mirror of https://github.com/wolfSSL/wolfssl
add CAAM with INTEGRITY support
This commit is contained in:
parent
ac8996c9bc
commit
5fa9455bf9
|
@ -6078,7 +6078,7 @@ static void AddFragHeaders(byte* output, word32 fragSz, word32 fragOffset,
|
|||
|
||||
|
||||
/* return bytes received, -1 on error */
|
||||
static int Receive(WOLFSSL* ssl, byte* buf, word32 sz)
|
||||
static int wolfSSLReceive(WOLFSSL* ssl, byte* buf, word32 sz)
|
||||
{
|
||||
int recvd;
|
||||
|
||||
|
@ -11607,7 +11607,7 @@ static int GetInputData(WOLFSSL *ssl, word32 size)
|
|||
|
||||
/* read data from network */
|
||||
do {
|
||||
in = Receive(ssl,
|
||||
in = wolfSSLReceive(ssl,
|
||||
ssl->buffers.inputBuffer.buffer +
|
||||
ssl->buffers.inputBuffer.length,
|
||||
inSz);
|
||||
|
|
12
src/wolfio.c
12
src/wolfio.c
|
@ -88,7 +88,7 @@ static INLINE int TranslateReturnCode(int old, int sd)
|
|||
return old;
|
||||
}
|
||||
|
||||
static INLINE int LastError(void)
|
||||
static INLINE int wolfSSL_LastError(void)
|
||||
{
|
||||
#ifdef USE_WINDOWS_API
|
||||
return WSAGetLastError();
|
||||
|
@ -135,7 +135,7 @@ int EmbedReceive(WOLFSSL *ssl, char *buf, int sz, void *ctx)
|
|||
|
||||
recvd = wolfIO_Recv(sd, buf, sz, ssl->rflags);
|
||||
if (recvd < 0) {
|
||||
int err = LastError();
|
||||
int err = wolfSSL_LastError();
|
||||
WOLFSSL_MSG("Embed Receive error");
|
||||
|
||||
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
|
||||
|
@ -187,7 +187,7 @@ int EmbedSend(WOLFSSL* ssl, char *buf, int sz, void *ctx)
|
|||
|
||||
sent = wolfIO_Send(sd, buf, sz, ssl->wflags);
|
||||
if (sent < 0) {
|
||||
int err = LastError();
|
||||
int err = wolfSSL_LastError();
|
||||
WOLFSSL_MSG("Embed Send error");
|
||||
|
||||
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
|
||||
|
@ -262,7 +262,7 @@ int EmbedReceiveFrom(WOLFSSL *ssl, char *buf, int sz, void *ctx)
|
|||
recvd = TranslateReturnCode(recvd, sd);
|
||||
|
||||
if (recvd < 0) {
|
||||
err = LastError();
|
||||
err = wolfSSL_LastError();
|
||||
WOLFSSL_MSG("Embed Receive From error");
|
||||
|
||||
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
|
||||
|
@ -325,7 +325,7 @@ int EmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
|
|||
sent = TranslateReturnCode(sent, sd);
|
||||
|
||||
if (sent < 0) {
|
||||
err = LastError();
|
||||
err = wolfSSL_LastError();
|
||||
WOLFSSL_MSG("Embed Send To error");
|
||||
|
||||
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
|
||||
|
@ -373,7 +373,7 @@ int EmbedReceiveFromMcast(WOLFSSL *ssl, char *buf, int sz, void *ctx)
|
|||
recvd = TranslateReturnCode(recvd, sd);
|
||||
|
||||
if (recvd < 0) {
|
||||
err = LastError();
|
||||
err = wolfSSL_LastError();
|
||||
WOLFSSL_MSG("Embed Receive From error");
|
||||
|
||||
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
|
||||
|
|
|
@ -243,7 +243,11 @@
|
|||
#include <wolfcrypt/src/misc.c>
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_ARMASM
|
||||
#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_IMX6_CAAM)
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
|
||||
#endif
|
||||
|
||||
#ifdef DEBUG_AESNI
|
||||
#include <stdio.h>
|
||||
|
@ -2131,10 +2135,27 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
|||
int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
|
||||
const byte* iv, int dir)
|
||||
{
|
||||
int ret;
|
||||
#if defined(AES_MAX_KEY_SIZE)
|
||||
const word32 max_key_len = (AES_MAX_KEY_SIZE / 8);
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
byte local[32];
|
||||
word32 localSz = 32;
|
||||
|
||||
if (keylen == (16 + WC_CAAM_BLOB_SZ) ||
|
||||
keylen == (24 + WC_CAAM_BLOB_SZ) ||
|
||||
keylen == (32 + WC_CAAM_BLOB_SZ)) {
|
||||
if (wc_caamOpenBlob((byte*)userKey, keylen, local, &localSz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* set local values */
|
||||
userKey = local;
|
||||
keylen = localSz;
|
||||
}
|
||||
#endif
|
||||
if (aes == NULL ||
|
||||
!((keylen == 16) || (keylen == 24) || (keylen == 32))) {
|
||||
return BAD_FUNC_ARG;
|
||||
|
@ -2178,7 +2199,12 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
|||
}
|
||||
#endif /* WOLFSSL_AESNI */
|
||||
|
||||
return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir);
|
||||
ret = wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir);
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
ForceZero(local, sizeof(local));
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
|
||||
|
@ -2186,7 +2212,32 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
|||
int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
|
||||
const byte* iv, int dir)
|
||||
{
|
||||
return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir);
|
||||
int ret;
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
byte local[32];
|
||||
word32 localSz = 32;
|
||||
|
||||
if (keylen == (16 + WC_CAAM_BLOB_SZ) ||
|
||||
keylen == (24 + WC_CAAM_BLOB_SZ) ||
|
||||
keylen == (32 + WC_CAAM_BLOB_SZ)) {
|
||||
if (wc_caamOpenBlob((byte*)userKey, keylen, local, &localSz)
|
||||
!= 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* set local values */
|
||||
userKey = local;
|
||||
keylen = localSz;
|
||||
}
|
||||
#endif
|
||||
ret = wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir);
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
ForceZero(local, sizeof(local));
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
|
||||
#endif /* wc_AesSetKey block */
|
||||
|
@ -3377,6 +3428,23 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
|
|||
int ret;
|
||||
byte iv[AES_BLOCK_SIZE];
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
byte local[32];
|
||||
word32 localSz = 32;
|
||||
|
||||
if (keylen == (16 + WC_CAAM_BLOB_SZ) ||
|
||||
keylen == (24 + WC_CAAM_BLOB_SZ) ||
|
||||
keylen == (32 + WC_CAAM_BLOB_SZ)) {
|
||||
if (wc_caamOpenBlob((byte*)userKey, keylen, local, &localSz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* set local values */
|
||||
key = local;
|
||||
len = localSz;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (!((len == 16) || (len == 24) || (len == 32)))
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
|
@ -3402,6 +3470,10 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
|
|||
wc_AesGcmSetKey_ex(aes, key, len, XSECURE_CSU_AES_KEY_SRC_KUP);
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
ForceZero(local, sizeof(local));
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
@ -7192,6 +7264,9 @@ int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz)
|
|||
#if defined(HAVE_COLDFIRE_SEC)
|
||||
#error "Coldfire SEC doesn't currently support AES-CCM mode"
|
||||
|
||||
#elif defined(WOLFSSL_IMX6_CAAM)
|
||||
/* implemented in wolfcrypt/src/port/caam_aes.c */
|
||||
|
||||
#elif defined(FREESCALE_LTC)
|
||||
|
||||
/* return 0 on success */
|
||||
|
|
|
@ -434,6 +434,9 @@ const char* wc_GetErrorString(int error)
|
|||
case ECC_PRIVATEONLY_E:
|
||||
return "Invalid use of private only ECC key";
|
||||
|
||||
case WC_CAAM_E:
|
||||
return "Error with CAAM use";
|
||||
|
||||
default:
|
||||
return "unknown error number";
|
||||
|
||||
|
|
|
@ -166,6 +166,8 @@ int wc_HmacSizeByType(int type)
|
|||
return ret;
|
||||
}
|
||||
|
||||
|
||||
/* software implementation */
|
||||
static int _InitHmac(Hmac* hmac, int type, void* heap)
|
||||
{
|
||||
int ret = 0;
|
||||
|
|
|
@ -225,6 +225,9 @@ static INLINE void AddLength(wc_Md5* md5, word32 len);
|
|||
#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
|
||||
#define HAVE_MD5_CUST_API
|
||||
|
||||
#elif defined(WOLFSSL_IMX6_CAAM)
|
||||
/* functions implemented in wolfcrypt/src/port/caam/caam_sha.c */
|
||||
#define HAVE_MD5_CUST_API
|
||||
#else
|
||||
#define NEED_SOFT_MD5
|
||||
|
||||
|
|
|
@ -0,0 +1,709 @@
|
|||
/* caam_aes.c
|
||||
*
|
||||
* Copyright (C) 2006-2016 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
|
||||
#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_AES)
|
||||
|
||||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
#include <wolfssl/wolfcrypt/error-crypt.h>
|
||||
#include <wolfssl/wolfcrypt/aes.h>
|
||||
|
||||
#ifdef NO_INLINE
|
||||
#include <wolfssl/wolfcrypt/misc.h>
|
||||
#else
|
||||
#define WOLFSSL_MISC_INCLUDED
|
||||
#include <wolfcrypt/src/misc.c>
|
||||
#endif
|
||||
|
||||
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
|
||||
#include <wolfssl/wolfcrypt/port/caam/caam_driver.h>
|
||||
|
||||
#if defined(WOLFSSL_CAAM_DEBUG) || defined(WOLFSSL_CAAM_PRINT)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
|
||||
const byte* iv, int dir)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (aes == NULL || key == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (len > 32) {
|
||||
byte out[32]; /* max AES key size */
|
||||
word32 outSz;
|
||||
int ret;
|
||||
|
||||
if (len != 64 && len != 72 && len != 80) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
outSz = sizeof(out);
|
||||
/* if length greater then 32 then try to unencapsulate */
|
||||
if ((ret = wc_caamOpenBlob((byte*)key, len, out, &outSz, NULL, 0)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
XMEMCPY((byte*)aes->key, out, outSz);
|
||||
aes->keylen = outSz;
|
||||
}
|
||||
else {
|
||||
if (len != 16 && len != 24 && len != 32) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
XMEMCPY((byte*)aes->key, key, len);
|
||||
aes->keylen = len;
|
||||
}
|
||||
|
||||
|
||||
switch (aes->keylen) {
|
||||
case 16: aes->rounds = 10; break;
|
||||
case 24: aes->rounds = 12; break;
|
||||
case 32: aes->rounds = 14; break;
|
||||
default:
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if ((ret = wc_AesSetIV(aes, iv)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_AES_COUNTER
|
||||
aes->left = 0;
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int wc_AesSetIV(Aes* aes, const byte* iv)
|
||||
{
|
||||
if (aes == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (iv == NULL) {
|
||||
XMEMSET((byte*)aes->reg, 0, AES_BLOCK_SIZE);
|
||||
}
|
||||
else {
|
||||
XMEMCPY((byte*)aes->reg, iv, AES_BLOCK_SIZE);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int wc_AesCbcEncrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 sz)
|
||||
{
|
||||
word32 blocks;
|
||||
|
||||
WOLFSSL_ENTER("wc_AesCbcEncrypt");
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
blocks = sz / AES_BLOCK_SIZE;
|
||||
|
||||
if (blocks > 0) {
|
||||
Buffer buf[4];
|
||||
word32 arg[4];
|
||||
word32 keySz;
|
||||
int ret;
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
buf[0].TheAddress = (Address)aes->key;
|
||||
buf[0].Length = keySz;
|
||||
|
||||
buf[1].BufferType = DataBuffer;
|
||||
buf[1].TheAddress = (Address)aes->reg;
|
||||
buf[1].Length = AES_BLOCK_SIZE;
|
||||
|
||||
buf[2].BufferType = DataBuffer;
|
||||
buf[2].TheAddress = (Address)in;
|
||||
buf[2].Length = blocks * AES_BLOCK_SIZE;
|
||||
|
||||
buf[3].BufferType = DataBuffer | LastBuffer;
|
||||
buf[3].TheAddress = (Address)out;
|
||||
buf[3].Length = blocks * AES_BLOCK_SIZE;
|
||||
|
||||
arg[0] = CAAM_ENC;
|
||||
arg[1] = keySz;
|
||||
arg[2] = sz;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, CAAM_AESCBC)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM AES CBC encrypt");
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int wc_AesCbcDecrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 sz)
|
||||
{
|
||||
word32 blocks;
|
||||
|
||||
WOLFSSL_ENTER("wc_AesCbcDecrypt");
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
blocks = sz / AES_BLOCK_SIZE;
|
||||
|
||||
if (blocks > 0) {
|
||||
Buffer buf[4];
|
||||
word32 arg[4];
|
||||
word32 keySz;
|
||||
int ret;
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
buf[0].TheAddress = (Address)aes->key;
|
||||
buf[0].Length = keySz;
|
||||
|
||||
buf[1].BufferType = DataBuffer;
|
||||
buf[1].TheAddress = (Address)aes->reg;
|
||||
buf[1].Length = AES_BLOCK_SIZE;
|
||||
|
||||
buf[2].BufferType = DataBuffer;
|
||||
buf[2].TheAddress = (Address)in;
|
||||
buf[2].Length = blocks * AES_BLOCK_SIZE;
|
||||
|
||||
buf[3].BufferType = DataBuffer | LastBuffer;
|
||||
buf[3].TheAddress = (Address)out;
|
||||
buf[3].Length = blocks * AES_BLOCK_SIZE;
|
||||
|
||||
arg[0] = CAAM_DEC;
|
||||
arg[1] = keySz;
|
||||
arg[2] = sz;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, CAAM_AESCBC)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM AES CBC decrypt");
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#ifdef HAVE_AES_ECB
|
||||
/* is assumed that input size is a multiple of AES_BLOCK_SIZE */
|
||||
int wc_AesEcbEncrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 sz)
|
||||
{
|
||||
word32 blocks;
|
||||
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
blocks = sz / AES_BLOCK_SIZE;
|
||||
|
||||
while (blocks > 0) {
|
||||
wc_AesEncryptDirect(aes, out, in);
|
||||
blocks--;
|
||||
out += AES_BLOCK_SIZE;
|
||||
in += AES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int wc_AesEcbDecrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 sz)
|
||||
{
|
||||
word32 blocks;
|
||||
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
blocks = sz / AES_BLOCK_SIZE;
|
||||
|
||||
/* @TODO search for more efficient solution */
|
||||
while (blocks > 0) {
|
||||
wc_AesDecryptDirect(aes, out, in);
|
||||
blocks--;
|
||||
out += AES_BLOCK_SIZE;
|
||||
in += AES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* AES-CTR */
|
||||
#ifdef WOLFSSL_AES_COUNTER
|
||||
/* Increment AES counter (from wolfcrypt/src/aes.c) */
|
||||
static INLINE void IncrementAesCounter(byte* inOutCtr)
|
||||
{
|
||||
/* in network byte order so start at end and work back */
|
||||
int i;
|
||||
for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) {
|
||||
if (++inOutCtr[i]) /* we're done unless we overflow */
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
int wc_AesCtrEncrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 sz)
|
||||
{
|
||||
byte* tmp;
|
||||
Buffer buf[4];
|
||||
word32 arg[4];
|
||||
word32 keySz;
|
||||
int ret, blocks;
|
||||
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* consume any unused bytes left in aes->tmp */
|
||||
tmp = (byte*)aes->tmp + AES_BLOCK_SIZE - aes->left;
|
||||
while (aes->left && sz) {
|
||||
*(out++) = *(in++) ^ *(tmp++);
|
||||
aes->left--;
|
||||
sz--;
|
||||
}
|
||||
|
||||
/* do full blocks to then get potential left over amount */
|
||||
blocks = sz / AES_BLOCK_SIZE;
|
||||
if (blocks > 0) {
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
buf[0].TheAddress = (Address)aes->key;
|
||||
buf[0].Length = keySz;
|
||||
|
||||
buf[1].BufferType = DataBuffer;
|
||||
buf[1].TheAddress = (Address)aes->reg;
|
||||
buf[1].Length = AES_BLOCK_SIZE;
|
||||
|
||||
buf[2].BufferType = DataBuffer;
|
||||
buf[2].TheAddress = (Address)in;
|
||||
buf[2].Length = blocks * AES_BLOCK_SIZE;
|
||||
|
||||
buf[3].BufferType = DataBuffer | LastBuffer;
|
||||
buf[3].TheAddress = (Address)out;
|
||||
buf[3].Length = blocks * AES_BLOCK_SIZE;
|
||||
|
||||
arg[0] = CAAM_ENC;
|
||||
arg[1] = keySz;
|
||||
arg[2] = sz;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, CAAM_AESCTR)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM AES CTR encrypt");
|
||||
return ret;
|
||||
}
|
||||
out += blocks * AES_BLOCK_SIZE;
|
||||
sz -= blocks * AES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
if (sz) {
|
||||
wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
|
||||
IncrementAesCounter((byte*)aes->reg);
|
||||
|
||||
aes->left = AES_BLOCK_SIZE;
|
||||
tmp = (byte*)aes->tmp;
|
||||
|
||||
while (sz--) {
|
||||
*(out++) = *(in++) ^ *(tmp++);
|
||||
aes->left--;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
/* AES-DIRECT */
|
||||
#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
|
||||
void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
Buffer buf[3];
|
||||
word32 arg[4];
|
||||
word32 keySz;
|
||||
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
//return BAD_FUNC_ARG;
|
||||
return;
|
||||
}
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
//return BAD_FUNC_ARG;
|
||||
return;
|
||||
}
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
buf[0].TheAddress = (Address)aes->key;
|
||||
buf[0].Length = keySz;
|
||||
|
||||
buf[1].BufferType = DataBuffer;
|
||||
buf[1].TheAddress = (Address)in;
|
||||
buf[1].Length = AES_BLOCK_SIZE;
|
||||
|
||||
buf[2].BufferType = DataBuffer | LastBuffer;
|
||||
buf[2].TheAddress = (Address)out;
|
||||
buf[2].Length = AES_BLOCK_SIZE;
|
||||
|
||||
arg[0] = CAAM_ENC;
|
||||
arg[1] = keySz;
|
||||
arg[2] = AES_BLOCK_SIZE;
|
||||
|
||||
if (wc_caamAddAndWait(buf, arg, CAAM_AESECB) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM AES direct encrypt");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
Buffer buf[3];
|
||||
word32 arg[4];
|
||||
word32 keySz;
|
||||
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
//return BAD_FUNC_ARG;
|
||||
return;
|
||||
}
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
//return BAD_FUNC_ARG;
|
||||
return;
|
||||
}
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
buf[0].TheAddress = (Address)aes->key;
|
||||
buf[0].Length = keySz;
|
||||
|
||||
buf[1].BufferType = DataBuffer;
|
||||
buf[1].TheAddress = (Address)in;
|
||||
buf[1].Length = AES_BLOCK_SIZE;
|
||||
|
||||
buf[2].BufferType = DataBuffer | LastBuffer;
|
||||
buf[2].TheAddress = (Address)out;
|
||||
buf[2].Length = AES_BLOCK_SIZE;
|
||||
|
||||
arg[0] = CAAM_DEC;
|
||||
arg[1] = keySz;
|
||||
arg[2] = AES_BLOCK_SIZE;
|
||||
|
||||
if (wc_caamAddAndWait(buf, arg, CAAM_AESECB) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM AES direct decrypt");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
|
||||
const byte* iv, int dir)
|
||||
{
|
||||
return wc_AesSetKey(aes, key, len, iv, dir);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_AESCCM
|
||||
|
||||
#warning AES-CCM mode not complete
|
||||
|
||||
/* from wolfcrypt/src/aes.c */
|
||||
static void roll_auth(const byte* in, word32 inSz, byte* out)
|
||||
{
|
||||
word32 authLenSz;
|
||||
word32 remainder;
|
||||
|
||||
/* encode the length in */
|
||||
if (inSz <= 0xFEFF) {
|
||||
authLenSz = 2;
|
||||
out[0] ^= ((inSz & 0xFF00) >> 8);
|
||||
out[1] ^= (inSz & 0x00FF);
|
||||
}
|
||||
else if (inSz <= 0xFFFFFFFF) {
|
||||
authLenSz = 6;
|
||||
out[0] ^= 0xFF; out[1] ^= 0xFE;
|
||||
out[2] ^= ((inSz & 0xFF000000) >> 24);
|
||||
out[3] ^= ((inSz & 0x00FF0000) >> 16);
|
||||
out[4] ^= ((inSz & 0x0000FF00) >> 8);
|
||||
out[5] ^= (inSz & 0x000000FF);
|
||||
}
|
||||
/* Note, the protocol handles auth data up to 2^64, but we are
|
||||
* using 32-bit sizes right now, so the bigger data isn't handled
|
||||
* else if (inSz <= 0xFFFFFFFFFFFFFFFF) {} */
|
||||
else
|
||||
return;
|
||||
|
||||
/* start fill out the rest of the first block */
|
||||
remainder = AES_BLOCK_SIZE - authLenSz;
|
||||
if (inSz >= remainder) {
|
||||
/* plenty of bulk data to fill the remainder of this block */
|
||||
xorbuf(out + authLenSz, in, remainder);
|
||||
inSz -= remainder;
|
||||
in += remainder;
|
||||
}
|
||||
else {
|
||||
/* not enough bulk data, copy what is available, and pad zero */
|
||||
xorbuf(out + authLenSz, in, inSz);
|
||||
inSz = 0;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz)
|
||||
{
|
||||
return wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
|
||||
}
|
||||
|
||||
|
||||
int wc_AesCcmEncrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 inSz,
|
||||
const byte* nonce, word32 nonceSz,
|
||||
byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz)
|
||||
{
|
||||
Buffer buf[4];
|
||||
word32 arg[4];
|
||||
word32 keySz;
|
||||
word32 i;
|
||||
byte B0Ctr0[AES_BLOCK_SIZE + AES_BLOCK_SIZE];
|
||||
byte A[AES_BLOCK_SIZE];
|
||||
byte ASz = 0;
|
||||
int lenSz;
|
||||
byte mask = 0xFF;
|
||||
const word32 wordSz = (word32)sizeof(word32);
|
||||
int ret;
|
||||
|
||||
/* sanity check on arguments */
|
||||
if (aes == NULL || out == NULL || in == NULL || nonce == NULL
|
||||
|| authTag == NULL || nonceSz < 7 || nonceSz > 13)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* set up B0 and CTR0 similar to how wolfcrypt/src/aes.c does */
|
||||
XMEMCPY(B0Ctr0+1, nonce, nonceSz);
|
||||
lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz;
|
||||
B0Ctr0[0] = (authInSz > 0 ? 64 : 0)
|
||||
+ (8 * (((byte)authTagSz - 2) / 2))
|
||||
+ (lenSz - 1);
|
||||
for (i = 0; i < lenSz; i++) {
|
||||
if (mask && i >= wordSz)
|
||||
mask = 0x00;
|
||||
B0Ctr0[AES_BLOCK_SIZE - 1 - i] = (inSz >> ((8 * i) & mask)) & mask;
|
||||
}
|
||||
|
||||
if (authInSz > 0) {
|
||||
ASz = AES_BLOCK_SIZE;
|
||||
roll_auth(authIn, authInSz, A);
|
||||
}
|
||||
|
||||
B0Ctr0[AES_BLOCK_SIZE] = lenSz - 1;
|
||||
for (i = 0; i < lenSz; i++)
|
||||
B0Ctr0[(AES_BLOCK_SIZE + AES_BLOCK_SIZE) - 1 - i] = 0;
|
||||
B0Ctr0[(AES_BLOCK_SIZE + AES_BLOCK_SIZE) - 1] = 1;
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
buf[0].TheAddress = (Address)aes->key;
|
||||
buf[0].Length = keySz;
|
||||
|
||||
buf[1].BufferType = DataBuffer;
|
||||
buf[1].TheAddress = (Address)B0Ctr0;
|
||||
buf[1].Length = AES_BLOCK_SIZE + AES_BLOCK_SIZE;
|
||||
|
||||
buf[2].BufferType = DataBuffer;
|
||||
buf[2].TheAddress = (Address)in;
|
||||
buf[2].Length = inSz;
|
||||
|
||||
buf[3].BufferType = DataBuffer;
|
||||
buf[3].TheAddress = (Address)out;
|
||||
buf[3].Length = inSz;
|
||||
|
||||
buf[3].BufferType = DataBuffer | LastBuffer;
|
||||
buf[3].TheAddress = (Address)A;
|
||||
buf[3].Length = ASz;
|
||||
|
||||
arg[0] = CAAM_ENC;
|
||||
arg[1] = keySz;
|
||||
arg[2] = inSz;
|
||||
arg[3] = ASz;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, CAAM_AESCCM)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM AES-CCM encrypt");
|
||||
return ret;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
int wc_AesCcmDecrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 inSz,
|
||||
const byte* nonce, word32 nonceSz,
|
||||
const byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz)
|
||||
{
|
||||
Buffer buf[4];
|
||||
word32 arg[4];
|
||||
word32 keySz;
|
||||
word32 i;
|
||||
byte B0Ctr0[AES_BLOCK_SIZE + AES_BLOCK_SIZE];
|
||||
byte A[AES_BLOCK_SIZE];
|
||||
byte ASz = 0;
|
||||
int lenSz;
|
||||
byte mask = 0xFF;
|
||||
const word32 wordSz = (word32)sizeof(word32);
|
||||
int ret;
|
||||
|
||||
/* sanity check on arguments */
|
||||
if (aes == NULL || out == NULL || in == NULL || nonce == NULL
|
||||
|| authTag == NULL || nonceSz < 7 || nonceSz > 13)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* set up B0 and CTR0 similar to how wolfcrypt/src/aes.c does */
|
||||
XMEMCPY(B0Ctr0+1, nonce, nonceSz);
|
||||
lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz;
|
||||
B0Ctr0[0] = (authInSz > 0 ? 64 : 0)
|
||||
+ (8 * (((byte)authTagSz - 2) / 2))
|
||||
+ (lenSz - 1);
|
||||
for (i = 0; i < lenSz; i++) {
|
||||
if (mask && i >= wordSz)
|
||||
mask = 0x00;
|
||||
B0Ctr0[AES_BLOCK_SIZE - 1 - i] = (inSz >> ((8 * i) & mask)) & mask;
|
||||
}
|
||||
|
||||
if (authInSz > 0) {
|
||||
ASz = AES_BLOCK_SIZE;
|
||||
roll_auth(authIn, authInSz, A);
|
||||
}
|
||||
|
||||
B0Ctr0[AES_BLOCK_SIZE] = lenSz - 1;
|
||||
for (i = 0; i < lenSz; i++)
|
||||
B0Ctr0[(AES_BLOCK_SIZE + AES_BLOCK_SIZE) - 1 - i] = 0;
|
||||
B0Ctr0[(AES_BLOCK_SIZE + AES_BLOCK_SIZE) - 1] = 1;
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
buf[0].TheAddress = (Address)aes->key;
|
||||
buf[0].Length = keySz;
|
||||
|
||||
buf[1].BufferType = DataBuffer;
|
||||
buf[1].TheAddress = (Address)B0Ctr0;
|
||||
buf[1].Length = AES_BLOCK_SIZE + AES_BLOCK_SIZE;
|
||||
|
||||
buf[2].BufferType = DataBuffer;
|
||||
buf[2].TheAddress = (Address)in;
|
||||
buf[2].Length = inSz;
|
||||
|
||||
buf[3].BufferType = DataBuffer;
|
||||
buf[3].TheAddress = (Address)out;
|
||||
buf[3].Length = inSz;
|
||||
|
||||
buf[3].BufferType = DataBuffer | LastBuffer;
|
||||
buf[3].TheAddress = (Address)A;
|
||||
buf[3].Length = ASz;
|
||||
|
||||
arg[0] = CAAM_DEC;
|
||||
arg[1] = keySz;
|
||||
arg[2] = inSz;
|
||||
arg[3] = ASz;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, CAAM_AESCCM)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM AES-CCM derypt");
|
||||
return ret;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
#endif /* HAVE_AESCCM */
|
||||
|
||||
|
||||
int wc_AesGetKeySize(Aes* aes, word32* keySize)
|
||||
{
|
||||
if (aes != NULL && keySize != NULL) {
|
||||
*keySize = aes->keylen;
|
||||
|
||||
/* preform sanity check on rounds to conform with test case */
|
||||
if (aes->rounds != 10 && aes->rounds != 12 && aes->rounds != 14) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
|
||||
int wc_AesInit(Aes* aes, void* heap, int devId)
|
||||
{
|
||||
if (aes == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
aes->heap = heap;
|
||||
(void)devId;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
void wc_AesFree(Aes* aes)
|
||||
{
|
||||
if (aes != NULL) {
|
||||
ForceZero((byte*)aes->key, 32);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
#endif /* WOLFSSL_IMX6_CAAM && !NO_AES */
|
||||
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,269 @@
|
|||
/* caam_init.c
|
||||
*
|
||||
* Copyright (C) 2006-2016 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
|
||||
#if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) || \
|
||||
defined(WOLFSSL_IMX6_CAAM_BLOB)
|
||||
|
||||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
#include <wolfssl/wolfcrypt/error-crypt.h>
|
||||
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
|
||||
|
||||
#define WC_CAAM_BLOB_SZ 48
|
||||
|
||||
#ifndef WC_CAAM_PASSWORD
|
||||
#define WC_CAAM_PASSWORD "!systempassword"
|
||||
#endif
|
||||
|
||||
#if defined(__INTEGRITY) || defined(INTEGRITY)
|
||||
#include <INTEGRITY.h>
|
||||
#include <wolfssl/wolfcrypt/port/caam/caam_driver.h>
|
||||
static IODevice caam = NULLIODevice;
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_CAAM_PRINT) || defined(WOLFSSL_CAAM_DEBUG)
|
||||
#include <stdio.h>
|
||||
#include <wolfssl/version.h>
|
||||
|
||||
static void wc_caamBanner(void)
|
||||
{
|
||||
printf("********* wolfSSL Version %s : Printing Out CAAM Information ********\n",
|
||||
LIBWOLFSSL_VERSION_STRING);
|
||||
printf("CAAM Status [0x%8.8x] = 0x%8.8x\n",
|
||||
CAAM_STATUS, WC_CAAM_READ(CAAM_STATUS));
|
||||
printf("CAAM Version MS Register [0x%8.8x] = 0x%8.8x\n",
|
||||
CAAM_VERSION_MS, WC_CAAM_READ(CAAM_VERSION_MS));
|
||||
printf("CAAM Version LS Register [0x%8.8x] = 0x%8.8x\n",
|
||||
CAAM_VERSION_LS, WC_CAAM_READ(CAAM_VERSION_LS));
|
||||
printf("CAAM Support MS Register [0x%8.8x] = 0x%8.8x\n",
|
||||
CAMM_SUPPORT_MS, WC_CAAM_READ(CAMM_SUPPORT_MS));
|
||||
printf("CAAM Support LS [0x%8.8x] = 0x%8.8x\n",
|
||||
CAMM_SUPPORT_LS, WC_CAAM_READ(CAMM_SUPPORT_LS));
|
||||
printf("********************************************************************\n\n");
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
/* Allow runtime setting for CAAM IODevice in case user wants to use password
|
||||
* at run time.
|
||||
*
|
||||
* returns 0 on success
|
||||
*
|
||||
* NOTE this is how IODevice is defined in INTEGRITY "typedef struct
|
||||
* IODeviceStruct *IODevice;"
|
||||
*/
|
||||
int wc_caamSetResource(IODevice ioDev)
|
||||
{
|
||||
WOLFSSL_MSG("Setting CAAM driver");
|
||||
caam = ioDev;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Check hardware support
|
||||
*
|
||||
* returns 0 on success
|
||||
*/
|
||||
int wc_caamInit()
|
||||
{
|
||||
word32 reg;
|
||||
|
||||
/* get the driver up */
|
||||
if (caam == NULLIODevice) {
|
||||
WOLFSSL_MSG("Starting CAAM driver");
|
||||
if (RequestResource((Object *)&caam, "wolfSSL_CAAM_Driver",
|
||||
WC_CAAM_PASSWORD) != Success) {
|
||||
WOLFSSL_MSG("Unable to get the CAAM IODevice, check password?");
|
||||
}
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_CAAM_PRINT) || defined(WOLFSSL_CAAM_DEBUG)
|
||||
/* print out CAAM version/info and wolfSSL version */
|
||||
wc_caamBanner();
|
||||
#endif
|
||||
|
||||
/* check that for implemented modules
|
||||
* bits 0-3 AES, 4-7 DES, 12-15 Hashing , 16-19 RNG */
|
||||
reg = WC_CAAM_READ(CAMM_SUPPORT_LS);
|
||||
|
||||
#ifndef WC_NO_RNG
|
||||
if (((reg & 0x000F0000) >> 16) > 0) {
|
||||
WOLFSSL_MSG("Found CAAM RNG hardware module");
|
||||
if ((WC_CAAM_READ(CAAM_RTMCTL) & 0x40000001) != 0x40000001) {
|
||||
WOLFSSL_MSG("Error CAAM RNG has not been set up");
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef NO_SHA256
|
||||
if ((reg & 0x0000F000) > 0) {
|
||||
WOLFSSL_MSG("Found CAAM MDHA module");
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("Hashing not supported by CAAM");
|
||||
return WC_CAAM_E;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
#ifndef NO_AES
|
||||
if ((reg & 0x0000000F) > 0) {
|
||||
WOLFSSL_MSG("Found CAAM AES module");
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("AES not supported by CAAM");
|
||||
return WC_CAAM_E;
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int wc_caamFree()
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
word32 wc_caamReadRegister(word32 reg)
|
||||
{
|
||||
Value out = 0;
|
||||
|
||||
if (caam == NULLIODevice) {
|
||||
WOLFSSL_MSG("Error CAAM IODevice not found! Bad password?");
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (ReadIODeviceRegister(caam, reg, &out) != Success) {
|
||||
WOLFSSL_MSG("Error reading register\n");
|
||||
}
|
||||
|
||||
return (word32)out;
|
||||
}
|
||||
|
||||
void wc_caamWriteRegister(word32 reg, word32 value)
|
||||
{
|
||||
if (caam == NULLIODevice) {
|
||||
WOLFSSL_MSG("Error CAAM IODevice not found! Bad password?");
|
||||
return;
|
||||
}
|
||||
|
||||
if (WriteIODeviceRegister(caam, reg, value) != Success) {
|
||||
WOLFSSL_MSG("Error writing to register\n");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
int wc_caamAddAndWait(Buffer* buf, word32 arg[4], word32 type)
|
||||
{
|
||||
int ret;
|
||||
if (caam == NULLIODevice) {
|
||||
WOLFSSL_MSG("Error CAAM IODevice not found! Bad password?");
|
||||
return WC_CAAM_E;
|
||||
}
|
||||
|
||||
if ((ret = SynchronousSendIORequest(caam, type, (const Value*)arg, buf))
|
||||
!= Success) {
|
||||
#if defined(WOLFSSL_CAAM_PRINT) || defined(WOLFSSL_CAAM_DEBUG)
|
||||
printf("ret of SynchronousSendIORequest = %d type = %d\n", ret, type);
|
||||
#endif
|
||||
return WC_CAAM_E;
|
||||
}
|
||||
|
||||
(void)ret;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int wc_caamCreateBlob(byte* data, word32 dataSz, byte* out, word32* outSz)
|
||||
{
|
||||
Buffer in[3];
|
||||
word32 arg[4];
|
||||
int ret;
|
||||
word32 local[2] = {0,0};
|
||||
|
||||
if (*outSz < dataSz + WC_CAAM_BLOB_SZ) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
in[0].BufferType = DataBuffer;
|
||||
in[0].TheAddress = (Address)local;
|
||||
in[0].Length = sizeof(local);
|
||||
|
||||
in[1].BufferType = DataBuffer;
|
||||
in[1].TheAddress = (Address)data;
|
||||
in[1].Length = dataSz;
|
||||
|
||||
in[2].BufferType = DataBuffer | LastBuffer;
|
||||
in[2].TheAddress = (Address)out;
|
||||
in[2].Length = dataSz + WC_CAAM_BLOB_SZ;
|
||||
|
||||
arg[2] = dataSz;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(in, arg, CAAM_BLOB_ENCAP)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM blob create");
|
||||
return ret;
|
||||
}
|
||||
|
||||
*outSz = dataSz + WC_CAAM_BLOB_SZ;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int wc_caamOpenBlob(byte* data, word32 dataSz, byte* out, word32* outSz)
|
||||
{
|
||||
Buffer in[3];
|
||||
word32 arg[4];
|
||||
int ret;
|
||||
word32 local[2] = {0,0};
|
||||
|
||||
if (*outSz < dataSz - WC_CAAM_BLOB_SZ) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
in[0].BufferType = DataBuffer;
|
||||
in[0].TheAddress = (Address)local;
|
||||
in[0].Length = sizeof(local);
|
||||
|
||||
in[0].BufferType = DataBuffer;
|
||||
in[0].TheAddress = (Address)data;
|
||||
in[0].Length = dataSz;
|
||||
|
||||
in[1].BufferType = DataBuffer | LastBuffer;
|
||||
in[1].TheAddress = (Address)out;
|
||||
in[1].Length = dataSz - WC_CAAM_BLOB_SZ;
|
||||
|
||||
arg[2] = dataSz;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(in, arg, CAAM_BLOB_DECAP)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM blob create");
|
||||
return ret;
|
||||
}
|
||||
|
||||
*outSz = dataSz - WC_CAAM_BLOB_SZ;
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_IMX6_CAAM */
|
||||
|
|
@ -0,0 +1,397 @@
|
|||
/* caam_sha.c
|
||||
*
|
||||
* Copyright (C) 2006-2016 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
|
||||
#if defined(WOLFSSL_IMX6_CAAM)
|
||||
|
||||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
#include <wolfssl/wolfcrypt/error-crypt.h>
|
||||
|
||||
#ifdef NO_INLINE
|
||||
#include <wolfssl/wolfcrypt/misc.h>
|
||||
#else
|
||||
#define WOLFSSL_MISC_INCLUDED
|
||||
#include <wolfcrypt/src/misc.c>
|
||||
#endif
|
||||
|
||||
|
||||
#include <INTEGRITY.h>
|
||||
#include <wolfssl/wolfcrypt/port/caam/caam_driver.h>
|
||||
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
|
||||
|
||||
#if defined(WOLFSSL_CAAM_DEBUG) || defined(WOLFSSL_CAAM_PRINT)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#ifndef NO_SHA
|
||||
#include <wolfssl/wolfcrypt/sha.h>
|
||||
#endif
|
||||
|
||||
#if !defined(NO_SHA256) || defined(WOLFSSL_SHA224)
|
||||
#include <wolfssl/wolfcrypt/sha256.h>
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
|
||||
#include <wolfssl/wolfcrypt/sha512.h>
|
||||
#endif
|
||||
|
||||
#ifndef NO_MD5
|
||||
#include <wolfssl/wolfcrypt/md5.h>
|
||||
#endif
|
||||
|
||||
/******************************************************************************
|
||||
Common Code Between SHA Functions
|
||||
****************************************************************************/
|
||||
|
||||
static int _InitSha(Sha* sha, void* heap, int devId, word32 digestSz,
|
||||
word32 type)
|
||||
{
|
||||
Buffer buf[1];
|
||||
word32 arg[4];
|
||||
int ret;
|
||||
|
||||
(void)heap;
|
||||
(void)devId;
|
||||
|
||||
if (sha == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
XMEMSET(sha, 0, sizeof(Sha));
|
||||
|
||||
/* Set buffer for context */
|
||||
buf[0].BufferType = DataBuffer | LastBuffer;
|
||||
buf[0].TheAddress = (Address)sha->ctx;
|
||||
buf[0].Length = digestSz + WC_CAAM_CTXLEN;
|
||||
buf[0].Transferred = 0;
|
||||
|
||||
arg[0] = CAAM_ALG_INIT;
|
||||
arg[1] = digestSz + WC_CAAM_CTXLEN;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, type)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM SHA init");
|
||||
return ret;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static int _ShaUpdate(Sha* sha, const byte* data, word32 len, word32 digestSz,
|
||||
word32 type)
|
||||
{
|
||||
Buffer buf[2];
|
||||
word32 arg[4];
|
||||
int ret;
|
||||
byte* local;
|
||||
|
||||
if (sha == NULL ||(data == NULL && len > 0)) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (len == 0) return 0; /* nothing to do */
|
||||
|
||||
local = (byte*)sha->buffer;
|
||||
/* check for filling out existing buffer */
|
||||
if (sha->buffLen > 0) {
|
||||
word32 add = min(len, WC_CAAM_HASH_BLOCK - sha->buffLen);
|
||||
XMEMCPY(&local[sha->buffLen], data, add);
|
||||
|
||||
sha->buffLen += add;
|
||||
data += add;
|
||||
len -= add;
|
||||
|
||||
if (sha->buffLen == WC_CAAM_HASH_BLOCK) {
|
||||
/* Set buffer for context */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
buf[0].TheAddress = (Address)sha->ctx;
|
||||
buf[0].Length = digestSz + WC_CAAM_CTXLEN;
|
||||
buf[0].Transferred = 0;
|
||||
|
||||
/* data to update with */
|
||||
buf[1].BufferType = DataBuffer | LastBuffer;
|
||||
buf[1].TheAddress = (Address)sha->buffer;
|
||||
buf[1].Length = sha->buffLen;
|
||||
buf[1].Transferred = 0;
|
||||
|
||||
arg[0] = CAAM_ALG_UPDATE;
|
||||
arg[1] = digestSz + WC_CAAM_CTXLEN;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, type)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM SHA update");
|
||||
return ret;
|
||||
}
|
||||
sha->buffLen = 0; /* cleared out buffer */
|
||||
}
|
||||
}
|
||||
|
||||
/* check if multiple full blocks can be done */
|
||||
if (len >= WC_CAAM_HASH_BLOCK) {
|
||||
word32 sz = len / WC_CAAM_HASH_BLOCK;
|
||||
sz = sz * WC_CAAM_HASH_BLOCK;
|
||||
|
||||
/* Set buffer for context */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
buf[0].TheAddress = (Address)sha->ctx;
|
||||
buf[0].Length = digestSz + WC_CAAM_CTXLEN;
|
||||
buf[0].Transferred = 0;
|
||||
|
||||
/* data to update with */
|
||||
buf[1].BufferType = DataBuffer | LastBuffer;
|
||||
buf[1].TheAddress = (Address)data;
|
||||
buf[1].Length = sz;
|
||||
buf[1].Transferred = 0;
|
||||
|
||||
arg[0] = CAAM_ALG_UPDATE;
|
||||
arg[1] = digestSz + WC_CAAM_CTXLEN;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, type)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM SHA update");
|
||||
return ret;
|
||||
}
|
||||
|
||||
len -= sz;
|
||||
data += sz;
|
||||
}
|
||||
|
||||
/* check for left overs */
|
||||
if (len > 0) {
|
||||
word32 add = min(len, WC_CAAM_HASH_BLOCK - sha->buffLen);
|
||||
XMEMCPY(&local[sha->buffLen], data, add);
|
||||
sha->buffLen += add;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static int _ShaFinal(Sha* sha, byte* out, word32 digestSz,
|
||||
word32 type)
|
||||
{
|
||||
Buffer buf[2];
|
||||
word32 arg[4];
|
||||
int ret;
|
||||
|
||||
if (sha == NULL || out == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* Set buffer for context */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
buf[0].TheAddress = (Address)sha->ctx;
|
||||
buf[0].Length = digestSz + WC_CAAM_CTXLEN;
|
||||
buf[0].Transferred = 0;
|
||||
|
||||
/* add any potential left overs */
|
||||
buf[1].BufferType = DataBuffer | LastBuffer;
|
||||
buf[1].TheAddress = (Address)sha->buffer;
|
||||
buf[1].Length = sha->buffLen;
|
||||
buf[1].Transferred = 0;
|
||||
|
||||
arg[0] = CAAM_ALG_FINAL;
|
||||
arg[1] = digestSz + WC_CAAM_CTXLEN;
|
||||
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, type)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM SHA init");
|
||||
return ret;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/******************************************************************************
|
||||
MD5
|
||||
****************************************************************************/
|
||||
#if !defined(NO_MD5)
|
||||
int wc_InitMd5_ex(wc_Md5* sha, void* heap, int devId)
|
||||
{
|
||||
return _InitSha(sha, heap, devId, MD5_DIGEST_SIZE, CAAM_MD5);
|
||||
}
|
||||
|
||||
|
||||
int wc_Md5Update(wc_Md5* sha, const byte* data, word32 len)
|
||||
{
|
||||
return _ShaUpdate(sha, data, len, MD5_DIGEST_SIZE, CAAM_MD5);
|
||||
}
|
||||
|
||||
|
||||
int wc_Md5Final(wc_Md5* sha, byte* hash)
|
||||
{
|
||||
int ret;
|
||||
if ((ret = _ShaFinal(sha, hash, MD5_DIGEST_SIZE, CAAM_MD5)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
XMEMCPY(hash, (byte*)sha->ctx, MD5_DIGEST_SIZE);
|
||||
return _InitSha(sha, NULL, 0, MD5_DIGEST_SIZE, CAAM_MD5);
|
||||
}
|
||||
#endif /* !NO_MD5 */
|
||||
|
||||
|
||||
/******************************************************************************
|
||||
SHA 1
|
||||
****************************************************************************/
|
||||
#if !defined(NO_SHA)
|
||||
int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
|
||||
{
|
||||
return _InitSha(sha, heap, devId, SHA_DIGEST_SIZE, CAAM_SHA);
|
||||
}
|
||||
|
||||
|
||||
int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
|
||||
{
|
||||
return _ShaUpdate(sha, data, len, SHA_DIGEST_SIZE, CAAM_SHA);
|
||||
}
|
||||
|
||||
|
||||
int wc_ShaFinal(wc_Sha* sha, byte* out)
|
||||
{
|
||||
int ret;
|
||||
if ((ret = _ShaFinal(sha, out, SHA_DIGEST_SIZE, CAAM_SHA)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
XMEMCPY(out, (byte*)sha->ctx, SHA_DIGEST_SIZE);
|
||||
return _InitSha(sha, NULL, 0, SHA_DIGEST_SIZE, CAAM_SHA);
|
||||
}
|
||||
#endif /* !NO_SHA */
|
||||
|
||||
|
||||
/******************************************************************************
|
||||
SHA 224
|
||||
****************************************************************************/
|
||||
#ifdef WOLFSSL_SHA224
|
||||
int wc_InitSha224_ex(wc_Sha224* sha, void* heap, int devId)
|
||||
{
|
||||
return _InitSha(sha, heap, devId, SHA256_DIGEST_SIZE, CAAM_SHA224);
|
||||
}
|
||||
|
||||
|
||||
int wc_Sha224Update(wc_Sha224* sha, const byte* data, word32 len)
|
||||
{
|
||||
return _ShaUpdate(sha, data, len, SHA256_DIGEST_SIZE, CAAM_SHA224);
|
||||
}
|
||||
|
||||
|
||||
int wc_Sha224Final(wc_Sha224* sha, byte* out)
|
||||
{
|
||||
int ret;
|
||||
if ((ret = _ShaFinal(sha, out, SHA256_DIGEST_SIZE, CAAM_SHA224)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
XMEMCPY(out, (byte*)sha->ctx, SHA224_DIGEST_SIZE);
|
||||
return _InitSha(sha, NULL, 0, SHA256_DIGEST_SIZE, CAAM_SHA224);
|
||||
}
|
||||
#endif /* WOLFSSL_SHA224 */
|
||||
|
||||
|
||||
/******************************************************************************
|
||||
SHA 256
|
||||
****************************************************************************/
|
||||
#if !defined(NO_SHA256)
|
||||
int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
|
||||
{
|
||||
return _InitSha(sha, heap, devId, SHA256_DIGEST_SIZE, CAAM_SHA256);
|
||||
}
|
||||
|
||||
|
||||
int wc_Sha256Update(wc_Sha256* sha, const byte* data, word32 len)
|
||||
{
|
||||
return _ShaUpdate(sha, data, len, SHA256_DIGEST_SIZE, CAAM_SHA256);
|
||||
}
|
||||
|
||||
|
||||
int wc_Sha256Final(wc-Sha256* sha, byte* out)
|
||||
{
|
||||
int ret;
|
||||
if ((ret = _ShaFinal(sha, out, SHA256_DIGEST_SIZE, CAAM_SHA256)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
XMEMCPY(out, (byte*)sha->ctx, SHA256_DIGEST_SIZE);
|
||||
return _InitSha(sha, NULL, 0, SHA256_DIGEST_SIZE, CAAM_SHA256);
|
||||
}
|
||||
#endif /* !NO_SHA256 */
|
||||
|
||||
|
||||
/******************************************************************************
|
||||
SHA 384
|
||||
****************************************************************************/
|
||||
#ifdef WOLFSSL_SHA384
|
||||
int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devId)
|
||||
{
|
||||
return _InitSha(sha, heap, devId, SHA512_DIGEST_SIZE, CAAM_SHA384);
|
||||
}
|
||||
|
||||
|
||||
int wc_Sha384Update(wc_Sha384* sha, const byte* data, word32 len)
|
||||
{
|
||||
return _ShaUpdate(sha, data, len, SHA512_DIGEST_SIZE, CAAM_SHA384);
|
||||
}
|
||||
|
||||
|
||||
int wc_Sha384Final(wc_Sha384* sha, byte* out)
|
||||
{
|
||||
int ret;
|
||||
if ((ret = _ShaFinal(sha, out, SHA512_DIGEST_SIZE, CAAM_SHA384)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
XMEMCPY(out, (byte*)sha->ctx, SHA384_DIGEST_SIZE);
|
||||
return _InitSha(sha, NULL, 0, SHA512_DIGEST_SIZE, CAAM_SHA384);
|
||||
}
|
||||
#endif /* WOLFSSL_SHA384 */
|
||||
|
||||
|
||||
|
||||
/******************************************************************************
|
||||
SHA 512
|
||||
****************************************************************************/
|
||||
#ifdef WOLFSSL_SHA512
|
||||
int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devId)
|
||||
{
|
||||
return _InitSha(sha, heap, devId, SHA512_DIGEST_SIZE, CAAM_SHA512);
|
||||
}
|
||||
|
||||
|
||||
int wc_Sha512Update(wc_Sha512* sha, const byte* data, word32 len)
|
||||
{
|
||||
return _ShaUpdate(sha, data, len, SHA512_DIGEST_SIZE, CAAM_SHA512);
|
||||
}
|
||||
|
||||
|
||||
int wc_Sha512Final(wc_Sha512* sha, byte* out)
|
||||
{
|
||||
int ret;
|
||||
if ((ret = _ShaFinal(sha, out, SHA512_DIGEST_SIZE, CAAM_SHA512)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
XMEMCPY(out, (byte*)sha->ctx, SHA512_DIGEST_SIZE);
|
||||
return _InitSha(sha, NULL, 0, SHA512_DIGEST_SIZE, CAAM_SHA512);
|
||||
}
|
||||
#endif /* WOLFSSL_SHA512 */
|
||||
|
||||
#endif /* WOLFSSL_IMX6_CAAM */
|
||||
|
|
@ -1628,6 +1628,49 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
|
|||
return 0;
|
||||
}
|
||||
|
||||
#elif (defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG))
|
||||
|
||||
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
|
||||
#include <wolfssl/wolfcrypt/port/caam/caam_driver.h>
|
||||
|
||||
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
|
||||
{
|
||||
Buffer buf[1];
|
||||
int ret = 0;
|
||||
int times = 10, i;
|
||||
|
||||
(void)os;
|
||||
|
||||
if (output == NULL) {
|
||||
return BUFFER_E;
|
||||
}
|
||||
|
||||
buf[0].BufferType = DataBuffer | LastBuffer;
|
||||
buf[0].TheAddress = (Address)output;
|
||||
buf[0].Length = sz;
|
||||
|
||||
/* Check Waiting to make sure entropy is ready */
|
||||
for (i = 0; i < times; i++) {
|
||||
ret = wc_caamAddAndWait(buf, NULL, CAAM_ENTROPY);
|
||||
if (ret == Success) {
|
||||
break;
|
||||
}
|
||||
if (ret != Waiting) {
|
||||
return ret;
|
||||
}
|
||||
sleep(1);
|
||||
}
|
||||
|
||||
if (i == times && ret != Success) {
|
||||
return RNG_FAILURE_E;
|
||||
}
|
||||
else { /* Success case */
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#elif defined(CUSTOM_RAND_GENERATE_BLOCK)
|
||||
/* #define CUSTOM_RAND_GENERATE_BLOCK myRngFunc
|
||||
* extern int myRngFunc(byte* output, word32 sz);
|
||||
|
|
|
@ -316,6 +316,8 @@ static INLINE void AddLength(wc_Sha* sha, word32 len);
|
|||
return ret;
|
||||
}
|
||||
|
||||
#elif defined(WOLFSSL_IMX6_CAAM)
|
||||
/* wolfcrypt/src/port/caam/caam_sha.c */
|
||||
#else
|
||||
|
||||
/* Software implementation */
|
||||
|
|
|
@ -117,7 +117,8 @@
|
|||
|
||||
static INLINE void AddLength(wc_Sha256* sha256, word32 len);
|
||||
|
||||
#if !defined(WOLFSSL_PIC32MZ_HASH) && !defined(STM32_HASH)
|
||||
#if !defined(WOLFSSL_PIC32MZ_HASH) && !defined(STM32_HASH) && \
|
||||
!defined(WOLFSSL_IMX6_CAAM)
|
||||
static int InitSha256(wc_Sha256* sha256)
|
||||
{
|
||||
int ret = 0;
|
||||
|
@ -518,7 +519,8 @@ static int InitSha256(wc_Sha256* sha256)
|
|||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#elif defined(WOLFSSL_IMX6_CAAM)
|
||||
/* functions defined in wolfcrypt/src/port/caam/caam_sha256.c */
|
||||
#else
|
||||
#define NEED_SOFT_SHA256
|
||||
|
||||
|
@ -2706,8 +2708,13 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256,
|
|||
return ret;
|
||||
}
|
||||
|
||||
#elif defined(WOLFSSL_IMX6_CAAM)
|
||||
/* functions defined in wolfcrypt/src/port/caam/caam_sha256.c */
|
||||
#else
|
||||
|
||||
#define NEED_SOFT_SHA224
|
||||
|
||||
|
||||
static int InitSha224(wc_Sha224* sha224)
|
||||
{
|
||||
int ret = 0;
|
||||
|
@ -2739,6 +2746,7 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256,
|
|||
|
||||
#endif /* STM32_HASH */
|
||||
|
||||
#if defined(NEED_SOFT_SHA224) || defined(STM32_HASH)
|
||||
int wc_InitSha224_ex(wc_Sha224* sha224, void* heap, int devId)
|
||||
{
|
||||
int ret = 0;
|
||||
|
@ -2762,11 +2770,6 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256,
|
|||
return ret;
|
||||
}
|
||||
|
||||
int wc_InitSha224(wc_Sha224* sha224)
|
||||
{
|
||||
return wc_InitSha224_ex(sha224, NULL, INVALID_DEVID);
|
||||
}
|
||||
|
||||
int wc_Sha224Update(wc_Sha224* sha224, const byte* data, word32 len)
|
||||
{
|
||||
int ret;
|
||||
|
@ -2816,6 +2819,12 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256,
|
|||
|
||||
return InitSha224(sha224); /* reset state */
|
||||
}
|
||||
#endif /* end of SHA224 software implementation */
|
||||
|
||||
int wc_InitSha224(wc_Sha224* sha224)
|
||||
{
|
||||
return wc_InitSha224_ex(sha224, NULL, INVALID_DEVID);
|
||||
}
|
||||
|
||||
void wc_Sha224Free(wc_Sha224* sha224)
|
||||
{
|
||||
|
@ -2826,7 +2835,6 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256,
|
|||
wolfAsync_DevCtxFree(&sha224->asyncDev, WOLFSSL_ASYNC_MARKER_SHA224);
|
||||
#endif /* WOLFSSL_ASYNC_CRYPT */
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_SHA224 */
|
||||
|
||||
|
||||
|
|
|
@ -168,6 +168,10 @@
|
|||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM /* hardware */
|
||||
/* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
|
||||
#else
|
||||
|
||||
static int InitSha512(wc_Sha512* sha512)
|
||||
{
|
||||
if (sha512 == NULL)
|
||||
|
@ -623,7 +627,7 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
|
|||
|
||||
return Sha512Update(sha512, data, len);
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_IMX6_CAAM */
|
||||
|
||||
static INLINE int Sha512Final(wc_Sha512* sha512)
|
||||
{
|
||||
|
@ -2540,6 +2544,11 @@ static int Transform_Sha512_AVX2_RORX_Len(wc_Sha512* sha512, word32 len)
|
|||
/* SHA384 */
|
||||
/* -------------------------------------------------------------------------- */
|
||||
#ifdef WOLFSSL_SHA384
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM /* hardware */
|
||||
/* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
|
||||
#else
|
||||
|
||||
static int InitSha384(wc_Sha384* sha384)
|
||||
{
|
||||
if (sha384 == NULL) {
|
||||
|
@ -2644,6 +2653,7 @@ int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
|
|||
return ret;
|
||||
}
|
||||
#endif
|
||||
#endif /* WOLFSSL_IMX6_CAAM */
|
||||
|
||||
int wc_InitSha384(wc_Sha384* sha384)
|
||||
{
|
||||
|
|
|
@ -59,6 +59,11 @@
|
|||
#include <wolfssl/wolfcrypt/mem_track.h>
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) || \
|
||||
defined(WOLFSSL_IMX6_CAAM_BLOB)
|
||||
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
|
||||
#endif
|
||||
|
||||
#ifdef _MSC_VER
|
||||
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
|
||||
#pragma warning(disable: 4996)
|
||||
|
@ -153,6 +158,13 @@ int wolfCrypt_Init(void)
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) || \
|
||||
defined(WOLFSSL_IMX6_CAAM_BLOB)
|
||||
if ((ret = wc_caamInit()) != 0) {
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
initRefCount = 1;
|
||||
}
|
||||
|
||||
|
@ -189,6 +201,11 @@ int wolfCrypt_Cleanup(void)
|
|||
wolfAsync_HardwareStop();
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) || \
|
||||
defined(WOLFSSL_IMX6_CAAM_BLOB)
|
||||
wc_caamFree();
|
||||
#endif
|
||||
|
||||
initRefCount = 0; /* allow re-init */
|
||||
}
|
||||
|
||||
|
|
|
@ -113,6 +113,9 @@
|
|||
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
|
||||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
#endif
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
|
||||
#endif
|
||||
|
||||
/* only for stack size check */
|
||||
#ifdef HAVE_STACK_SIZE
|
||||
|
@ -317,6 +320,9 @@ int mutex_test(void);
|
|||
#if defined(USE_WOLFSSL_MEMORY) && !defined(FREERTOS)
|
||||
int memcb_test(void);
|
||||
#endif
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
int blob_test(void);
|
||||
#endif
|
||||
|
||||
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND) && \
|
||||
!defined(OPENSSL_EXTRA) && !defined(HAVE_STACK_SIZE)
|
||||
|
@ -874,6 +880,13 @@ int wolfcrypt_test(void* args)
|
|||
printf( "memcb test passed!\n");
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
if ( (ret = blob_test()) != 0)
|
||||
return err_sys("blob test failed!\n", ret);
|
||||
else
|
||||
printf( "blob test passed!\n");
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
wolfAsync_DevClose(&devId);
|
||||
#endif
|
||||
|
@ -15266,6 +15279,85 @@ exit_memcb:
|
|||
}
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM_BLOB
|
||||
int blob_test(void)
|
||||
{
|
||||
int ret = 0;
|
||||
byte out[112];
|
||||
byte blob[112];
|
||||
word32 outSz;
|
||||
|
||||
const byte iv[] =
|
||||
{
|
||||
0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,
|
||||
0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
|
||||
};
|
||||
|
||||
const byte text[] =
|
||||
{
|
||||
0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
|
||||
0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,
|
||||
0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,
|
||||
0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,
|
||||
0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11,
|
||||
0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,
|
||||
0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,
|
||||
0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10
|
||||
};
|
||||
|
||||
|
||||
memset(blob, 0, sizeof(blob));
|
||||
outSz = sizeof(blob);
|
||||
ret = wc_caamCreateBlob((byte*)iv, sizeof(iv), blob, &outSz);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-8200, exit_blob);
|
||||
}
|
||||
|
||||
blob[outSz - 2] += 1;
|
||||
ret = wc_caamOpenBlob(blob, outSz, out, &outSz);
|
||||
if (ret == 0) { /* should fail with altered blob */
|
||||
ERROR_OUT(-8201, exit_blob);
|
||||
}
|
||||
|
||||
memset(blob, 0, sizeof(blob));
|
||||
outSz = sizeof(blob);
|
||||
ret = wc_caamCreateBlob((byte*)iv, sizeof(iv), blob, &outSz);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-8202, exit_blob);
|
||||
}
|
||||
|
||||
ret = wc_caamOpenBlob(blob, outSz, out, &outSz);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-8203, exit_blob);
|
||||
}
|
||||
|
||||
if (XMEMCMP(out, iv, sizeof(iv))) {
|
||||
ERROR_OUT(-8204, exit_blob);
|
||||
}
|
||||
|
||||
memset(blob, 0, sizeof(blob));
|
||||
outSz = sizeof(blob);
|
||||
ret = wc_caamCreateBlob((byte*)text, sizeof(text), blob, &outSz);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-8205, exit_blob);
|
||||
}
|
||||
|
||||
ret = wc_caamOpenBlob(blob, outSz, out, &outSz);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-8206, exit_blob);
|
||||
}
|
||||
|
||||
if (XMEMCMP(out, text, sizeof(text))) {
|
||||
ERROR_OUT(-8207, exit_blob);
|
||||
}
|
||||
|
||||
exit_blob:
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_IMX6_CAAM_BLOB */
|
||||
|
||||
#undef ERROR_OUT
|
||||
|
||||
#else
|
||||
|
|
|
@ -790,7 +790,11 @@ static INLINE int tcp_select(SOCKET_T socketfd, int to_sec)
|
|||
{
|
||||
fd_set recvfds, errfds;
|
||||
SOCKET_T nfds = socketfd + 1;
|
||||
struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0};
|
||||
#if !defined(__INTEGRITY)
|
||||
struct timeval timeout = {(to_sec > 0) ? to_sec : 0, 0};
|
||||
#else
|
||||
struct timeval timeout;
|
||||
#endif
|
||||
int result;
|
||||
|
||||
FD_ZERO(&recvfds);
|
||||
|
@ -798,6 +802,9 @@ static INLINE int tcp_select(SOCKET_T socketfd, int to_sec)
|
|||
FD_ZERO(&errfds);
|
||||
FD_SET(socketfd, &errfds);
|
||||
|
||||
#if defined(__INTEGRITY)
|
||||
timeout.tv_sec = (long long)(to_sec > 0) ? to_sec : 0, 0;
|
||||
#endif
|
||||
result = select(nfds, &recvfds, NULL, &errfds, &timeout);
|
||||
|
||||
if (result == 0)
|
||||
|
|
|
@ -191,8 +191,9 @@ enum {
|
|||
|
||||
ECC_PRIVATEONLY_E = -246, /* Invalid use of private only ECC key*/
|
||||
EXTKEYUSAGE_E = -247, /* Bad Extended Key Usage value */
|
||||
WC_CAAM_E = -248, /* Error with CAAM use */
|
||||
|
||||
WC_LAST_E = -247, /* Update this to indicate last error */
|
||||
WC_LAST_E = -248, /* Update this to indicate last error */
|
||||
MIN_CODE_E = -300 /* errors -101 - -299 */
|
||||
|
||||
/* add new companion error id strings for any new error codes
|
||||
|
|
|
@ -70,7 +70,10 @@ noinst_HEADERS+= \
|
|||
wolfssl/wolfcrypt/port/nrf51.h \
|
||||
wolfssl/wolfcrypt/port/nxp/ksdk_port.h \
|
||||
wolfssl/wolfcrypt/port/atmel/atmel.h \
|
||||
wolfssl/wolfcrypt/port/xilinx/xil-sha3.h
|
||||
wolfssl/wolfcrypt/port/xilinx/xil-sha3.h \
|
||||
wolfssl/wolfcrypt/port/caam/caam_driver.h \
|
||||
wolfssl/wolfcrypt/port/caam/wolfcaam.h \
|
||||
wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h
|
||||
|
||||
if BUILD_ASYNCCRYPT
|
||||
nobase_include_HEADERS+= wolfssl/wolfcrypt/async.h
|
||||
|
|
|
@ -63,6 +63,8 @@ enum {
|
|||
|
||||
#ifdef WOLFSSL_TI_HASH
|
||||
#include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
|
||||
#elif defined(WOLFSSL_IMX6_CAAM)
|
||||
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
|
||||
#else
|
||||
|
||||
/* MD5 digest */
|
||||
|
|
|
@ -0,0 +1,184 @@
|
|||
/* caam_driver.h
|
||||
*
|
||||
* Copyright (C) 2006-2016 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#ifndef CAAM_DRIVER_H
|
||||
#define CAAM_DRIVER_H
|
||||
|
||||
#define CAAM_BASE 0xf2100000
|
||||
|
||||
#define CAAM_PAGE 0xf0100000
|
||||
#define CAAM_PAGE_MAX 6
|
||||
|
||||
/******************************************************************************
|
||||
Basic Descriptors
|
||||
****************************************************************************/
|
||||
|
||||
/* descriptor commands */
|
||||
#define CAAM_KEY 0x00000000
|
||||
#define CAAM_LOAD 0x10000000
|
||||
#define CAAM_LOAD_CTX 0x10200000
|
||||
#define CAAM_IMM 0x00800000
|
||||
#define CAAM_FIFO_L 0x20000000
|
||||
#define CAAM_FIFO_S 0x60000000
|
||||
#define CAAM_FIFO_S_SKEY 0x60260000
|
||||
#define CAAM_STORE 0x50000000
|
||||
#define CAAM_STORE_CTX 0x50200000
|
||||
#define CAAM_MOVE 0x78000000
|
||||
#define CAAM_OP 0x80000000
|
||||
#define CAAM_SIG 0x90000000
|
||||
#define CAAM_JUMP 0xA0000000
|
||||
#define CAAM_SEQI 0xF0000000/* SEQ in */
|
||||
#define CAAM_SEQO 0xF8000000/* SEQ out */
|
||||
#define CAAM_HEAD 0xB0800000
|
||||
#define CAAM_NWB 0x00200000
|
||||
|
||||
#define CAAM_BLOB_ENCAP 0x07000000
|
||||
#define CAAM_BLOB_DECAP 0x06000000
|
||||
#define CAAM_OPID_BLOB 0x000D0000
|
||||
|
||||
/* algorithms modes and types */
|
||||
#define CAAM_CLASS1 0x02000000/* i.e. AES */
|
||||
#define CAAM_CLASS2 0x04000000/* i.e. hash algos */
|
||||
|
||||
#define CAAM_ENC 0x0000000D/* init and finalize with enc */
|
||||
#define CAAM_DEC 0x00000000
|
||||
#define CAAM_ALG_INIT 0x00000004
|
||||
#define CAAM_ALG_INITF 0x0000000C
|
||||
#define CAAM_ALG_UPDATE 0x00000000
|
||||
#define CAAM_ALG_FINAL 0x00000008
|
||||
|
||||
/* AES 10h */
|
||||
#define CAAM_AESCTR 0x00100000
|
||||
#define CAAM_AESCBC 0x00100100
|
||||
#define CAAM_AESECB 0x00100200
|
||||
#define CAAM_AESCFB 0x00100300
|
||||
#define CAAM_AESOFB 0x00100400
|
||||
#define CAAM_CMAC 0x00100600
|
||||
#define CAAM_AESCCM 0x00100800
|
||||
|
||||
/* HASH 40h */
|
||||
#define CAAM_MD5 0x00400000
|
||||
#define CAAM_SHA 0x00410000
|
||||
#define CAAM_SHA224 0x00420000
|
||||
#define CAAM_SHA256 0x00430000
|
||||
#define CAAM_SHA384 0x00440000
|
||||
#define CAAM_SHA512 0x00450000
|
||||
|
||||
/* HMAC 40h + 10 AAI */
|
||||
#define CAAM_HMAC_MD5 0x00400010
|
||||
#define CAAM_HMAC_SHA 0x00410010
|
||||
#define CAAM_HMAC_SHA224 0x00420010
|
||||
#define CAAM_HMAC_SHA256 0x00430010
|
||||
#define CAAM_HMAC_SHA384 0x00440010
|
||||
#define CAAM_HMAC_SHA512 0x00450010
|
||||
|
||||
#define CAAM_MD5_CTXSZ (16 + 8)
|
||||
#define CAAM_SHA_CTXSZ (20 + 8)
|
||||
#define CAAM_SHA224_CTXSZ (32 + 8)
|
||||
#define CAAM_SHA256_CTXSZ (32 + 8)
|
||||
#define CAAM_SHA384_CTXSZ (64 + 8)
|
||||
#define CAAM_SHA512_CTXSZ (64 + 8)
|
||||
|
||||
/* RNG 50h */
|
||||
#define CAAM_RNG 0x00500000
|
||||
|
||||
/* Used to get raw entropy from TRNG */
|
||||
#define CAAM_ENTROPY 0x00500001
|
||||
|
||||
#define FIFOL_TYPE_MSG 0x00100000
|
||||
#define FIFOL_TYPE_AAD 0x00300000
|
||||
#define FIFOL_TYPE_LC1 0x00020000
|
||||
#define FIFOL_TYPE_LC2 0x00040000
|
||||
|
||||
#define FIFOS_TYPE_MSG 0x00300000
|
||||
|
||||
#define CAAM_PAGE_SZ 4096
|
||||
|
||||
/* RNG Registers */
|
||||
#define CAAM_RTMCTL CAAM_BASE + 0X0600
|
||||
#define CAAM_RTSDCTL CAAM_BASE + 0X0610
|
||||
#define CAAM_RTFRQMIN CAAM_BASE + 0X0618
|
||||
#define CAAM_RTFRQMAX CAAM_BASE + 0X061C
|
||||
#define CAAM_RDSTA CAAM_BASE + 0X06C0
|
||||
#define CAAM_RTSTATUS CAAM_BASE + 0x063C
|
||||
|
||||
/* each of the following 11 RTENT registers are an offset of 4 from RTENT0 */
|
||||
#define CAAM_RTENT0 CAAM_BASE + 0x0640
|
||||
#define CAAM_RTENT11 CAAM_BASE + 0x066C /* Max RTENT register */
|
||||
|
||||
/* RNG Masks/Values */
|
||||
#ifndef CAAM_ENT_DLY
|
||||
#define CAAM_ENT_DLY 1200 /* @TODO lower value may gain performance */
|
||||
#endif
|
||||
#define CAAM_PRGM 0x00010000 /* Set RTMCTL to program state */
|
||||
#define CAAM_TRNG 0x00000020 /* Set TRNG access */
|
||||
#define CAAM_CTLERR 0x00001000
|
||||
#define CAAM_ENTVAL 0x00000400 /* checking RTMCTL for entropy ready */
|
||||
|
||||
/* Input Job Ring Registers */
|
||||
#define CAAM_IRBAR0 CAAM_BASE + 0x1004
|
||||
#define CAAM_IRSR0 CAAM_BASE + 0x100C
|
||||
#define CAAM_IRJAR0 CAAM_BASE + 0x101C
|
||||
|
||||
/* Ouput Job Ring Registers */
|
||||
#define CAAM_ORBAR0 CAAM_BASE + 0x1024
|
||||
#define CAAM_ORSR0 CAAM_BASE + 0x102C
|
||||
#define CAAM_ORJAR0 CAAM_BASE + 0x103C
|
||||
|
||||
|
||||
/* Status Registers */
|
||||
#define CAAM_STATUS CAAM_BASE + 0x0FD4
|
||||
#define CAAM_VERSION_MS CAAM_BASE + 0x0FE8
|
||||
#define CAAM_VERSION_LS CAAM_BASE + 0x0FEC
|
||||
#define CAMM_SUPPORT_MS CAAM_BASE + 0x0FF0
|
||||
#define CAMM_SUPPORT_LS CAAM_BASE + 0x0FF4
|
||||
|
||||
|
||||
#define CAAM_C1DSR_LS CAAM_BASE + 0x8014
|
||||
#define CAAM_C1MR CAAM_BASE + 0x8004
|
||||
|
||||
|
||||
/* output FIFO is 16 entries deep and each entry has a two 4 byte registers */
|
||||
#define CAAM_FIFOO_MS CAAM_BASE + 0x87F0
|
||||
#define CAAM_FIFOO_LS CAAM_BASE + 0x87F4
|
||||
|
||||
/* input FIFO is 16 entries deep with each entry having two 4 byte registers
|
||||
All data writin to it from IP bus should be in big endian format */
|
||||
#define CAAM_FIFOI_LS CAAM_BASE + 0x87E0
|
||||
|
||||
/* offset of 4 with range 0 .. 13 */
|
||||
#define CAAM_CTX1 CAAM_BASE + 0x8100
|
||||
#define CAAM_CTRIV CAAM_CTX1 + 8 /* AES-CTR iv is in 2 and 3 */
|
||||
#define CAAM_CBCIV CAAM_CTX1 /* AES-CBC iv is in 1 and 2 */
|
||||
|
||||
|
||||
|
||||
/* instantiate RNG and create JDKEK, TDKEK, and TDSK key */
|
||||
static unsigned int wc_rng_start[] = {
|
||||
CAAM_HEAD | 0x00000006,
|
||||
CAAM_OP | CAAM_CLASS1 | CAAM_RNG | 0x00000004, /* Instantiate RNG handle 0 with TRNG */
|
||||
CAAM_JUMP | 0x02000001, /* wait for Class1 RNG and jump to next cmd */
|
||||
CAAM_LOAD | 0x00880004, /* Load to clear written register */
|
||||
0x00000001, /* reset done interupt */
|
||||
CAAM_OP | CAAM_CLASS1 | CAAM_RNG | 0x00001000 /* Generate secure keys */
|
||||
};
|
||||
|
||||
#endif /* CAAM_DRIVER_H */
|
|
@ -0,0 +1,70 @@
|
|||
/* wolfcaam.h
|
||||
*
|
||||
* Copyright (C) 2006-2016 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#ifndef WOLF_CRYPT_CAAM_INIT_H
|
||||
#define WOLF_CRYPT_CAAM_INIT_H
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
|
||||
#if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG)
|
||||
|
||||
#include <wolfssl/wolfcrypt/types.h>
|
||||
|
||||
#if defined(__INTEGRITY) || defined(INTEGRITY)
|
||||
#include <INTEGRITY.h>
|
||||
#endif
|
||||
|
||||
WOLFSSL_LOCAL int wc_caamInit(void);
|
||||
WOLFSSL_LOCAL int wc_caamFree(void);
|
||||
WOLFSSL_LOCAL int wc_caamInitRng(void);
|
||||
WOLFSSL_LOCAL int wc_caamFreeRng(void);
|
||||
|
||||
WOLFSSL_LOCAL word32 wc_caamReadRegister(word32 reg);
|
||||
WOLFSSL_LOCAL void wc_caamWriteRegister(word32 reg, word32 value);
|
||||
WOLFSSL_LOCAL int wc_caamAddAndWait(Buffer* buf, word32 arg[4], word32 type);
|
||||
|
||||
WOLFSSL_API int wc_caamSetResource(IODevice ioDev);
|
||||
|
||||
WOLFSSL_API int wc_caamOpenBlob(byte* data, word32 dataSz, byte* out,
|
||||
word32* outSz);
|
||||
WOLFSSL_API int wc_caamCreateBlob(byte* data, word32 dataSz, byte* out,
|
||||
word32* outSz);
|
||||
|
||||
/* Status Registers */
|
||||
#define WC_CAAM_STATUS WC_CAAM_BASE + 0x0FD4
|
||||
#define WC_CAAM_VERSION_MS WC_CAAM_BASE + 0x0FE8
|
||||
#define WC_CAAM_VERSION_LS WC_CAAM_BASE + 0x0FEC
|
||||
#define WC_CAMM_SUPPORT_MS WC_CAAM_BASE + 0x0FF0
|
||||
#define WC_CAMM_SUPPORT_LS WC_CAAM_BASE + 0x0FF4
|
||||
|
||||
/* additional size that is added by CAAM when creating a blob */
|
||||
#define WC_CAAM_BLOB_SZ 48
|
||||
|
||||
#ifndef WC_CAAM_READ
|
||||
#define WC_CAAM_READ(reg) wc_caamReadRegister((reg))
|
||||
#endif
|
||||
#ifndef WC_CAAM_WRITE
|
||||
#define WC_CAAM_WRITE(reg, x) wc_caamWriteRegister((reg), (x))
|
||||
#endif
|
||||
|
||||
#endif /* WOLFSSL_IMX6_CAAM */
|
||||
|
||||
#endif /* WOLF_CRYPT_CAAM_INIT_H */
|
|
@ -0,0 +1,86 @@
|
|||
/* wolfcaam_sha.h
|
||||
*
|
||||
* Copyright (C) 2006-2016 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#ifndef WOLF_CRYPT_CAAM_SHA_H
|
||||
#define WOLF_CRYPT_CAAM_SHA_H
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM
|
||||
|
||||
#include <wolfssl/wolfcrypt/types.h>
|
||||
|
||||
#ifndef WC_CAAM_CTXLEN
|
||||
/* last 8 bytes of context is for length */
|
||||
#define WC_CAAM_CTXLEN 8
|
||||
#endif
|
||||
|
||||
#ifndef WC_CAAM_HASH_BLOCK
|
||||
/* define sha structures and also get the max possible digest. Start with SHA
|
||||
digest size */
|
||||
#define WC_CAAM_HASH_BLOCK 64
|
||||
#endif
|
||||
|
||||
#ifndef WC_CAAM_MAX_DIGEST
|
||||
#define WC_CAAM_MAX_DIGEST 20
|
||||
#ifdef WOLFSSL_SHA224
|
||||
#undef WC_CAAM_MAX_DIGEST
|
||||
#define WC_CAAM_MAX_DIGEST 32
|
||||
#endif
|
||||
|
||||
#ifndef NO_SHA256
|
||||
#undef WC_CAAM_MAX_DIGEST
|
||||
#define WC_CAAM_MAX_DIGEST 32
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SHA384
|
||||
#undef WC_CAAM_MAX_DIGEST
|
||||
#define WC_CAAM_MAX_DIGEST 64
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SHA512
|
||||
#undef WC_CAAM_MAX_DIGEST
|
||||
#define WC_CAAM_MAX_DIGEST 64
|
||||
#endif
|
||||
#endif /* WC_CAAM_MAX_DIGEST */
|
||||
|
||||
|
||||
typedef struct Sha {
|
||||
word32 ctx[(WC_CAAM_MAX_DIGEST + WC_CAAM_CTXLEN) / sizeof(word32)];
|
||||
word32 buffLen; /* in bytes */
|
||||
word32 buffer[WC_CAAM_HASH_BLOCK / sizeof(word32)];
|
||||
} Sha;
|
||||
|
||||
#ifndef NO_MD5
|
||||
typedef struct Sha wc_Md5;
|
||||
#endif
|
||||
|
||||
#ifndef NO_SHA256
|
||||
typedef struct Sha wc_Sha256;
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SHA512
|
||||
typedef struct Sha wc_Sha512;
|
||||
#endif
|
||||
|
||||
#endif /* WOLFSSL_IMX6_CAAM */
|
||||
|
||||
#endif /* WOLF_CRYPT_CAAM_SHA_H */
|
|
@ -1183,6 +1183,12 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
#endif /*(WOLFSSL_XILINX_CRYPT)*/
|
||||
|
||||
#ifdef WOLFSSL_IMX6
|
||||
#ifndef SIZEOF_LONG_LONG
|
||||
#define SIZEOF_LONG_LONG 8
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
|
||||
!defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY) && \
|
||||
!defined(XMALLOC_OVERRIDE)
|
||||
|
|
|
@ -72,7 +72,13 @@ enum {
|
|||
};
|
||||
|
||||
|
||||
#ifndef WOLFSSL_TI_HASH
|
||||
#if defined(WOLFSSL_TI_HASH)
|
||||
#include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
|
||||
|
||||
#elif defined(WOLFSSL_IMX6_CAAM)
|
||||
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
|
||||
|
||||
#else
|
||||
/* Sha digest */
|
||||
typedef struct wc_Sha {
|
||||
#ifdef FREESCALE_LTC_SHA
|
||||
|
@ -100,8 +106,6 @@ typedef struct wc_Sha {
|
|||
#endif /* FREESCALE_LTC_SHA */
|
||||
} wc_Sha;
|
||||
|
||||
#else
|
||||
#include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
|
||||
#endif /* WOLFSSL_TI_HASH */
|
||||
|
||||
|
||||
|
|
|
@ -90,8 +90,11 @@ enum {
|
|||
WC_SHA256_PAD_SIZE = 56
|
||||
};
|
||||
|
||||
#ifndef WOLFSSL_TI_HASH
|
||||
|
||||
#ifdef WOLFSSL_TI_HASH
|
||||
#include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
|
||||
#elif defined(WOLFSSL_IMX6_CAAM)
|
||||
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
|
||||
#else
|
||||
/* wc_Sha256 digest */
|
||||
typedef struct wc_Sha256 {
|
||||
#ifdef FREESCALE_LTC_SHA
|
||||
|
@ -119,8 +122,6 @@ typedef struct wc_Sha256 {
|
|||
#endif /* FREESCALE_LTC_SHA */
|
||||
} wc_Sha256;
|
||||
|
||||
#else
|
||||
#include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
|
||||
#endif
|
||||
|
||||
#endif /* HAVE_FIPS */
|
||||
|
|
|
@ -84,6 +84,9 @@ enum {
|
|||
};
|
||||
|
||||
|
||||
#ifdef WOLFSSL_IMX6_CAAM
|
||||
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
|
||||
#else
|
||||
/* wc_Sha512 digest */
|
||||
typedef struct wc_Sha512 {
|
||||
word64 digest[WC_SHA512_DIGEST_SIZE / sizeof(word64)];
|
||||
|
@ -99,6 +102,7 @@ typedef struct wc_Sha512 {
|
|||
WC_ASYNC_DEV asyncDev;
|
||||
#endif /* WOLFSSL_ASYNC_CRYPT */
|
||||
} wc_Sha512;
|
||||
#endif
|
||||
|
||||
#endif /* HAVE_FIPS */
|
||||
|
||||
|
|
|
@ -449,6 +449,7 @@
|
|||
DYNAMIC_TYPE_QSH = 86,
|
||||
DYNAMIC_TYPE_SALT = 87,
|
||||
DYNAMIC_TYPE_HASH_TMP = 88,
|
||||
DYNAMIC_TYPE_BLOB = 89,
|
||||
};
|
||||
|
||||
/* max error buffer string size */
|
||||
|
|
Loading…
Reference in New Issue