mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #3531 from vppillai/patch-1

Browse Source 
support TNGTLS certificate loading for Harmony3
This commit is contained in:
toddouska 2020-12-16 09:21:28 -08:00 committed by GitHub
commit 5f30727b32
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 90 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
wolfcrypt/src/port/atmel/atmel.c
View File

@ -33,6 +33,10 @@
#include <wolfssl/ssl.h>
#include <wolfssl/internal.h>
#ifdef WOLFSSL_ATECC_TNGTLS
#include "tng/tng_atcacert_client.h"
#endif
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
#else
@ -89,7 +93,6 @@ static int ateccx08a_cfg_initialized = 0;
static ATCAIfaceCfg cfg_ateccx08a_i2c_pi;
#endif /* WOLFSSL_ATECC508A */
/**
* \brief Generate random number to be used for hash.
*/
@ -468,6 +471,14 @@ int atmel_init(void)
int ret = 0;
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
#if defined(WOLFSSL_ATECC608A)
/*Harmony3 will generate configuration based on user inputs*/
#ifdef MICROCHIP_MPLAB_HARMONY_3
extern ATCAIfaceCfg atecc608_0_init_data;
#endif
#endif
if (!mAtcaInitDone) {
ATCA_STATUS status;
int i;
@ -490,7 +501,13 @@ int atmel_init(void)
mSlotList[i] = ATECC_INVALID_SLOT;
}
}
#ifdef MICROCHIP_MPLAB_HARMONY_3
atcab_release();
atcab_wakeup();
#ifdef WOLFSSL_ATECC608A
wolfCrypt_ATECC_SetConfig(&atecc608_0_init_data);
#endif
#endif
if (ateccx08a_cfg_initialized == 0) {
/* Setup the hardware interface using defaults */
XMEMSET(&cfg_ateccx08a_i2c_pi, 0, sizeof(cfg_ateccx08a_i2c_pi));
@ -896,13 +913,83 @@ exit:
return ret;
}
static int atcatls_set_certificates(WOLFSSL_CTX *ctx)
{
#ifndef ATCATLS_TNGTLS_SIGNER_CERT_SIZE
#define ATCATLS_TNGTLS_SIGNER_CERT_SIZE 0x208
#endif
#ifndef ATCATLS_TNGTLS_DEVICE_CERT_SIZE
#define ATCATLS_TNGTLS_DEVICE_CERT_SIZE 0x222
#endif
#ifndef ATCATLS_TNGTLS_CERT_BUFF_SIZE
#define ATCATLS_TNGTLS_CERT_BUFF_SIZE (ATCATLS_TNGTLS_SIGNER_CERT_SIZE +\
ATCATLS_TNGTLS_DEVICE_CERT_SIZE)
#endif
int ret = 0;
ATCA_STATUS status;
size_t signerCertSize = ATCATLS_TNGTLS_SIGNER_CERT_SIZE;
size_t deviceCertSize = ATCATLS_TNGTLS_DEVICE_CERT_SIZE;
uint8_t certBuffer[ATCATLS_TNGTLS_CERT_BUFF_SIZE];
/*Read signer cert*/
status = tng_atcacert_read_signer_cert(&certBuffer[ATCATLS_TNGTLS_DEVICE_CERT_SIZE],
&signerCertSize);
if (ATCA_SUCCESS != status) {
ret = atmel_ecc_translate_err(ret);
return ret;
}
if (signerCertSize != ATCATLS_TNGTLS_SIGNER_CERT_SIZE) {
#ifdef WOLFSSL_ATECC_DEBUG
printf("signer cert size != ATCATLS_TNGTLS_SIGNER_CERT_SIZE.(%d)\r\n",
signerCertSize);
#endif
return WOLFSSL_FAILURE;
}
/*Read device cert signed by the signer above*/
status = tng_atcacert_read_device_cert(certBuffer, &deviceCertSize,\
&certBuffer[ATCATLS_TNGTLS_DEVICE_CERT_SIZE]);
if (ATCA_SUCCESS != status) {
ret = atmel_ecc_translate_err(ret);
return ret;
}
if (deviceCertSize != ATCATLS_TNGTLS_DEVICE_CERT_SIZE) {
#ifdef WOLFSSL_ATECC_DEBUG
printf("device cert size != ATCATLS_TNGTLS_DEVICE_CERT_SIZE.(%d)\r\n",
deviceCertSize);
#endif
return WOLFSSL_FAILURE;
}
ret = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
(const unsigned char*)certBuffer, ATCATLS_TNGTLS_CERT_BUFF_SIZE,
WOLFSSL_FILETYPE_ASN1);
if (ret != WOLFSSL_SUCCESS) {
ret = -1;
}
else {
ret = 0;
}
return ret;
}
int atcatls_set_callbacks(WOLFSSL_CTX* ctx)
{
int ret = 0;
wolfSSL_CTX_SetEccKeyGenCb(ctx, atcatls_create_key_cb);
wolfSSL_CTX_SetEccVerifyCb(ctx, atcatls_verify_signature_cb);
wolfSSL_CTX_SetEccSignCb(ctx, atcatls_sign_certificate_cb);
wolfSSL_CTX_SetEccSharedSecretCb(ctx, atcatls_create_pms_cb);
return 0;
#ifdef WOLFSSL_ATECC_TNGTLS
ret = atcatls_set_certificates(ctx);
if (ret != 0) {
#ifdef WOLFSSL_ATECC_DEBUG
printf("atcatls_set_certificates failed. (%d)\r\n",ret);
#endif
}
#endif
return ret;
}
int atcatls_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)