@ static const char* TAG = "esp32_util";
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
/* big nums can be very long, perhaps unitialized, so limit displayed words */
#define MAX_WORDS_ESP_SHOW_MP 32
/*
@ -62,7 +87,7 @@ static const char* TAG = "esp32_util";
* other value from wc_InitMutex()
*
*/
WOLFSSL_LOCAL int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex) {
int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex) {
if (mutex == NULL) {
return BAD_MUTEX_E;
}
@ -72,9 +97,10 @@ WOLFSSL_LOCAL int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex) {
/*
* call the ESP-IDF mutex lock; xSemaphoreTake
*
* this is a general mutex locker, used for different mutex objects for
* different HW acclerators or other single-use HW features.
*/
WOLFSSL_LOCAL int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t block_time) {
int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t block_time) {
if (mutex == NULL) {
WOLFSSL_ERROR_MSG("esp_CryptHwMutexLock called with null mutex");
return BAD_MUTEX_E;
@ -83,7 +109,7 @@ WOLFSSL_LOCAL int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t block_ti
#ifdef SINGLE_THREADED
return wc_LockMutex(mutex); /* xSemaphoreTake take with portMAX_DELAY */
#else
return ((xSemaphoreTake( *mutex, block_time ) == pdTRUE) ? 0 : BAD_MUTEX_E);
return ((xSemaphoreTake(*mutex, block_time) == pdTRUE) ? 0 : BAD_MUTEX_E);
#endif
}
@ -91,7 +117,7 @@ WOLFSSL_LOCAL int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t block_ti
* call the ESP-IDF mutex UNlock; xSemaphoreGive
*
*/
WOLFSSL_LOCAL int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
if (mutex == NULL) {
WOLFSSL_ERROR_MSG("esp_CryptHwMutexLock called with null mutex");
return BAD_MUTEX_E;
@ -101,7 +127,7 @@ WOLFSSL_LOCAL int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
return wc_UnLockMutex(mutex);
#else
xSemaphoreGive(*mutex);
return 0;
return ESP_OK;
#endif
}
#endif /* WOLFSSL_ESP32_CRYPT, etc. */
@ -122,7 +148,7 @@ WOLFSSL_LOCAL int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
** Specific platforms: Espressif
*/
#if defined(WOLFSSL_ESPIDF)
static int ShowExtendedSystemInfo_platform_espressif()
static int ShowExtendedSystemInfo_platform_espressif(void)
{
#if defined(CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ)
WOLFSSL_VERSION_PRINTF("CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ: %u MHz",
@ -161,8 +187,13 @@ static int ShowExtendedSystemInfo_platform_espressif()
char thisHWM = 0;
WOLFSSL_VERSION_PRINTF("Stack HWM: %x", (size_t) &thisHWM);
#else
WOLFSSL_VERSION_PRINTF("Stack HWM: %d",
uxTaskGetStackHighWaterMark(NULL));
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
{
WOLFSSL_VERSION_PRINTF("Stack HWM: %d",
uxTaskGetStackHighWaterMark(NULL));
}
#endif /* INCLUDE_uxTaskGetStackHighWaterMark */
#endif
#elif CONFIG_IDF_TARGET_ESP32S2
@ -190,42 +221,62 @@ static int ShowExtendedSystemInfo_platform_espressif()
#else
/* first show what platform hardware acceleration is enabled
** (some new platforms may not be supported yet) */
#if defined(CONFIG_IDF_TARGET_ESP32)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32.");
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-S2.");
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-S3.");
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C3.");
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C6.");
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-H2.");
#else
/* this should have been detected & disabled in user_settins.h */
#error "ESP32_CRYPT not yet supported on this IDF TARGET"
#if defined(CONFIG_IDF_TARGET_ESP32)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32.");
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-S2.");
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-S3.");
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C3.");
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C6.");
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-H2.");
#else
/* this should have been detected & disabled in user_settins.h */
#error "ESP32_CRYPT not yet supported on this IDF TARGET"
#endif
/* Even though enabled, some specifics may be disabled */
#if defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_HASH is defined!"
"(disabled HW SHA).");
#endif
#if defined(NO_WOLFSSL_ESP32_CRYPT_AES)
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_AES is defined!"
"(disabled HW AES).");
#endif
#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_RSA_PRI defined!"
"(disabled HW RSA)");
#endif
#endif
/* Even though enabled, some specifics may be disabled */
#if defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_HASH is defined!"
"(disabled HW SHA).");
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
WOLFSSL_VERSION_PRINTF("SM Ciphers enabled");
#if defined(WOLFSSL_SM2)
WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM2 enabled");
#else
WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM2 NOT enabled");
#endif
#if defined(WOLFSSL_SM3)
WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM3 enabled");
#else
WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM3 NOT enabled");
#endif
#if defined(WOLFSSL_SM4)
WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM4 enabled");
#else
WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM4 NOT enabled");
#endif
#endif
#if defined(NO_WOLFSSL_ESP32_CRYPT_AES)
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_AES is defined!"
"(disabled HW AES).");
#endif
#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_RSA_PRI defined!"
"(disabled HW RSA)");
#endif
#endif /* ! NO_ESP32_CRYPT */
return 0;
return ESP_OK;
}
#endif
@ -238,22 +289,13 @@ static int ShowExtendedSystemInfo_platform_espressif()
/*
** All platforms: git details
*/
static int ShowExtendedSystemInfo_git()
static int ShowExtendedSystemInfo_git(void)
{
#if defined(HAVE_WC_INTROSPECTION) && !defined(ALLOW_BINARY_MISMATCH_INTROSPECTION)
#pragma message("WARNING: both HAVE_VERSION_EXTENDED_INFO and " \
"HAVE_WC_INTROSPECTION are enabled. Some extended " \
"information details will not be available.")
WOLFSSL_VERSION_PRINTF("HAVE_WC_INTROSPECTION enabled. "
"Some extended system details not available.");
#else
/* Display some interesting git values that may change,
** but not desired for introspection which requires object code to be
** maximally bitwise-invariant.
*/
#if defined(LIBWOLFSSL_VERSION_GIT_TAG)
/* git config describe --tags --abbrev=0 */
WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_TAG = %s",
@ -290,14 +332,13 @@ static int ShowExtendedSystemInfo_git()
LIBWOLFSSL_VERSION_GIT_HASH_DATE);
#endif
#endif /* else not HAVE_WC_INTROSPECTION */
return 0;
return ESP_OK;
}
/*
** All platforms: thread details
*/
static int ShowExtendedSystemInfo_thread()
static int ShowExtendedSystemInfo_thread(void)
{
/* all platforms: stack high water mark check */
#if defined(SINGLE_THREADED)
@ -305,13 +346,13 @@ static int ShowExtendedSystemInfo_thread()
#else
WOLFSSL_VERSION_PRINTF("NOT SINGLE_THREADED");
#endif
return 0;
return ESP_OK;
}
/*
** All Platforms: platform details
*/
static int ShowExtendedSystemInfo_platform()
static int ShowExtendedSystemInfo_platform(void)
{
#if defined(WOLFSSL_ESPIDF)
#if defined(CONFIG_IDF_TARGET)
@ -320,44 +361,233 @@ static int ShowExtendedSystemInfo_platform()
ShowExtendedSystemInfo_platform_espressif();
#endif
#endif
return 0;
return ESP_OK;
}
int esp_increment_boot_count(void)
{
return ++_boot_count;
}
int esp_current_boot_count(void)
{
return _boot_count;
}
/* See macro helpers above; not_defined is macro name when *not* defined */
static int esp_ShowMacroStatus(char* s, char* not_defined)
{
char hd1[] = "Macro Name Defined Not Defined";
char hd2[] = "------------------------- --------- -------------";
char msg[] = "......................... ";
/* 012345678901234567890123456789012345678901234567890 */
/* 1 2 3 4 5 */
size_t i = 0;
#define MAX_STATUS_NAME_LENGTH 25
#define ESP_SMS_ENA_POS 30
#define ESP_SMS_DIS_POS 42
/* save our string (s) into the space-padded message (msg) */
while (s[i] != '\0' && msg[i] != '\0' && (i < MAX_STATUS_NAME_LENGTH)) {
msg[i] = s[i];
i++;
}
/* Depending on if defined, put an "x" in the appropriate column */
if (not_defined == NULL || not_defined[0] == '\0') {
msg[ESP_SMS_ENA_POS] = 'X';
}
else {
msg[ESP_SMS_DIS_POS] = 'X';
}
/* do we need a header? */
if (esp_ShowMacroStatus_need_header) {
ESP_LOGI(TAG, "%s", hd1);
ESP_LOGI(TAG, "%s", hd2);
esp_ShowMacroStatus_need_header = 0;
}
/* show the macro name with the "x" in the defined/not defined column */
ESP_LOGI(TAG, "%s", msg);
return ESP_OK;
}
/* Show some interesting settings */
int esp_ShowHardwareAcclerationSettings(void)
{
esp_ShowMacroStatus_need_header = 1;
esp_ShowMacroStatus("HW_MATH_ENABLED", STR_IFNDEF(HW_MATH_ENABLED));
esp_ShowMacroStatus("RSA_LOW_MEM", STR_IFNDEF(RSA_LOW_MEM));
esp_ShowMacroStatus("WOLFSSL_SHA224", STR_IFNDEF(WOLFSSL_SHA224));
esp_ShowMacroStatus("WOLFSSL_SHA384", STR_IFNDEF(WOLFSSL_SHA384));
esp_ShowMacroStatus("WOLFSSL_SHA512", STR_IFNDEF(WOLFSSL_SHA512));
esp_ShowMacroStatus("WOLFSSL_SHA3", STR_IFNDEF(WOLFSSL_SHA3));
esp_ShowMacroStatus("HAVE_ED25519", STR_IFNDEF(HAVE_ED25519));
esp_ShowMacroStatus("USE_FAST_MATH", STR_IFNDEF(USE_FAST_MATH));
esp_ShowMacroStatus("WOLFSSL_SP_MATH_ALL", STR_IFNDEF(WOLFSSL_SP_MATH_ALL));
esp_ShowMacroStatus("WOLFSSL_SP_RISCV32", STR_IFNDEF(WOLFSSL_SP_RISCV32));
esp_ShowMacroStatus("SP_MATH", STR_IFNDEF(SP_MATH));
esp_ShowMacroStatus("WOLFSSL_HW_METRICS", STR_IFNDEF(WOLFSSL_HW_METRICS));
#ifdef USE_FAST_MATH
ESP_LOGI(TAG, "USE_FAST_MATH");
#endif /* USE_FAST_MATH */
#ifdef WOLFSSL_SP_MATH_ALL
#ifdef WOLFSSL_SP_RISCV32
ESP_LOGI(TAG, "WOLFSSL_SP_MATH_ALL + WOLFSSL_SP_RISCV32");
#else
ESP_LOGI(TAG, "WOLFSSL_SP_MATH_ALL");
#endif
#endif /* WOLFSSL_SP_MATH_ALL */
ESP_LOGI(TAG, "");
return ESP_OK;
}
/*
*******************************************************************************
** The internal, portable, but currently private ShowExtendedSystemInfo()
*******************************************************************************
*/
int ShowExtendedSystemInfo(void)
{
WOLFSSL_VERSION_PRINTF("Extended Version and Platform Information.");
#if defined(LIBWOLFSSL_VERSION_STRING)
WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_STRING = %s",
LIBWOLFSSL_VERSION_STRING);
{
unsigned chip_rev = -1;
#ifdef HAVE_ESP_CLK
/* esp_clk.h is private */
int cpu_freq = 0;
#endif
#if defined(LIBWOLFSSL_VERSION_HEX)
WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_HEX = %x",
LIBWOLFSSL_VERSION_HEX);
WOLFSSL_VERSION_PRINTF("Extended Version and Platform Information.");
#if defined(HAVE_WC_INTROSPECTION) && \
!defined(ALLOW_BINARY_MISMATCH_INTROSPECTION)
#pragma message("WARNING: both HAVE_VERSION_EXTENDED_INFO and " \
"HAVE_WC_INTROSPECTION are enabled. Some extended " \
"information details will not be available.")
WOLFSSL_VERSION_PRINTF("HAVE_WC_INTROSPECTION enabled. "
"Some extended system details not available.");
#endif /* else not HAVE_WC_INTROSPECTION */
chip_rev = efuse_hal_chip_revision();
ESP_LOGI(TAG, "Chip revision: v%d.%d", chip_rev / 100, chip_rev % 100);
#ifdef HAVE_ESP_CLK
cpu_freq = esp_clk_cpu_freq();
ESP_EARLY_LOGI(TAG, "cpu freq: %d Hz", cpu_freq);
#endif
#if defined(SHOW_SSID_AND_PASSWORD)
ESP_LOGW(TAG, "WARNING: SSID and plain text WiFi "
"password displayed in startup logs. ");
ESP_LOGW(TAG, "Remove SHOW_SSID_AND_PASSWORD from user_settings.h "
"to disable.");
#else
ESP_LOGI(TAG, "SSID and plain text WiFi "
"password not displayed in startup logs.");
ESP_LOGI(TAG, " Define SHOW_SSID_AND_PASSWORD to enable display.");
#endif
#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
/* CMake may have detected undesired multiple installs, so give warning. */
WOLFSSL_VERSION_PRINTF("");
WOLFSSL_VERSION_PRINTF("WARNING: Multiple wolfSSL installs found.");
WOLFSSL_VERSION_PRINTF("Check ESP-IDF and local project [components] directory.");
WOLFSSL_VERSION_PRINTF("");
/* CMake may have detected undesired multiple installs, so give warning. */
WOLFSSL_VERSION_PRINTF("");
WOLFSSL_VERSION_PRINTF("WARNING: Multiple wolfSSL installs found.");
WOLFSSL_VERSION_PRINTF("Check ESP-IDF components and "
"local project [components] directory.");
WOLFSSL_VERSION_PRINTF("");
#else
#ifdef WOLFSSL_USER_SETTINGS_DIR
{
ESP_LOGI(TAG, "Using wolfSSL user_settings.h in %s",
WOLFSSL_USER_SETTINGS_DIR);
}
#else
{
ESP_LOGW(TAG, "Warning: old cmake, user_settings.h location unknown.");
}
#endif
#endif
ShowExtendedSystemInfo_git(); /* may be limited during active introspection */
ShowExtendedSystemInfo_platform();
ShowExtendedSystemInfo_thread();
return 0;
}
#if defined(LIBWOLFSSL_VERSION_STRING)
WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_STRING = %s",
LIBWOLFSSL_VERSION_STRING);
#endif
WOLFSSL_LOCAL int esp_ShowExtendedSystemInfo()
#if defined(LIBWOLFSSL_VERSION_HEX)
WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_HEX = %x",
LIBWOLFSSL_VERSION_HEX);
#endif
/* some interesting settings are target specific (ESP32, -C3, -S3, etc */
#if defined(CONFIG_IDF_TARGET_ESP32)
/* ESP_RSA_MULM_BITS should be set to at least 16 for ESP32 */
#if defined(ESP_RSA_MULM_BITS)
#if (ESP_RSA_MULM_BITS < 16)
ESP_LOGW(TAG, "Warning: ESP_RSA_MULM_BITS < 16 for ESP32");
#endif
#else
ESP_LOGW(TAG, "Warning: ESP_RSA_MULM_BITS not defined for ESP32");
#endif
#elif defined(CONFIG_IDF_TARGET_ESP32C2)
ESP_LOGI(TAG, "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
);
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
ESP_LOGI(TAG, "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
);
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
ESP_LOGI(TAG, "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
);
/* ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount); */
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
#if defined(CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ)
ESP_LOGI(TAG, "CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
);
#endif
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
#if defined(CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ)
ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
);
#endif
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#else
#endif
/* all platforms: stack high water mark check */
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
#endif
ESP_LOGI(TAG, "");
esp_ShowHardwareAcclerationSettings();
ShowExtendedSystemInfo_git();
ShowExtendedSystemInfo_platform();
ShowExtendedSystemInfo_thread();
/* show number of RTC sleep boots */
esp_increment_boot_count();
ESP_LOGI(TAG, "Boot count: %d", esp_current_boot_count());
return ESP_OK;
}
int esp_ShowExtendedSystemInfo(void)
{
/* Someday the ShowExtendedSystemInfo may be global.
* See https://github.com/wolfSSL/wolfssl/pull/6149 */
return ShowExtendedSystemInfo();
}
@ -366,12 +596,13 @@ WOLFSSL_LOCAL int esp_ShowExtendedSystemInfo()
* Note with the right string parameters, the result can be pasted as
* initialization code.
*/
WOLFSSL_LOCAL int esp_show_mp_attributes(char* c, MATH_INT_T* X)
int esp_show_mp_attributes(char* c, MATH_INT_T* X)
{
static const char* MP_TAG = "MATH_INT_T";
int ret = 0;
int ret = ESP_OK;
if (X == NULL) {
ret = -1;
ret = ESP_FAIL;
ESP_LOGV(MP_TAG, "esp_show_mp_attributes called with X == NULL");
}
else {
@ -389,15 +620,14 @@ WOLFSSL_LOCAL int esp_show_mp_attributes(char* c, MATH_INT_T* X)
* Note with the right string parameters, the result can be pasted as
* initialization code.
*/
WOLFSSL_LOCAL int esp_show_mp(char* c, MATH_INT_T* X)
int esp_show_mp(char* c, MATH_INT_T* X)
{
static const char* MP_TAG = "MATH_INT_T";
int ret = MP_OKAY;
int words_to_show = 0;
size_t i;
if (X == NULL) {
ret = -1;
ret = ESP_FAIL;
ESP_LOGV(MP_TAG, "esp_show_mp called with X == NULL");
}
else {
@ -420,7 +650,7 @@ WOLFSSL_LOCAL int esp_show_mp(char* c, MATH_INT_T* X)
#endif
ESP_LOGI(MP_TAG, "%s:",c);
esp_show_mp_attributes(c, X);
for (i = 0; i < words_to_show; i++) {
for (size_t i = 0; i < words_to_show; i++) {
ESP_LOGI(MP_TAG, "%s.dp[%2d] = 0x%08x; /* %2d */ ",
c, /* the supplied variable name */
i, /* the index, i for dp[%d] */
@ -435,12 +665,10 @@ WOLFSSL_LOCAL int esp_show_mp(char* c, MATH_INT_T* X)
/* Perform a full mp_cmp and binary compare.
* (typically only used during debugging) */
WOLFSSL_LOCAL int esp_mp_cmp(char* name_A, MATH_INT_T* A, char* name_B, MATH_INT_T* B)
int esp_mp_cmp(char* name_A, MATH_INT_T* A, char* name_B, MATH_INT_T* B)
{
int ret = MP_OKAY;
int e;
e = memcmp(A, B, sizeof(mp_int));
int e = memcmp(A, B, sizeof(mp_int));
if (mp_cmp(A, B) == MP_EQ) {
if (e == 0) {
/* we always want to be here: both esp_show_mp and binary equal! */
@ -486,10 +714,38 @@ WOLFSSL_LOCAL int esp_mp_cmp(char* name_A, MATH_INT_T* A, char* name_B, MATH_INT
name_A, name_B);
}
else {
#ifdef DEBUG_WOLFSSL
esp_show_mp(name_A, A);
esp_show_mp(name_B, B);
#endif
/* esp_show_mp(name_A, A); */
/* esp_show_mp(name_B, B); */
}
return ret;
}
int esp_hw_show_metrics(void)
{
#if defined(WOLFSSL_HW_METRICS)
#if defined(WOLFSSL_ESP32_CRYPT)
esp_hw_show_sha_metrics();
#else
ESP_LOGI(TAG, "WOLFSSL_ESP32_CRYPT");
#endif
#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI)
esp_hw_show_mp_metrics();
#else
ESP_LOGI(TAG, "WOLFSSL_ESP32_CRYPT_RSA_PRI not defined,"
"HW math not enabled");
#endif
#if defined(NO_WOLFSSL_ESP32_CRYPT_AES)
ESP_LOGI(TAG, "NO_WOLFSSL_ESP32_CRYPT_AES is defined,"
"HW AES not enabled");
#else
esp_hw_show_aes_metrics();
#endif
#else
ESP_LOGV(TAG, "WOLFSSL_HW_METRICS is not enabled");
#endif
return ESP_OK;
}
#endif /* WOLFSSL_ESPIDF */

3
wolfcrypt/src/random.c
View File

@ -3394,7 +3394,8 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
/* Espressif ESP32 */
#include <esp_system.h>
#if defined(CONFIG_IDF_TARGET_ESP32S3)
#if defined(CONFIG_IDF_TARGET_ESP32S2) || \
defined(CONFIG_IDF_TARGET_ESP32S3)
#include <esp_random.h>
#endif

146
wolfcrypt/src/sha.c
View File

@ -58,7 +58,9 @@
#include <wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h>
#endif
/* Assume no hash HW available until supporting HW found. */
#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#if defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
/* define a single keyword for simplicity & readability
@ -533,9 +535,9 @@ static WC_INLINE void AddLength(wc_Sha* sha, word32 len)
/*
** wolfCrypt InitSha256 external wrapper.
** wolfCrypt InitSha external wrapper.
**
** we'll assume this is ALWAYS for a new, uninitialized sha256
** we'll assume this is ALWAYS for a new, uninitialized sha
*/
int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
{
@ -569,7 +571,7 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
sha->heap, devId);
#else
(void)devId;
# endif /* WOLFSSL_ASYNC_CRYPT */
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLFSSL_IMXRT1170_CAAM
ret = wc_CAAM_HashInit(&sha->hndl, &sha->ctx, WC_HASH_TYPE_SHA);
#endif
@ -630,21 +632,43 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
len -= blocksLen;
if (sha->buffLen == WC_SHA_BLOCK_SIZE) {
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_INIT) {
#if defined(WOLFSSL_DEBUG_MUTEX)
{
ESP_LOGI(TAG, "wc_ShaUpdate try hardware");
}
#endif
esp_sha_try_hw_lock(&sha->ctx);
}
#endif
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) \
&& defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
if (esp_sha_need_byte_reversal(&sha->ctx))
#endif
{
ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
}
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_INIT) {
ESP_LOGV(TAG, "wc_ShaUpdate try hardware");
esp_sha_try_hw_lock(&sha->ctx);
}
if (sha->ctx.mode == ESP32_SHA_SW) {
ESP_LOGI(TAG, "wc_ShaUpdate process software");
#if defined(WOLFSSL_DEBUG_MUTEX)
{
ESP_LOGI(TAG, "wc_ShaUpdate process software");
}
#endif
ret = XTRANSFORM(sha, (const byte*)local);
}
else {
ESP_LOGV(TAG, "wc_ShaUpdate process hardware");
#if defined(WOLFSSL_DEBUG_MUTEX)
{
ESP_LOGI(TAG, "wc_ShaUpdate process hardware");
}
#endif
esp_sha_process(sha, (const byte*)local);
}
#elif defined (WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
@ -691,14 +715,24 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
data += WC_SHA_BLOCK_SIZE;
len -= WC_SHA_BLOCK_SIZE;
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
ByteReverseWords(local32, local32, WC_SHA_BLOCK_SIZE);
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_INIT){
esp_sha_try_hw_lock(&sha->ctx);
}
#endif
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
if (esp_sha_need_byte_reversal(&sha->ctx))
#endif
{
ByteReverseWords(local32, local32, WC_SHA_BLOCK_SIZE);
}
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_SW){
ret = XTRANSFORM(sha, (const byte*)local32);
}
@ -731,7 +765,14 @@ int wc_ShaFinalRaw(wc_Sha* sha, byte* hash)
}
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords((word32*)digest, (word32*)sha->digest, WC_SHA_DIGEST_SIZE);
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
if (esp_sha_need_byte_reversal(&sha->ctx))
#endif
{
ByteReverseWords((word32*)digest, (word32*)sha->digest, WC_SHA_DIGEST_SIZE);
}
XMEMCPY(hash, (byte *)&digest[0], WC_SHA_DIGEST_SIZE);
#else
XMEMCPY(hash, sha->digest, WC_SHA_DIGEST_SIZE);
@ -785,16 +826,25 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
XMEMSET(&local[sha->buffLen], 0, WC_SHA_BLOCK_SIZE - sha->buffLen);
sha->buffLen += WC_SHA_BLOCK_SIZE - sha->buffLen;
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
/* For a fresh sha.ctx, try to use hardware acceleration */
if (sha->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha->ctx);
}
#endif
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
if (esp_sha_need_byte_reversal(&sha->ctx))
#endif
{
ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
}
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
/* if HW was busy, we may need to fall back to SW. */
if (sha->ctx.mode == ESP32_SHA_SW) {
ret = XTRANSFORM(sha, (const byte*)local);
@ -802,9 +852,6 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
else {
ret = esp_sha_process(sha, (const byte*)local);
}
#elif defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
/* The ESP32C3 is different; SW crypto here. Not yet implemented */
ret = XTRANSFORM(sha, (const byte*)local);
#else
/*
** The #if defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW) also falls
@ -817,12 +864,25 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
}
sha->buffLen = 0;
} /* (sha->buffLen > WC_SHA_PAD_SIZE) */
} /* (sha->buffLen > WC_SHA_PAD_SIZE) */
XMEMSET(&local[sha->buffLen], 0, WC_SHA_PAD_SIZE - sha->buffLen);
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha->ctx);
}
#endif
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
if (esp_sha_need_byte_reversal(&sha->ctx))
#endif
{ /* reminder local also points to sha->buffer */
ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
}
#endif
/* store lengths */
@ -841,10 +901,28 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
2 * sizeof(word32));
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha->ctx);
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
if (sha->ctx.mode == ESP32_SHA_HW) {
#if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
{
ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness.");
}
#endif
ByteReverseWords(&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* out */
&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* in */
2 * sizeof(word32) /* byte count to reverse */
);
#if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
{
ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness.");
}
#endif
} /* end if (sha->ctx.mode == ESP32_SHA_HW) */
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_SW) {
ret = XTRANSFORM(sha, (const byte*)local);
}
@ -860,7 +938,14 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
#endif
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE);
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
if (esp_sha_need_byte_reversal(&sha->ctx))
#endif
{
ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE);
}
#endif
XMEMCPY(hash, (byte *)&sha->digest[0], WC_SHA_DIGEST_SIZE);
@ -869,7 +954,6 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
* which may cause fall back to SW if HW is busy. we do not return result
* of initSha here */
(void)InitSha(sha); /* reset state */
return ret;
}
@ -906,6 +990,10 @@ void wc_ShaFree(wc_Sha* sha)
if (sha == NULL)
return;
#if defined(WOLFSSL_ESP32) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
esp_sha_release_unfinished_lock(&sha->ctx);
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
wolfAsync_DevCtxFree(&sha->asyncDev, WOLFSSL_ASYNC_MARKER_SHA);
#endif /* WOLFSSL_ASYNC_CRYPT */

234
wolfcrypt/src/sha256.c
View File

@ -701,6 +701,8 @@ static int InitSha256(wc_Sha256* sha256)
#define NEED_SOFT_SHA256
/*
** An Espressif-specific InitSha256()
**
** soft SHA needs initialization digest, but HW does not.
*/
static int InitSha256(wc_Sha256* sha256)
@ -711,6 +713,8 @@ static int InitSha256(wc_Sha256* sha256)
return BAD_FUNC_ARG;
}
/* We may or may not need initial digest for HW.
* Always needed for SW-only. */
sha256->digest[0] = 0x6A09E667L;
sha256->digest[1] = 0xBB67AE85L;
sha256->digest[2] = 0x3C6EF372L;
@ -724,13 +728,14 @@ static int InitSha256(wc_Sha256* sha256)
sha256->loLen = 0;
sha256->hiLen = 0;
#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
ret = esp_sha_init(&(sha256->ctx), WC_HASH_TYPE_SHA256);
#endif
return ret;
}
/*
** wolfCrypt InitSha256 external wrapper.
** An Espressif-specific wolfCrypt InitSha256 external wrapper.
**
** we'll assume this is ALWAYS for a new, uninitialized sha256
*/
@ -742,12 +747,14 @@ static int InitSha256(wc_Sha256* sha256)
}
#ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
/* We know this is a fresh, uninitialized item, so set to INIT */
if (sha256->ctx.mode != ESP32_SHA_INIT) {
ESP_LOGV(TAG, "Set ctx mode from prior value: "
"%d", sha256->ctx.mode);
}
sha256->ctx.mode = ESP32_SHA_INIT;
#endif
#endif
return InitSha256(sha256);
@ -1051,33 +1058,61 @@ static int InitSha256(wc_Sha256* sha256)
len -= blocksLen;
if (sha256->buffLen == WC_SHA256_BLOCK_SIZE) {
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_INIT) {
ESP_LOGV(TAG, "Sha256Update try hardware");
esp_sha_try_hw_lock(&sha256->ctx);
}
#endif
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
#if defined(WOLFSSL_X86_64_BUILD) && \
defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
#endif
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (esp_sha_need_byte_reversal(&sha256->ctx))
#endif
{
ByteReverseWords(sha256->buffer, sha256->buffer,
WC_SHA256_BLOCK_SIZE);
}
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha256->ctx.mode == ESP32_SHA_INIT) {
ESP_LOGV(TAG, "Sha256Update try hardware");
esp_sha_try_hw_lock(&sha256->ctx);
}
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_SW) {
ESP_LOGV(TAG, "Sha256Update process software");
#if defined(WOLFSSL_DEBUG_MUTEX)
{
ESP_LOGI(TAG, "Sha256Update process software");
}
#endif
#ifdef WOLFSSL_HW_METRICS
{
/* Track of # SW during transforms during active HW */
esp_sw_sha256_count_add();
}
#endif /* WOLFSSL_HW_METRICS */
ret = XTRANSFORM(sha256, (const byte*)local);
}
else {
ESP_LOGV(TAG, "Sha256Update process hardware");
#if defined(WOLFSSL_DEBUG_MUTEX)
{
ESP_LOGI(TAG, "Sha256Update process hardware");
}
#endif
esp_sha256_process(sha256, (const byte*)local);
}
#else
/* Always SW */
ret = XTRANSFORM(sha256, (const byte*)local);
#endif
@ -1135,8 +1170,22 @@ static int InitSha256(wc_Sha256* sha256)
data += WC_SHA256_BLOCK_SIZE;
len -= WC_SHA256_BLOCK_SIZE;
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined( NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_INIT){
ESP_LOGV(TAG, "Sha256Update try hardware loop");
esp_sha_try_hw_lock(&sha256->ctx);
}
#endif
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (esp_sha_need_byte_reversal(&sha256->ctx))
#endif
#if defined(WOLFSSL_X86_64_BUILD) && \
defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
@ -1147,11 +1196,8 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha256->ctx.mode == ESP32_SHA_INIT){
ESP_LOGV(TAG, "Sha256Update try hardware loop");
esp_sha_try_hw_lock(&sha256->ctx);
}
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_SW) {
ESP_LOGV(TAG, "Sha256Update process software loop");
ret = XTRANSFORM(sha256, (const byte*)local32);
@ -1243,7 +1289,21 @@ static int InitSha256(wc_Sha256* sha256)
WC_SHA256_BLOCK_SIZE - sha256->buffLen);
sha256->buffLen += WC_SHA256_BLOCK_SIZE - sha256->buffLen;
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha256->ctx);
}
#endif
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (esp_sha_need_byte_reversal(&sha256->ctx))
#endif
#if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
@ -1254,7 +1314,8 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha256->ctx);
}
@ -1275,13 +1336,27 @@ static int InitSha256(wc_Sha256* sha256)
XMEMSET(&local[sha256->buffLen], 0,
WC_SHA256_PAD_SIZE - sha256->buffLen);
/* put lengths in bits */
/* put 64 bit length in separate 32 bit parts */
sha256->hiLen = (sha256->loLen >> (8 * sizeof(sha256->loLen) - 3)) +
(sha256->hiLen << 3);
sha256->loLen = sha256->loLen << 3;
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha256->ctx);
}
#endif
/* store lengths */
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (esp_sha_need_byte_reversal(&sha256->ctx))
#endif
#if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
@ -1291,11 +1366,33 @@ static int InitSha256(wc_Sha256* sha256)
WC_SHA256_BLOCK_SIZE);
}
#endif
/* ! length ordering dependent on digest endian type ! */
/* ! 64-bit length ordering dependent on digest endian type ! */
XMEMCPY(&local[WC_SHA256_PAD_SIZE], &sha256->hiLen, sizeof(word32));
XMEMCPY(&local[WC_SHA256_PAD_SIZE + sizeof(word32)], &sha256->loLen,
sizeof(word32));
/* Only the ESP32-C3 with HW enabled may need pad size byte order reversal
* depending on HW or SW mode */
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_HW) {
#if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness.");
#endif
ByteReverseWords(
&sha256->buffer[WC_SHA256_PAD_SIZE / sizeof(word32)], /* out */
&sha256->buffer[WC_SHA256_PAD_SIZE / sizeof(word32)], /* in */
2 * sizeof(word32) /* byte count to reverse */
);
#if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness.");
#endif
} /* end if (sha256->ctx.mode == ESP32_SHA_HW) */
#endif
#if defined(FREESCALE_MMCAU_SHA) || \
(defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2)))
@ -1312,10 +1409,13 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha256->ctx);
}
/* depending on architecture and ctx.mode value
* we may or may not need default digest */
if (sha256->ctx.mode == ESP32_SHA_SW) {
ret = XTRANSFORM(sha256, (const byte*)local);
}
@ -1342,8 +1442,18 @@ static int InitSha256(wc_Sha256* sha256)
}
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords((word32*)digest, (word32*)sha256->digest,
WC_SHA256_DIGEST_SIZE);
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (esp_sha_need_byte_reversal(&sha256->ctx))
#endif
{
ByteReverseWords((word32*)digest,
(word32*)sha256->digest,
WC_SHA256_DIGEST_SIZE);
}
XMEMCPY(hash, digest, WC_SHA256_DIGEST_SIZE);
#else
XMEMCPY(hash, sha256->digest, WC_SHA256_DIGEST_SIZE);
@ -1387,7 +1497,16 @@ static int InitSha256(wc_Sha256* sha256)
}
#if defined(LITTLE_ENDIAN_ORDER)
ByteReverseWords(sha256->digest, sha256->digest, WC_SHA256_DIGEST_SIZE);
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (esp_sha_need_byte_reversal(&sha256->ctx))
#endif
{
ByteReverseWords(sha256->digest, sha256->digest,
WC_SHA256_DIGEST_SIZE);
}
#endif
XMEMCPY(hash, sha256->digest, WC_SHA256_DIGEST_SIZE);
@ -1560,9 +1679,11 @@ static int InitSha256(wc_Sha256* sha256)
sha224->used = 0;
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
/* not to be confused with HAS512_224 */
sha224->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
(!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
/* not to be confused with SHAS512_224 */
ret = esp_sha_init(&(sha224->ctx), WC_HASH_TYPE_SHA224);
#endif
return ret;
@ -1583,14 +1704,19 @@ static int InitSha256(wc_Sha256* sha256)
sha224->W = NULL;
#endif
#ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224)
/* We know this is a fresh, uninitialized item, so set to INIT */
if (sha224->ctx.mode != ESP32_SHA_SW) {
ESP_LOGV(TAG, "Set sha224 ctx mode init to ESP32_SHA_SW. "
"Prior value: %d", sha224->ctx.mode);
}
/* no sha224 HW support is available, set to SW */
sha224->ctx.mode = ESP32_SHA_SW;
sha224->ctx.mode = ESP32_SHA_SW;
#else
/* We know this is a fresh, uninitialized item, so set to INIT */
sha224->ctx.mode = ESP32_SHA_INIT;
#endif
#endif
ret = InitSha224(sha224);
@ -1608,7 +1734,9 @@ static int InitSha256(wc_Sha256* sha256)
ret = wc_CAAM_HashInit(&sha224->hndl, &sha224->ctx, WC_HASH_TYPE_SHA224);
#endif
#ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
(!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
if (sha224->ctx.mode != ESP32_SHA_INIT) {
ESP_LOGV("SHA224", "Set ctx mode from prior value: "
"%d", sha224->ctx.mode);
@ -1636,7 +1764,9 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif /* WOLFSSL_ASYNC_CRYPT */
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
(defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
sha224->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
#endif
@ -1662,8 +1792,11 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif /* WOLFSSL_ASYNC_CRYPT */
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
sha224->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
(!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
/* nothing enabled here for C3 success */
#endif
ret = Sha256Final((wc_Sha256*)sha224);
@ -1671,7 +1804,18 @@ static int InitSha256(wc_Sha256* sha256)
return ret;
#if defined(LITTLE_ENDIAN_ORDER)
ByteReverseWords(sha224->digest, sha224->digest, WC_SHA224_DIGEST_SIZE);
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && \
(!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
if (esp_sha_need_byte_reversal(&sha224->ctx))
#endif
{
ByteReverseWords(sha224->digest,
sha224->digest,
WC_SHA224_DIGEST_SIZE);
}
#endif
XMEMCPY(hash, sha224->digest, WC_SHA224_DIGEST_SIZE);
@ -1724,8 +1868,8 @@ static int InitSha256(wc_Sha256* sha256)
#endif
ForceZero(sha224, sizeof(*sha224));
}
#endif /* WOLFSSL_SHA224 */
#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
#endif /* WOLFSSL_SHA224 */
int wc_InitSha256(wc_Sha256* sha256)
@ -1746,6 +1890,12 @@ void wc_Sha256Free(wc_Sha256* sha256)
if (sha256 == NULL)
return;
#if defined(WOLFSSL_ESP32) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
esp_sha_release_unfinished_lock(&sha256->ctx);
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha256->W != NULL) {
ForceZero(sha256->W, sizeof(word32) * WC_SHA256_BLOCK_SIZE);
@ -1810,7 +1960,9 @@ void wc_Sha256Free(wc_Sha256* sha256)
#endif
/* Espressif embedded hardware acceleration specific: */
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.lockDepth > 0) {
/* probably due to unclean shutdown, error, or other problem.
*
@ -1827,7 +1979,7 @@ void wc_Sha256Free(wc_Sha256* sha256)
}
#endif
ForceZero(sha256, sizeof(*sha256));
}
} /* wc_Sha256Free */
#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
#ifdef WOLFSSL_HASH_KEEP
@ -1922,8 +2074,13 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz)
ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
ret = esp_sha224_ctx_copy(src, dst);
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
(!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
/* regardless of any other settings, there's no SHA-224 HW on ESP32 */
#ifndef CONFIG_IDF_TARGET_ESP32
ret = esp_sha224_ctx_copy(src, dst);
#endif
#endif
#ifdef WOLFSSL_HASH_FLAGS
@ -2061,7 +2218,8 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
esp_sha256_ctx_copy(src, dst);
#endif

99
wolfcrypt/src/sha512.c
View File

@ -32,12 +32,12 @@
/* determine if we are using Espressif SHA hardware acceleration */
#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#if defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
/* define a single keyword for simplicity & readability
#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
#include "sdkconfig.h"
/* Define a single keyword for simplicity & readability.
*
* by default the HW acceleration is on for ESP32-WROOM32
* but individual components can be turned off.
* By default the HW acceleration is on for ESP32 Chipsets,
* but individual components can be turned off. See user_settings.h
*/
#define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
static const char* TAG = "wc_sha_512";
@ -214,7 +214,8 @@ static int InitSha512(wc_Sha512* sha512)
sha512->loLen = 0;
sha512->hiLen = 0;
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
/* HW needs to be carefully initialized, taking into account soft copy.
** If already in use; copy may revert to SW as needed. */
@ -254,7 +255,8 @@ static int InitSha512_224(wc_Sha512* sha512)
sha512->loLen = 0;
sha512->hiLen = 0;
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
/* HW needs to be carefully initialized, taking into account soft copy.
** If already in use; copy may revert to SW as needed.
**
@ -296,7 +298,8 @@ static int InitSha512_256(wc_Sha512* sha512)
sha512->loLen = 0;
sha512->hiLen = 0;
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
/* HW needs to be carefully initialized, taking into account soft copy.
** If already in use; copy may revert to SW as needed.
**
@ -536,7 +539,8 @@ static int InitSha512_Family(wc_Sha512* sha512, void* heap, int devId,
int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
{
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
if (sha512->ctx.mode != ESP32_SHA_INIT) {
ESP_LOGV(TAG, "Set ctx mode from prior value: "
"%d", sha512->ctx.mode);
@ -552,7 +556,8 @@ int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId)
{
#ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
/* No SHA512/224 HW support is available, set to SW. */
sha512->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
#endif
@ -564,7 +569,8 @@ int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId)
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
int wc_InitSha512_256_ex(wc_Sha512* sha512, void* heap, int devId)
{
#ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
/* No SHA512/256 HW support is available on ESP32, set to SW. */
sha512->ctx.mode = ESP32_SHA_SW;
#endif
@ -756,14 +762,16 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le
#endif
{
#if !defined(WOLFSSL_ESP32_CRYPT) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ByteReverseWords64(sha512->buffer, sha512->buffer,
WC_SHA512_BLOCK_SIZE);
#endif
}
#endif
#if !defined(WOLFSSL_ESP32_CRYPT) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ret = Transform_Sha512(sha512);
#else
if(sha512->ctx.mode == ESP32_SHA_INIT) {
@ -829,12 +837,14 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le
data += WC_SHA512_BLOCK_SIZE;
len -= WC_SHA512_BLOCK_SIZE;
#if !defined(WOLFSSL_ESP32_CRYPT) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ByteReverseWords64(sha512->buffer, sha512->buffer,
WC_SHA512_BLOCK_SIZE);
#endif
#if !defined(WOLFSSL_ESP32_CRYPT) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ret = Transform_Sha512(sha512);
#else
if(sha512->ctx.mode == ESP32_SHA_INIT) {
@ -938,14 +948,16 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
{
#if !defined(WOLFSSL_ESP32_CRYPT) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ByteReverseWords64(sha512->buffer,sha512->buffer,
WC_SHA512_BLOCK_SIZE);
#endif
}
#endif /* LITTLE_ENDIAN_ORDER */
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
if (sha512->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha512->ctx);
}
@ -980,14 +992,16 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
#endif
#if !defined(WOLFSSL_ESP32_CRYPT) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ByteReverseWords64(sha512->buffer, sha512->buffer, WC_SHA512_PAD_SIZE);
#endif
#endif
/* ! length ordering dependent on digest endian type ! */
#if !defined(WOLFSSL_ESP32_CRYPT) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen;
sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen;
#endif
@ -1001,7 +1015,8 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
#endif
#if !defined(WOLFSSL_ESP32_CRYPT) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ret = Transform_Sha512(sha512);
#else
if(sha512->ctx.mode == ESP32_SHA_INIT) {
@ -1136,6 +1151,12 @@ void wc_Sha512Free(wc_Sha512* sha512)
if (sha512 == NULL)
return;
#if defined(WOLFSSL_ESP32) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
esp_sha_release_unfinished_lock(&sha512->ctx);
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha512->W != NULL) {
ForceZero(sha512->W, sizeof(word64) * 16);
@ -1291,7 +1312,8 @@ static int InitSha384(wc_Sha384* sha384)
sha384->loLen = 0;
sha384->hiLen = 0;
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
/* HW needs to be carefully initialized, taking into account soft copy.
** If already in use; copy may revert to SW as needed. */
esp_sha_init(&(sha384->ctx), WC_HASH_TYPE_SHA384);
@ -1417,7 +1439,8 @@ int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
sha384->devId = devId;
sha384->devCtx = NULL;
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
if (sha384->ctx.mode != ESP32_SHA_INIT) {
ESP_LOGV(TAG, "Set ctx mode from prior value: "
"%d", sha384->ctx.mode);
@ -1465,6 +1488,11 @@ void wc_Sha384Free(wc_Sha384* sha384)
if (sha384 == NULL)
return;
#if defined(WOLFSSL_ESP32) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
esp_sha_release_unfinished_lock(&sha384->ctx);
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha384->W != NULL) {
ForceZero(sha384->W, sizeof(word64) * 16);
@ -1581,9 +1609,23 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
#if defined(CONFIG_IDF_TARGET_ESP32)
if (ret == 0) {
ret = esp_sha512_ctx_copy(src, dst);
}
#elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
ESP_LOGV(TAG, "No SHA-512 HW on the ESP32-C3");
#elif defined(CONFIG_IDF_TARGET_ESP32S2) || \
defined(CONFIG_IDF_TARGET_ESP32S3)
if (ret == 0) {
ret = esp_sha512_ctx_copy(src, dst);
}
#else
ESP_LOGW(TAG, "No SHA384 HW or not yet implemented for %s",
CONFIG_IDF_TARGET);
#endif
#endif
#ifdef WOLFSSL_HASH_FLAGS
@ -1849,7 +1891,18 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
#endif
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
esp_sha384_ctx_copy(src, dst);
#if defined(CONFIG_IDF_TARGET_ESP32)
esp_sha384_ctx_copy(src, dst);
#elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
ESP_LOGV(TAG, "No SHA-384 HW on the ESP32-C3");
#elif defined(CONFIG_IDF_TARGET_ESP32S2) || \
defined(CONFIG_IDF_TARGET_ESP32S3)
esp_sha384_ctx_copy(src, dst);
#else
ESP_LOGW(TAG, "No SHA384 HW or not yet implemented for %s",
CONFIG_IDF_TARGET);
#endif
#endif
#ifdef HAVE_ARIA

34
wolfcrypt/src/tfm.c
View File

@ -79,9 +79,9 @@
#undef WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
#endif
/* Note with HW there's a EPS_RSA_EXPT_XBTIS setting
/* Note with HW there's a ESP_RSA_EXPT_XBITS setting
* as for some small numbers, SW may be faster.
* See ESP_LOGV messages for EPS_RSA_EXPT_XBTIS values. */
* See ESP_LOGV messages for ESP_RSA_EXPT_XBITS values. */
#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI */
@ -3428,6 +3428,36 @@ int fp_sqr(fp_int *A, fp_int *B)
goto clean;
}
#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
if (esp_hw_validation_active()) {
ESP_LOGV(TAG, "Skipping call to esp_mp_mul "
"during active validation.");
}
else {
err = esp_mp_mul(A, A, B); /* HW accelerated multiply */
switch (err) {
case MP_OKAY:
goto clean; /* success */
break;
case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
case MP_HW_FALLBACK: /* forced fallback from HW to SW */
case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
/* fall back to software, below */
break;
default:
/* Once we've failed, exit without trying to continue.
* We may have mangled operands: (e.g. Z = X * Z)
* Future implementation may consider saving operands,
* but errors should never occur. */
goto clean; /* error */
break;
}
}
/* fall through to software calcs */
#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
#if defined(TFM_SQR3) && FP_SIZE >= 6
if (y <= 3) {
err = fp_sqr_comba3(A,B);

413
wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
View File

@ -22,10 +22,12 @@
#define __ESP32_CRYPT_H__
#include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
#include "sdkconfig.h" /* ensure ESP-IDF settings are available everywhere */
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/types.h> /* for MATH_INT_T */
@ -42,55 +44,77 @@
* WC_HW_WAIT_E - waited too long for HW, fall back to SW
*/
/* exit code only used in Espressif port */
/* Exit codes only used in Espressif port: */
enum {
ESP_MP_HW_FALLBACK = (WC_LAST_E - 2),
ESP_MP_HW_VALIDATION_ACTIVE = (WC_LAST_E - 3)
};
/* MP_HW_FALLBACK: signal to caller to fall back to SW for math:
* algorithm not supported in SW
* known state needing only SW, (e.g. ctx copy)
* any other reason to force SW */
#define MP_HW_FALLBACK (-108)
* any other reason to force SW (was -108)*/
#define MP_HW_FALLBACK ESP_MP_HW_FALLBACK
/* MP_HW_VALIDATION_ACTIVE this is informative only:
* typically also means "MP_HW_FALLBACK": fall back to SW.
* optional HW validation active, so compute in SW to compare.
* fall back to SW, typically only used during debugging
* fall back to SW, typically only used during debugging. (was -109)
*/
#define MP_HW_VALIDATION_ACTIVE (-109)
#define MP_HW_VALIDATION_ACTIVE ESP_MP_HW_VALIDATION_ACTIVE
/*
*******************************************************************************
*******************************************************************************
** Global Settings:
**
** Settings that start with "CONFIG_" are typically defined in sdkconfig.h
**
** Primary Settings:
**
** WOLFSSL_ESP32_CRYPT_RSA_PRI
** Defined in wolfSSL settings.h: this turns on or off esp32_mp math library.
** Unless turned off, this is enabled by default for the ESP32
**
** NO_ESP32_CRYPT
** When defined, disables all hardware acceleration on the ESP32
**
** NO_WOLFSSL_ESP32_CRYPT_HASH
** Used to disabled only hash hardware algorithms: SHA2, etc.
** Used to disabled only hash hardware, all algorithms: SHA2, etc.
**
** WOLFSSL_NOSHA512_224
** Define to disable SHA-512/224
** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
** When defined, disables only SHA hardware acceleration, uses SW.
**
** WOLFSSL_NOSHA512_256
** Define to disable SHA-512/512
** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
** When defined, disables only SHA-224 hardware acceleration, uses SW.
**
** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
** When defined, disables only SHA-384 hardware acceleration, uses SW.
**
** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
** When defined, disables only SHA-256 hardware acceleration, uses SW.
**
** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
** When defined, disables only SHA-512 hardware acceleration, uses SW.
**
** WOLFSSL_NOSHA512_224
** Define to disable SHA-512/224
**
** WOLFSSL_NOSHA512_256
** Define to disable SHA-512/512
**
** WOLFSSL_ESP32_CRYPT_RSA_PRI
** Defined in wolfSSL settings.h: this turns on or off esp32_mp math library.
** Unless turned off, this is enabled by default for the ESP32
**
** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
** Turns off hardware acceleration esp_mp_mul()
**
** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
** Turns off hardware acceleration esp_mp_exptmod()
**
** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
** Turns off hardware acceleration esp_mp_mulmod()
**
** NO_WOLFSSL_ESP32_CRYPT_AES
** Used to disable only AES hardware algorithms. Software used instead.
**
** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
** Turns off hardware acceleration esp_mp_mul()
**
** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
** Turns off hardware acceleration esp_mp_exptmod()
**
** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
** Turns off hardware acceleration esp_mp_mulmod()
**
*******************************************************************************
** Math library settings: TFM
*******************************************************************************
@ -99,14 +123,18 @@
** WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
** When defined, use hardware acceleration esp_mp_mul()
** for Large Number Multiplication: Z = X * Y
** Currently defined by default in tfm.c, see above to disable.
**
** WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
** When defined, use hardware acceleration esp_mp_exptmod()
** for Large Number Modular Exponentiation Z = X^Y mod M
** Currently defined by default in tfm.c, see above to disable.
**
** WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
** When defined, use hardware acceleration esp_mp_mulmod()
** for Large Number Modular Multiplication: Z = X * Y mod M
** Currently defined by default in tfm.c, see above to disable.
**
**
*******************************************************************************
** Optional Settings:
@ -119,6 +147,10 @@
** Turns on development testing. Validates HW accelerated results to software
** - Automatically turns on WOLFSSL_HW_METRICS
**
** WOLFSSL_DEBUG_MUTEX
** Turns on diagnostic messages for SHA mutex. Note that given verbosity,
** there may be TLS timing issues encountered. Use with caution.
**
** LOG_LOCAL_LEVEL
** Debugging. Default value is ESP_LOG_DEBUG
**
@ -127,7 +159,10 @@
** actually match the source data.
**
** WOLFSSL_ESP32_CRYPT_DEBUG
** When defined, enables hardware cryptography debugging
** When defined, enables hardware cryptography debugging.
**
** WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
** Shows a warning when mulm falls back for minimum number of bits.
**
** NO_HW_MATH_TEST
** Even if HW is enabled, do not run HW math tests. See HW_MATH_ENABLED.
@ -142,7 +177,7 @@
** matched with hardware. Useful only during development. Needs DEBUG_WOLFSSL
**
** ESP_PROHIBIT_SMALL_X
** When set to 1 X operands less than 8 bits will fall back to SW
** When set to 1 X operands less than 8 bits will fall back to SW.
**
** ESP_NO_ERRATA_MITIGATION
** Disable all errata mitigation code.
@ -150,23 +185,31 @@
** USE_ESP_DPORT_ACCESS_READ_BUFFER
** Sets ESP_NO_ERRATA_MITIGATION and uses esp_dport_access_read_buffer()
**
** ESP_MONITOR_HW_TASK_LOCK
** Although wolfSSL is in general not fully thread safe, this option
** enables some features that can be useful in a multi-threaded environment.
**
*******************************************************************************
** Settings used from <esp_idf_version.h>
** see .\esp-idf\v[N]\components\esp_common\include
*******************************************************************************
**
** ESP_IDF_VERSION_MAJOR
**
** Espressif ESP-IDF Version (e.g. 4, 5)
**
*******************************************************************************
** Settings used from ESP-IDF (sdkconfig.h)
*******************************************************************************
**
** CONFIG_IDF_TARGET_[SoC]
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32S2
** CONFIG_IDF_TARGET_ESP32S3
** CONFIG_IDF_TARGET_ESP32C3
** CONFIG_IDF_TARGET_ESP32C6
**
*******************************************************************************
**
**
*******************************************************************************
** Informative settings. Not meant to be edited
]*******************************************************************************
** Informative settings. Not meant to be edited:
*******************************************************************************
**
** HW_MATH_ENABLED
@ -181,23 +224,26 @@
#define LOG_LOCAL_LEVEL ESP_LOG_DEBUG
#else
#undef LOG_LOCAL_LEVEL
#define LOG_LOCAL_LEVEL ESP_LOG_DEBUG
#define LOG_LOCAL_LEVEL CONFIG_LOG_DEFAULT_LEVEL
#endif
#include <freertos/FreeRTOS.h>
#if defined(CONFIG_IDF_TARGET_ESP32)
/* there's no SHA-224 HW on the ESP32 */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
#include "soc/dport_reg.h"
#include "soc/hwcrypto_reg.h"
#include <soc/hwcrypto_reg.h>
#if ESP_IDF_VERSION_MAJOR < 5
#include "soc/cpu.h"
#include <soc/cpu.h>
#endif
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include "esp_private/periph_ctrl.h"
#include <esp_private/periph_ctrl.h>
#else
#include "driver/periph_ctrl.h"
#include <driver/periph_ctrl.h>
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
@ -205,52 +251,159 @@
#else
#include <rom/ets_sys.h>
#endif
#define ESP_PROHIBIT_SMALL_X 0
#define ESP_PROHIBIT_SMALL_X FALSE
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#include <soc/dport_access.h>
#include <soc/hwcrypto_reg.h>
#if ESP_IDF_VERSION_MAJOR < 5
#include <soc/cpu.h>
#endif
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include <esp_private/periph_ctrl.h>
#else
#include <driver/periph_ctrl.h>
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
/* #include <esp32/rom/ets_sys.h> */
#else
#include <rom/ets_sys.h>
#endif
/* If for some reason there's a desire to disable specific HW on the C3: */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there is SHA HW on C3 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there is SHA224 HW on C3 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there is SHA256 HW on C3 */
/* Code will fall back to SW with warning if these are removed:
* Note there is no SHA384/SHA512 HW on ESP32-C3 */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
#include <soc/dport_access.h>
#include <soc/hwcrypto_reg.h>
#if ESP_IDF_VERSION_MAJOR < 5
#include <soc/cpu.h>
#endif
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include <esp_private/periph_ctrl.h>
#else
#include <driver/periph_ctrl.h>
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
/* #include <esp32/rom/ets_sys.h> */
#else
#include <rom/ets_sys.h>
#endif
/* If for some reason there's a desire to disable specific SHA HW on the C6: */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there *is* SHA HW on C6 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there *is* SHA224 HW on C6 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there *is* SHA225 HW on C6 */
/* Code will fall back to SW with warning if these are removed:
* note there is no SHA384/SHA512 HW on C6 */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
#include "soc/dport_reg.h"
#include "soc/hwcrypto_reg.h"
#include <soc/hwcrypto_reg.h>
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include "esp_private/periph_ctrl.h"
#include <esp_private/periph_ctrl.h>
#else
#include "driver/periph_ctrl.h"
#include <driver/periph_ctrl.h>
#endif
#define ESP_PROHIBIT_SMALL_X 0
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
#include "soc/dport_reg.h"
#include "soc/hwcrypto_reg.h"
#include <soc/hwcrypto_reg.h>
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include "esp_private/periph_ctrl.h"
#include <esp_private/periph_ctrl.h>
#else
#include "driver/periph_ctrl.h"
#include <driver/periph_ctrl.h>
#endif
#define ESP_PROHIBIT_SMALL_X 0
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* no includes for ESP32C3 at this time (no HW implemented yet) */
#else
/* not yet supported. no HW */
#endif
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
/***** END CONFIG_IDF_TARGET_[x] config unknown *****/
#endif /* CONFIG_IDF_TARGET target check */
#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL) && \
defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD) && \
defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
#warning "MP_MUL, MULMOD, EXPTMOD all turned off. " && \
"Define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI to disable all math HW"
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif
#endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
#if defined(USE_ESP_DPORT_ACCESS_READ_BUFFER)
#define ESP_NO_ERRATA_MITIGATION
#endif
#ifdef SINGLE_THREADED
#undef ESP_MONITOR_HW_TASK_LOCK
#else
/* Unless explicitly disabled, monitor task lock when not single thread. */
#ifndef ESP_DISABLE_HW_TASK_LOCK
#define ESP_MONITOR_HW_TASK_LOCK
#endif
#endif
#ifdef __cplusplus
extern "C"
{
#endif
/*
******************************************************************************
** Some common esp utilities
******************************************************************************
*/
/*
******************************************************************************
** Some common esp utilities
******************************************************************************
*/
WOLFSSL_LOCAL int esp_ShowExtendedSystemInfo(void);
/* Compare MATH_INT_T A to MATH_INT_T B
* During debug, the strings name_A and name_B can help
* identify variable name. */
WOLFSSL_LOCAL int esp_mp_cmp(char* name_A, MATH_INT_T* A, char* name_B, MATH_INT_T* B);
WOLFSSL_LOCAL int esp_mp_cmp(char* name_A, MATH_INT_T* A,
char* name_B, MATH_INT_T* B);
/* Show MATH_INT_T value attributes. */
WOLFSSL_LOCAL int esp_show_mp_attributes(char* c, MATH_INT_T* X);
@ -263,24 +416,34 @@ extern "C"
* identify variable name. */
WOLFSSL_LOCAL int esp_show_mp(char* name_X, MATH_INT_T* X);
/* To use a Mutex, if must first be initialized */
/* To use a Mutex, it must first be initialized. */
WOLFSSL_LOCAL int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex);
/* When the HW is in use, the mutex will be locked. */
WOLFSSL_LOCAL int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t block_time);
/* Take the mutex to indicate the HW is in use. Wait up to [block_time].
* When the HW in use the mutex will be locked. */
WOLFSSL_LOCAL int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex,
TickType_t block_time);
/* Release the mutex to indicate the HW is no longer in use. */
WOLFSSL_LOCAL int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
#ifndef NO_AES
/* Validation active check. When active, we'll fall back to SW. */
WOLFSSL_LOCAL int esp_hw_validation_active(void);
/*
*******************************************************************************
** AES features:
*******************************************************************************
*/
#ifndef NO_AES
#if ESP_IDF_VERSION_MAJOR >= 4
#include "esp32/rom/aes.h"
#else
#include "rom/aes.h"
#endif
typedef enum tagES32_AES_PROCESS
typedef enum tagES32_AES_PROCESS /* TODO what's this ? */
{
ESP32_AES_LOCKHW = 1,
ESP32_AES_UPDATEKEY_ENCRYPT = 2,
@ -289,36 +452,47 @@ extern "C"
} ESP32_AESPROCESS;
struct Aes; /* see aes.h */
#if defined(WOLFSSL_HW_METRICS)
WOLFSSL_LOCAL int esp_hw_show_aes_metrics(void);
WOLFSSL_LOCAL int wc_esp32AesUnupportedLengthCountAdd(void);
#endif
WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLenValue(int keylen);
WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLen(struct Aes* aes);
WOLFSSL_LOCAL int wc_esp32AesCbcEncrypt(struct Aes* aes,
byte* out,
const byte* in,
word32 sz);
WOLFSSL_LOCAL int wc_esp32AesCbcDecrypt(struct Aes* aes,
byte* out,
const byte* in,
word32 sz);
WOLFSSL_LOCAL int wc_esp32AesEncrypt(struct Aes *aes, const byte* in, byte* out);
WOLFSSL_LOCAL int wc_esp32AesDecrypt(struct Aes *aes, const byte* in, byte* out);
WOLFSSL_LOCAL int wc_esp32AesCbcEncrypt(struct Aes* aes,
byte* out,
const byte* in,
word32 sz);
WOLFSSL_LOCAL int wc_esp32AesCbcDecrypt(struct Aes* aes,
byte* out,
const byte* in,
word32 sz);
WOLFSSL_LOCAL int wc_esp32AesEncrypt( struct Aes* aes,
const byte* in,
byte* out);
WOLFSSL_LOCAL int wc_esp32AesDecrypt( struct Aes* aes,
const byte* in,
byte* out);
#endif /* ! NO_AES */
#ifdef WOLFSSL_ESP32_CRYPT_DEBUG
void wc_esp32TimerStart(void);
uint64_t wc_esp32elapsedTime(void);
uint64_t wc_esp32elapsedTime(void);
#endif /* WOLFSSL_ESP32_CRYPT_DEBUG */
/*
*******************************************************************************
** Cryptographic hash algorithms (e.g. SHA[x]):
*******************************************************************************
*/
#if !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
(!defined(NO_SHA) || !defined(NO_SHA256) || \
defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) \
)
/* RAW hash function APIs are not implemented with
* esp32 hardware acceleration*/
#define WOLFSSL_NO_HASH_RAW
#define SHA_CTX ETS_SHAContext
#if ESP_IDF_VERSION_MAJOR >= 4
@ -331,6 +505,9 @@ extern "C"
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#include "esp32c3/rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
#include "esp32c6/rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
#include "esp32h2/rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
@ -356,6 +533,7 @@ extern "C"
ESP32_SHA_HW = 1,
ESP32_SHA_SW = 2,
ESP32_SHA_HW_COPY = 3,
ESP32_SHA_FREED = 4,
ESP32_SHA_FAIL_NEED_UNROLL = -1
} ESP32_MODE;
@ -363,6 +541,9 @@ extern "C"
{
/* pointer to object the initialized HW; to track copies */
void* initializer;
#ifndef SINGLE_THREADED
void* task_owner;
#endif
/* an ESP32_MODE value; typically:
** 0 init,
@ -388,37 +569,65 @@ extern "C"
byte isfirstblock : 1; /* 1 bit only for true / false */
} WC_ESP32SHA;
WOLFSSL_LOCAL int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type);
WOLFSSL_LOCAL int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_init(WC_ESP32SHA* ctx,
enum wc_HashType hash_type);
WOLFSSL_LOCAL int esp_sha_init_ctx(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_try_hw_lock(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_hw_unlock(WC_ESP32SHA* ctx);
/* esp_sha_hw_islocked: returns 0 if not locked, otherwise owner address */
WOLFSSL_LOCAL int esp_sha_hw_islocked(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_call_count();
WOLFSSL_LOCAL int esp_sha_lock_count();
WOLFSSL_LOCAL int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_set_stray(WC_ESP32SHA* ctx);
struct wc_Sha;
WOLFSSL_LOCAL int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst);
WOLFSSL_LOCAL int esp_sha_digest_process(struct wc_Sha* sha, byte blockprocess);
WOLFSSL_LOCAL int esp_sha_digest_process(struct wc_Sha* sha,
byte blockprocess);
WOLFSSL_LOCAL int esp_sha_process(struct wc_Sha* sha, const byte* data);
#ifndef NO_SHA256
struct wc_Sha256;
WOLFSSL_LOCAL int esp_sha224_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst);
WOLFSSL_LOCAL int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst);
WOLFSSL_LOCAL int esp_sha256_digest_process(struct wc_Sha256* sha, byte blockprocess);
WOLFSSL_LOCAL int esp_sha256_process(struct wc_Sha256* sha, const byte* data);
WOLFSSL_LOCAL int esp32_Transform_Sha256_demo(struct wc_Sha256* sha256, const byte* data);
#ifdef WOLFSSL_DEBUG_MUTEX
/* testing HW release in task that did not lock */
extern WC_ESP32SHA* stray_ctx;
#endif
#ifndef NO_SHA256
struct wc_Sha256;
WOLFSSL_LOCAL int esp_sha224_ctx_copy(struct wc_Sha256* src,
struct wc_Sha256* dst);
WOLFSSL_LOCAL int esp_sha256_ctx_copy(struct wc_Sha256* src,
struct wc_Sha256* dst);
WOLFSSL_LOCAL int esp_sha256_digest_process(struct wc_Sha256* sha,
byte blockprocess);
WOLFSSL_LOCAL int esp_sha256_process(struct wc_Sha256* sha,
const byte* data);
WOLFSSL_LOCAL int esp32_Transform_Sha256_demo(struct wc_Sha256* sha256,
const byte* data);
#endif
/* TODO do we really call esp_sha512_process for WOLFSSL_SHA384 ? */
#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
struct wc_Sha512;
WOLFSSL_LOCAL int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst);
WOLFSSL_LOCAL int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst);
WOLFSSL_LOCAL int esp_sha384_ctx_copy(struct wc_Sha512* src,
struct wc_Sha512* dst);
WOLFSSL_LOCAL int esp_sha512_ctx_copy(struct wc_Sha512* src,
struct wc_Sha512* dst);
WOLFSSL_LOCAL int esp_sha512_process(struct wc_Sha512* sha);
WOLFSSL_LOCAL int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc);
WOLFSSL_LOCAL int esp_sha512_digest_process(struct wc_Sha512* sha,
byte blockproc);
#endif
#endif /* NO_SHA && etc */
/*
*******************************************************************************
** RSA Big Math
*******************************************************************************
*/
#if !defined(NO_RSA) || defined(HAVE_ECC)
#if !defined(ESP_RSA_TIMEOUT_CNT)
@ -440,13 +649,14 @@ extern "C"
MATH_INT_T* Y, /* X */
MATH_INT_T* M, /* P */
MATH_INT_T* Z); /* Y */
/* HW_MATH_ENABLED is typically used in wolfcrypt tests */
#undef HW_MATH_ENABLED
#define HW_MATH_ENABLED
#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
/* Z = X * Y */
#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
/* Z = X * Y */
WOLFSSL_LOCAL int esp_mp_mul(MATH_INT_T* X,
MATH_INT_T* Y,
MATH_INT_T* Z);
@ -469,13 +679,25 @@ extern "C"
#endif /* !NO_RSA || HAVE_ECC*/
WOLFSSL_LOCAL int esp_hw_validation_active(void);
/* Optionally enable some metrics to count interesting usage */
/*
*******************************************************************************
** Usage metrics
*******************************************************************************
*/
#ifdef WOLFSSL_HW_METRICS
int esp_hw_show_mp_metrics(void);
#endif
/* Allow sha256 code to keep track of SW fallback during active HW */
WOLFSSL_LOCAL int esp_sw_sha256_count_add();
#define ESP_MP_HW_LOCK_MAX_DELAY ( TickType_t ) 0xffUL
/* show MP HW Metrics*/
WOLFSSL_LOCAL int esp_hw_show_mp_metrics(void);
/* show SHA HW Metrics*/
WOLFSSL_LOCAL int esp_hw_show_sha_metrics(void);
/* show all HW Metrics*/
WOLFSSL_LOCAL int esp_hw_show_metrics(void);
#endif
/*
* Errata Mitigation. See
@ -483,6 +705,8 @@ extern "C"
* https://www.espressif.com/sites/default/files/documentation/esp32-c3_errata_en.pdf
* https://www.espressif.com/sites/default/files/documentation/esp32-s3_errata_en.pdf
*/
#define ESP_MP_HW_LOCK_MAX_DELAY ( TickType_t ) 0xffUL
#if defined(CONFIG_IDF_TARGET_ESP32) && !defined(ESP_NO_ERRATA_MITIGATION)
/* some of these may be tuned for specific silicon versions */
#define ESP_EM__MP_HW_WAIT_CLEAN {__asm__ __volatile__("memw");}
@ -517,6 +741,7 @@ extern "C"
__asm__ __volatile__("nop"); /* 5 */ \
__asm__ __volatile__("nop"); /* 6 */ \
__asm__ __volatile__("nop"); /* 7 */ \
__asm__ __volatile__("nop"); /* 8 */ \
};
#elif defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240)
#define ESP_EM__3_16 { \
@ -555,4 +780,6 @@ extern "C"
}
#endif
#endif /* WOLFSSL_ESPIDF */
#endif /* __ESP32_CRYPT_H__ */

45
wolfssl/wolfcrypt/settings.h
View File

@ -397,15 +397,54 @@
#endif
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
#ifndef NO_ESP32_CRYPT
#ifndef NO_ESP32_CRYPT
#define WOLFSSL_ESP32_CRYPT
#if defined(ESP32_USE_RSA_PRIMITIVE) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
#define WOLFSSL_ESP32_CRYPT_RSA_PRI
#define WOLFSSL_SMALL_STACK
#endif
#endif
#endif
#endif
#if defined(WOLFSSL_SP_RISCV32)
#if defined(CONFIG_IDF_TARGET_ESP32C2) \
|| defined(CONFIG_IDF_TARGET_ESP32C3) \
|| defined(CONFIG_IDF_TARGET_ESP32C6)
/* ok, only the known C2, C3, C6 chips allowed */
#else
#error "WOLFSSL_SP_RISCV32 can only be used on RISC-V architecture"
#endif
#endif
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
/* SM settings */
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16 /* required for WOLFSSL_SM2 */
#undef WOLFSSL_SM4_ECB
#define WOLFSSL_SM4_ECB
#undef WOLFSSL_SM4_CBC
#define WOLFSSL_SM4_CBC
#undef WOLFSSL_SM4_CTR
#define WOLFSSL_SM4_CTR
#undef WOLFSSL_SM4_GCM
#define WOLFSSL_SM4_GCM
#undef WOLFSSL_SM4_CCM
#define WOLFSSL_SM4_CCM
#undef HAVE_POLY1305
#define HAVE_POLY1305
#undef HAVE_CHACHA
#define HAVE_CHACHA
#undef HAVE_AESGCM
#define HAVE_AESGCM
#endif /* SM */
#endif /* defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE) */
#endif /* WOLFSSL_ESPIDF */
#if defined(WOLFSSL_RENESAS_TSIP)

4
wolfssl/wolfcrypt/sha256.h
View File

@ -201,7 +201,9 @@ struct wc_Sha256 {
word32 len;
#endif
#if defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
(!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
WC_ESP32SHA ctx;
#endif
#ifdef WOLFSSL_MAXQ10XX_CRYPTO

3
wolfssl/wolfcrypt/sha512.h
View File

@ -154,7 +154,8 @@ struct wc_Sha512 {
word64* W;
#endif
#if defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
WC_ESP32SHA ctx;
#endif
#if defined(WOLFSSL_SILABS_SE_ACCEL)

2
wolfssl/wolfcrypt/tfm.h
View File

@ -290,6 +290,8 @@
#define FP_MASK (fp_digit)(-1)
#define FP_DIGIT_MAX FP_MASK
#define FP_SIZE (FP_MAX_SIZE/DIGIT_BIT)
#define MP_SIZE (FP_MAX_SIZE/DIGIT_BIT) /* for compatibility with SP_INT */
#define FP_MAX_PRIME_SIZE (FP_MAX_BITS/(2*CHAR_BIT))
/* In terms of FP_MAX_BITS, it is double the size possible for a number