mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Support AES and SHA hw acceleration on esp32-wroom-32

Browse Source 
Removed unnecessary codes
Added README
Some clean up for maintenancebility
Removed unused methods

Removed unused methods
This commit is contained in:
Hideki Miyazaki 2018-11-21 18:41:29 +09:00
parent c54e8e31bd
commit 9d2294b967
33 changed files with 2159 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
IDE/Espressif/ESP-IDF/README.md
View File

@ -1,24 +1,26 @@
# ESP-IDF port
## Overview
ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition
Including the following examples:
simple tls_client/server
crypt test
crypt benchmark
Including the following examples:
* simple tls_client/server
* crypt test
* crypt benchmark
The *user_settings.h* file enables some of the hardened settings.
## Requirements
1. ESP-IDF development framework
1. ESP-IDF development framework
[https://docs.espressif.com/projects/esp-idf/en/latest/get-started/]
Note: This expects to use Linux version.
## Setup
1. Run *setup.sh* to deploy files into ESP-IDF tree
2. Find Wolfssl files at /path/to/esp-idf/components/wolfssl/
3. Find Example programs under /path/to/esp-idf/examples/protocols/wolfssl_xxx
4. Uncomment out #define WOLFSSL_ESPIDF in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
4. Uncomment out #define WOLFSSL_ESPIDF in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
Uncomment out #define WOLFSSL_ESPWROOM32 in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
## Configuration

10
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
View File

@ -2,12 +2,14 @@
The Example contains of wolfSSL benchmark program.
1. "make menuconfig" to configure the program.
1-1. Example Configuration ->
BENCH_ARG : argument that you want to use. Default is "-lng 0"
The list of argument can be find in help.
1. "make menuconfig" to configure the program.
1-1. Example Configuration ->
BENCH_ARG : argument that you want to use. Default is "-lng 0"
The list of argument can be find in help.
When you want to run the benchmark program
1. "make flash" to compile and load the firmware
2. "make monitor" to see the message

11
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/user_settings.h
View File

@ -31,10 +31,13 @@
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
#define SINGLE_THREADED /* or define RTOS option */
/* when you want to use SINGLE THREAD */
/* #define SINGLE_THREADED */
#define NO_FILESYSTEM
#define HAVE_AESGCM
/* when you want to use SHA384 */
/* #define WOLFSSL_SHA384 */
#define WOLFSSL_SHA512
#define HAVE_ECC
#define HAVE_CURVE25519
@ -43,9 +46,15 @@
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
/* date/time */
/* if it cannot adjust time in the device, */
/* enable macro below */
/* #define NO_ASN_TIME */
/* #define XTIME time */
/* when you want not to use HW acceleration */
/* #define NO_ESP32WROOM32_CRYPT */
/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/
/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */

25
IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
View File

@ -1,19 +1,22 @@
#wolfssl Example
#wolfSSL Example
The Example contains of wolfSSL tls client demo.
1. "make menuconfig" to config the project
1-1. Example Configuration ->
WIFI SSID: your own WIFI, which is connected to the Internet.(default is "myssid")
WIFI Password: WIFI password, and default is "mypassword"
Target host ip address : the host that you want to connect to.(default is 127.0.0.1)
1. "make menuconfig" to config the project
1-1. Example Configuration ->
WIFI SSID: your own WIFI, which is connected to the Internet.(default is "myssid")
WIFI Password: WIFI password, and default is "mypassword"
Target host ip address : the host that you want to connect to.(default is 127.0.0.1)
Note: the example program uses 11111 port. If you want to use different port
, you need to modifiy DEFAULT_PORT definition in the code.
Note: the example program uses 11111 port. If you want to use different port
, you need to modifiy DEFAULT_PORT definition in the code.
When you want to test the wolfSSL client
1. "make falsh monitor" to load the firmware and see the context
2. You can use <wolfssl>/examples/server/server program for test.
e.g. Launch ./examples/server/server -v 4 -b -i
1. "make falsh monitor" to load the firmware and see the context
2. You can use <wolfssl>/examples/server/server program for test.
e.g. Launch ./examples/server/server -v 4 -b -i
See the README.md file in the upper level 'examples' directory for more information about examples.

11
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/user_settings.h
View File

@ -31,10 +31,13 @@
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
#define SINGLE_THREADED /* or define RTOS option */
/* when you want to use SINGLE THREAD */
/* #define SINGLE_THREADED */
#define NO_FILESYSTEM
#define HAVE_AESGCM
/* when you want to use SHA384 */
/* #define WOLFSSL_SHA384 */
#define WOLFSSL_SHA512
#define HAVE_ECC
#define HAVE_CURVE25519
@ -43,9 +46,15 @@
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
/* date/time */
/* if it cannot adjust time in the device, */
/* enable macro below */
/* #define NO_ASN_TIME */
/* #define XTIME time */
/* when you want not to use HW acceleration */
/* #define NO_ESP32WROOM32_CRYPT */
/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/
/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */

19
IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
View File

@ -3,17 +3,20 @@
The Example contains a wolfSSL simple server.
1. "make menuconfigure" to configure the project
1-1. Example Configuration ->
WIFI SSID : your own WIFI, which is connected to the Internet.(default is "myssid")
WIFI Password : WIFI password, and default is "mypassword"
1-1. Example Configuration ->
WIFI SSID : your own WIFI, which is connected to the Internet.(default is "myssid")
WIFI Password : WIFI password, and default is "mypassword"
When you want to test the wolfSSL simple server demo
1. "make flash" to compile the code and load the firmware
2. "make monitor" to see the context. The assigned IP address can be found in output message.
3. Once the server connects to the wifi, it is waiting for client request.
("Waiting for a connection..." message will be displayed.)
4. You can use <wolfssl>/examples/client to test the server
e.g ./example/client/client -h xx.xx.xx
2. "make monitor" to see the context. The assigned IP address can be found in output message.
3. Once the server connects to the wifi, it is waiting for client request.
("Waiting for a connection..." message will be displayed.)
4. You can use <wolfssl>/examples/client to test the server
e.g ./example/client/client -h xx.xx.xx
See the README.md file in the upper level 'examples' directory for more information about examples.

11
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/user_settings.h
View File

@ -31,10 +31,13 @@
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
#define SINGLE_THREADED /* or define RTOS option */
/* when you want to use SINGLE THREAD */
/* #define SINGLE_THREADED */
#define NO_FILESYSTEM
#define HAVE_AESGCM
/* when you want to use SHA384 */
/* #define WOLFSSL_SHA384 */
#define WOLFSSL_SHA512
#define HAVE_ECC
#define HAVE_CURVE25519
@ -43,9 +46,15 @@
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
/* date/time */
/* if it cannot adjust time in the device, */
/* enable macro below */
/* #define NO_ASN_TIME */
/* #define XTIME time */
/* when you want not to use HW acceleration */
/* #define NO_ESP32WROOM32_CRYPT */
/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/
/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */

11
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/user_settings.h
View File

@ -31,10 +31,13 @@
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
#define SINGLE_THREADED /* or define RTOS option */
/* when you want to use SINGLE THREAD */
/* #define SINGLE_THREADED */
#define NO_FILESYSTEM
#define HAVE_AESGCM
/* when you want to use SHA384 */
/* #define WOLFSSL_SHA384 */
#define WOLFSSL_SHA512
#define HAVE_ECC
#define HAVE_CURVE25519
@ -43,9 +46,15 @@
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
/* date/time */
/* if it cannot adjust time in the device, */
/* enable macro below */
/* #define NO_ASN_TIME */
/* #define XTIME time */
/* when you want not to use HW acceleration */
/* #define NO_ESP32WROOM32_CRYPT */
/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/
/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */

1
IDE/Espressif/ESP-IDF/libs/component.mk
View File

@ -6,6 +6,7 @@ COMPONENT_ADD_INCLUDEDIRS := .
COMPONENT_ADD_INCLUDEDIRS += ../freertos/include/freertos/
COMPONENT_SRCDIRS := src wolfcrypt/src
COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o

3
IDE/Espressif/ESP-IDF/setup.sh
View File

@ -38,6 +38,7 @@ ${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/
${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/src
${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfcrypt
${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfssl
${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/test
popd > /dev/null # $WOLFSSL_ESPIDFDIR
pushd ${BASEDIR} > /dev/null # WOLFSSL TOP DIR
@ -51,6 +52,8 @@ ${CPDCMD} -r ./wolfcrypt/benchmark ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/
${CPDCMD} -r ./wolfssl/*.h ${WOLFSSLLIB_TRG_DIR}/wolfssl/
${CPDCMD} -r ./wolfssl/wolfcrypt ${WOLFSSLLIB_TRG_DIR}/wolfssl/
# unit test app
${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/test/* ${WOLFSSLLIB_TRG_DIR}/test/
popd > /dev/null #

6
IDE/Espressif/ESP-IDF/test/CMakeLists.txt Normal file
View File

@ -0,0 +1,6 @@
set(COMPONENT_SRCDIRS ".")
set(COMPONENT_ADD_INCLUDEDIRS ".")
set(COMPONENT_REQUIRES unity test_utils wolfssl)
register_component()

18
IDE/Espressif/ESP-IDF/test/README.md Normal file
View File

@ -0,0 +1,18 @@
# wolfSSL unit tests
The test contains of wolfSSL unit-test app on Unity.
When you want to run the app
1. Copy *test.c* file at /path/to/esp-idf/components/wolfssl/wolfcrypt/test/ folder to the wolfssl/test folder
2. Copy *user_settings.h* to /esp-idf/components/wolfssl/
3. Add *CFLAGS += -DWOLFSSL_USER_SETTINGS* into components.mk at wolfssl/
OR, copy *component_wolfssl.mk.use* into wolfssl/ folder
4. Go to /esp-idf/tools/unit-test-app/ folder
5. "make menuconfig" to configure unit test app.
6. "make TEST_COMPONENTS=wolfssl" to build wolfssl unit test app.
NOTE:
You should remove *user_settings.h* file at wolfssl/ folder after finishing run
the unit test app.
See [https://docs.espressif.com/projects/esp-idf/en/latest/api-guides/unit-tests.html] for more information about unit test app.

10
IDE/Espressif/ESP-IDF/test/component.mk Normal file
View File

@ -0,0 +1,10 @@
#
#Component Makefile
#
#CFLAGS := -v
CFLAGS += -DNO_MAIN_DRIVER
CFLAGS += -DWOLFSSL_USER_SETTINGS
#CFLAGS += -DWOLFSSL_ESP32WROOM32_CRYPT_DEBUG
COMPONENT_ADD_LDFLAGS = -Wl,--whole-archive -l$(COMPONENT_NAME) -Wl,--no-whole-archive

16
IDE/Espressif/ESP-IDF/test/component_wolfssl.mk.use Normal file
View File

@ -0,0 +1,16 @@
#
# Component Makefile
#
COMPONENT_ADD_INCLUDEDIRS := .
COMPONENT_ADD_INCLUDEDIRS += ../freertos/include/freertos/
COMPONENT_SRCDIRS := src wolfcrypt/src
COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
CFLAGS +=-DWOLFSSL_USER_SETTINGS
COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += src/bio.o

524
IDE/Espressif/ESP-IDF/test/test_wolfssl.c Normal file
View File

@ -0,0 +1,524 @@
/*
* wolfssl sha tests
*/
#include <stdio.h>
#include <string.h>
#include <esp_system.h>
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/semphr.h"
#include "unity.h"
#include "sdkconfig.h"
#include "esp_log.h"
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/sha512.h>
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/types.h>
static const char* TAG = "wolfssl unit test";
static xSemaphoreHandle exit_semaph;
static volatile bool exit_loop=false;
#define SHA_STACK_SIZE (20*1024)
#define TIMES_SHA 500
#define TIMES_AES 100
#ifndef NO_SHA
int sha_test();
#endif
#ifndef NO_SHA256
int sha256_test();
#endif
#ifdef WOLFSSL_SHA384
int sha384_test(void);
#endif
#ifdef WOLFSSL_SHA512
int sha512_test(void);
#endif
#ifndef NO_AES
int aes_test(void);
static void tskAes_Test(void *pvParam)
{
ESP_LOGI(TAG, "enter tskAes_Test");
int ret = 0;
while(exit_loop==false) {
ret = aes_test();
if(ret != 0) {
printf("result was not good(aes_test)(%d)\n",ret);
TEST_FAIL_MESSAGE("tskAes_Test\n");
}
}
ESP_LOGI(TAG, "leave tskAes_Test");
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
int aesgcm_test(void);
static void tskAesGcm_Test(void *pvParam)
{
ESP_LOGI(TAG, "enter tskAesGcm_Test");
int ret = 0;
while(exit_loop==false) {
ret = aesgcm_test();
if(ret != 0) {
printf(" results was not good(%d). aesGcm_test\n",ret);
TEST_FAIL_MESSAGE("aesGcm_test\n");
}
}
ESP_LOGI(TAG, "leave tskAesGcm_Test");
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
#ifdef WOLFSSL_AES_192
int aes192_test(void);
static void tskAes192_Test(void *pvParam)
{
ESP_LOGI(TAG, "enter tskAes192_Test");
int ret = 0;
while(exit_loop==false) {
ret = aes192_test();
if(ret != 0) {
printf(" results was not good(%d). aes192_test\n",ret);
TEST_FAIL_MESSAGE("aes192_test\n");
}
}
ESP_LOGI(TAG, "leave tskAes192_Test");
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
#endif
#ifdef WOLFSSL_AES_256
int aes256_test(void);
static void tskAes256_Test(void *pvParam)
{
ESP_LOGI(TAG, "enter tskAes256_Test");
int ret = 0;
while(exit_loop==false) {
ret = aes256_test();
if(ret != 0) {
printf(" results was not good(%d). aes256_test\n", ret);
TEST_FAIL_MESSAGE("aes256_test\n");
}
}
ESP_LOGI(TAG, "leave tskAes256_Test");
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
#endif
TEST_CASE("wolfssl aes test" , "[wolfssl]")
{
ESP_LOGI(TAG, "aes test");
TEST_ASSERT_EQUAL(0, aes_test());
#ifdef WOLFSSL_AES_192
ESP_LOGI(TAG, "aes_192 test");
TEST_ASSERT_EQUAL(0, aes192_test());
#endif
#ifdef WOLFSSL_AES_256
ESP_LOGI(TAG, "aes_256 test");
TEST_ASSERT_EQUAL(0, aes256_test());
#endif
ESP_LOGI(TAG, "aes-gcm test");
TEST_ASSERT_EQUAL(0, aesgcm_test());
}
#endif
TEST_CASE("wolfssl sha crypt-test", "[wolfssl]")
{
#ifndef NO_SHA
ESP_LOGI(TAG, "sha_test()");
TEST_ASSERT_EQUAL(0, sha_test());
#endif
#ifndef NO_SHA256
ESP_LOGI(TAG, "sha256_test()");
TEST_ASSERT_EQUAL(0, sha256_test());
#endif
#ifdef WOLSSL_SHA384
ESP_LOGI(TAG, "sha384_test()");
TEST_ASSERT_EQUAL(0, sha384_test());
#endif
#ifdef WOLFSSL_SHA512
ESP_LOGI(TAG, "sha512_test()");
TEST_ASSERT_EQUAL(0, sha512_test());
#endif
}
#ifndef NO_SHA
static void tskSha_Test(void *pvParam)
{
ESP_LOGI(TAG, "enter tskSha_Test");
int ret = 0;
while(exit_loop==false) {
ret = sha_test();
if(ret != 0) {
printf(" results was not good(%d). sha_test\n", ret);
TEST_FAIL_MESSAGE("tskSha_Test\n");
}
}
ESP_LOGI(TAG, "leave tskSha_Test");
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
#endif
#ifndef NO_SHA256
static void tskSha256_Test(void *pvParam)
{
ESP_LOGI(TAG, "enter tskSha256_Test");
int ret;
while(exit_loop==false) {
ret = sha256_test();
if(ret != 0) {
printf("results was not good(%d). sha256_test\n", ret);
TEST_FAIL_MESSAGE("sha256_test() failed");
}
}
ESP_LOGI(TAG, "leave tskSha256_Test");
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
#endif
#ifdef WOLFSSL_SHA384
static void tskSha384_Test(void *pvParam)
{
ESP_LOGI(TAG, "enter tskSha384_Test");
int ret = 0;
while(exit_loop==false) {
ret = sha384_test();
if(ret != 0) {
printf("results was not good(%d). sha384_test\n", ret);
TEST_FAIL_MESSAGE("sha384_test() failed\n");
}
}
ESP_LOGI(TAG, "leave tskSha384_Test");
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
#endif
#ifdef WOLFSSL_SHA512
static void tskSha512_Test(void *pvParam)
{
ESP_LOGI(TAG, "enter tskSha512_Test");
int ret = 0;
while(exit_loop==false) {
ret = sha512_test();
if(ret != 0) {
printf(" results was not good(%d). sha512_test\n", ret);
TEST_FAIL_MESSAGE("tskSha512_Test() failed\n");
}
}
ESP_LOGI(TAG, "leave tskSha512_test()");
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
#endif
TEST_CASE("wolfssl sha multi-thread test ", "[wolfssl]")
{
int num = 0;
#ifndef NO_SHA
num++;
#endif
#ifndef NO_SHA256
num++;
#endif
#ifdef WOLFSSL_SHA384
num++;
#endif
#ifdef WOLFSSL_SHA512
num++;
#endif
exit_loop = false;
exit_semaph = xSemaphoreCreateCounting(num, 0);
#ifndef NO_SHA
xTaskCreate(tskSha_Test, "sha_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifndef NO_SHA256
xTaskCreate(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifdef WOLFSSL_SHA384
xTaskCreate(tskSha384_Test, "sha384_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifdef WOLFSSL_SHA512
xTaskCreate(tskSha512_Test, "sha512_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
ESP_LOGI(TAG, "Waiting for 10s ...");
vTaskDelay(10000/portTICK_PERIOD_MS);
exit_loop = true;
for(int i=0;i<num;i++){
if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
TEST_FAIL_MESSAGE("exit semaphore not released by test task");
}
}
vSemaphoreDelete(exit_semaph);
}
TEST_CASE("wolfssl aes multi-thread test ", "[wolfssl]")
{
int num = 0;
#ifndef NO_AES
num++;
num++;
#ifdef WOLFSSL_AES_192
num++;
#endif
#ifdef WOLFSSL_AES_256
num++;
#endif
#endif
exit_loop = false;
exit_semaph = xSemaphoreCreateCounting(num, 0);
#ifndef NO_AES
xTaskCreate(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL);
xTaskCreate(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifdef WOLFSSL_AES_192
xTaskCreate(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifdef WOLFSSL_AES_256
xTaskCreate(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
ESP_LOGI(TAG, "Waiting for 10s ...");
vTaskDelay(10000/portTICK_PERIOD_MS);
exit_loop = true;
for(int i=0;i<num;i++){
if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
TEST_FAIL_MESSAGE("exit semaphore not released by test task");
}
}
vSemaphoreDelete(exit_semaph);
}
TEST_CASE("wolfssl aes sha sha256 multi-thread test ", "[wolfssl]")
{
int num = 0;
#ifndef NO_AES
num++;
num++;
#ifdef WOLFSSL_AES_192
num++;
#endif
#ifdef WOLFSSL_AES_256
num++;
#endif
#endif
#ifndef NO_SHA
num++;
#endif
#ifndef NO_SHA256
num++;
#endif
exit_loop = false;
#ifndef CONFIG_FREERTOS_UNICORE
num *= 2;
printf("num=%d\n", num);
exit_semaph = xSemaphoreCreateCounting(num, 0);
#ifndef NO_AES
if(xTaskCreatePinnedToCore(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -1 \n");
if(xTaskCreatePinnedToCore(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -2 \n");
if(xTaskCreatePinnedToCore(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -3 \n");
if(xTaskCreatePinnedToCore(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -4 \n");
#endif
#ifdef WOLFSSL_AES_192
if(xTaskCreatePinnedToCore(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -5 \n");
if(xTaskCreatePinnedToCore(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -6 \n");
#endif
#ifdef WOLFSSL_AES_256
if(xTaskCreatePinnedToCore(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -7 \n");
if(xTaskCreatePinnedToCore(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -8 \n");
#endif
#ifndef NO_SHA
if(xTaskCreatePinnedToCore(tskSha_Test, "Sha_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -9 \n");
if(xTaskCreatePinnedToCore(tskSha_Test, "Sha_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -10 \n");
#endif
#ifndef NO_SHA256
if(xTaskCreatePinnedToCore(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -11 \n");
if(xTaskCreatePinnedToCore(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -12 \n");
#endif
#else
exit_semaph = xSemaphoreCreateCounting(num, 0);
#ifndef NO_AES
xTaskCreate(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL);
xTaskCreate(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifdef WOLFSSL_AES_192
xTaskCreate(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifdef WOLFSSL_AES_256
xTaskCreate(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifndef NO_SHA
xTaskCreate(tskSha_Test, "Sha_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifndef NO_SHA256
xTaskCreate(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#endif /* CONFIG_FREERTOS_UNICORE */
ESP_LOGI(TAG, "Waiting for 15s ...");
vTaskDelay(15000/portTICK_PERIOD_MS);
exit_loop = true;
for(int i=0;i<num;i++){
if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
TEST_FAIL_MESSAGE("exit semaphore not released by test task");
}
}
vSemaphoreDelete(exit_semaph);
}
TEST_CASE("wolfssl aes sha384 sha512 multi-thread test ", "[wolfssl]")
{
int num = 0;
#ifndef NO_AES
num++;
num++;
#ifdef WOLFSSL_AES_192
num++;
#endif
#ifdef WOLFSSL_AES_256
num++;
#endif
#endif
#ifdef WOLFSSL_SHA384
num++;
#endif
#ifdef WOLFSSL_SHA512
num++;
#endif
exit_loop = false;
#ifndef CONFIG_FREERTOS_UNICORE
num *= 2;
exit_semaph = xSemaphoreCreateCounting(num, 0);
#ifndef NO_AES
if(xTaskCreatePinnedToCore(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -1 \n");
if(xTaskCreatePinnedToCore(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -2 \n");
if(xTaskCreatePinnedToCore(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -3 \n");
if(xTaskCreatePinnedToCore(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -4 \n");
#endif
#ifdef WOLFSSL_AES_192
if(xTaskCreatePinnedToCore(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -5 \n");
if(xTaskCreatePinnedToCore(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -6 \n");
#endif
#ifdef WOLFSSL_AES_256
if(xTaskCreatePinnedToCore(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -7 \n");
if(xTaskCreatePinnedToCore(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -8 \n");
#endif
#ifdef WOLFSSL_SHA384
if(xTaskCreatePinnedToCore(tskSha384_Test, "sha384_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -13 \n");
if(xTaskCreatePinnedToCore(tskSha384_Test, "sha384_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -14 \n");
#endif
#ifdef WOLFSSL_SHA512
printf("start sha512\n");
if(xTaskCreatePinnedToCore(tskSha512_Test, "Sha512_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -15 \n");
if(xTaskCreatePinnedToCore(tskSha512_Test, "Sha512_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
ESP_LOGE(TAG, "failed to create task -16 \n");
#endif
#else
exit_semaph = xSemaphoreCreateCounting(num, 0);
#ifndef NO_AES
xTaskCreate(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL);
xTaskCreate(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifdef WOLFSSL_AES_192
xTaskCreate(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifdef WOLFSSL_AES_256
xTaskCreate(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifndef NO_SHA
xTaskCreate(tskSha_Test, "Sha_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#ifndef NO_SHA256
xTaskCreate(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL);
#endif
#endif /* CONFIG_FREERTOS_UNICORE */
ESP_LOGI(TAG, "Waiting for 15s ...");
vTaskDelay(15000/portTICK_PERIOD_MS);
exit_loop = true;
for(int i=0;i<num;i++){
if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
TEST_FAIL_MESSAGE("exit semaphore not released by test task");
}
}
vSemaphoreDelete(exit_semaph);
}

59
IDE/Espressif/ESP-IDF/test/user_settings.h Normal file
View File

@ -0,0 +1,59 @@
/* user_settings.h
*
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
/* TLS 1.3 */
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define WC_RSA_PSS
#define HAVE_HKDF
#define HAVE_FFDHE_2048
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
// #define SINGLE_THREADED/* or define RTOS option */
#define NO_FILESYSTEM
#define HAVE_AESGCM
/* when you want to use SHA384 */
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
/* date/time */
/* if it cannot adjust time in the device, */
/* enable macro below */
/* #define NO_ASN_TIME */
/* #define XTIME time */
/* when you want not to use HW acceleration */
/* #define NO_ESP32WROOM32_CRYPT */
/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/
/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */

59
wolfcrypt/src/aes.c
View File

@ -577,6 +577,24 @@
#error nRF51 AES Hardware does not support decrypt
#endif /* HAVE_AES_DECRYPT */
#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
#if defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT)
static int wc_AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
{
return wc_esp32AesEncrypt(aes, inBlock, outBlock);
}
#endif
#if defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT)
static int wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
{
return wc_esp32AesDecrypt(aes, inBlock, outBlock);
}
#endif
#elif defined(WOLFSSL_AESNI)
@ -1945,6 +1963,32 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
return ret;
}
int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
return wc_AesSetKey(aes, userKey, keylen, iv, dir);
}
#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
(void)dir;
(void)iv;
if ( aes == NULL || (keylen != 16 && keylen != 24 && keylen != 32)) {
return BAD_FUNC_ARG;
}
aes->keylen = keylen;
aes->rounds = keylen/4 + 6;
XMEMCPY(aes->key, userKey, keylen);
return wc_AesSetIV(aes, iv);
}
int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
@ -1983,7 +2027,9 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
aes->rounds = (keylen/4) + 6;
XMEMCPY(rk, userKey, keylen);
#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT)
#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
(!defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES))
ByteReverseWords(rk, rk, keylen);
#endif
@ -2826,6 +2872,17 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return ret;
}
#endif /* HAVE_AES_DECRYPT */
#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
return wc_esp32AesCbcEncrypt(aes, out, in, sz);
}
int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
return wc_esp32AesCbcDecrypt(aes, out, in, sz);
}
#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES)
/* implemented in wolfcrypt/src/port/caam/caam_aes.c */

6
wolfcrypt/src/include.am
View File

@ -68,7 +68,11 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
wolfcrypt/src/port/devcrypto/devcrypto_hash.c \
wolfcrypt/src/port/devcrypto/wc_devcrypto.c \
wolfcrypt/src/port/devcrypto/README.md \
wolfcrypt/src/port/mynewt/mynewt_port.c
wolfcrypt/src/port/mynewt/mynewt_port.c \
wolfcrypt/src/port/Espressif/esp32_aes.c \
wolfcrypt/src/port/Espressif/esp32_sha.c \
wolfcrypt/src/port/Espressif/esp32_util.c
if BUILD_CRYPTODEV
src_libwolfssl_la_SOURCES += wolfcrypt/src/cryptodev.c

96
wolfcrypt/src/port/Espressif/README.md Normal file
View File

@ -0,0 +1,96 @@
# ESP32 Port
Support for the ESP32-WROOM-32 on-board crypto hardware acceleration for symmetric AES and SHA1/SHA256/SHA384/SHA512.
NOTE: RSA has not supported yet.
## ESP32 Acceleration
For detail about ESP32 HW Acceleration, you can find in [Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf)
### Building
To enable hw acceleration :
Uncomment out #define WOLFSSL_ESPIDF in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
Uncomment out #define WOLFSSL_ESPWROOM32 in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
To disable portions of the hardware acceleration you can optionally define:
```
/* Disabled SHA and AES acceleration */
#define NO_ESP32WROOM32_CRYPT
/* Disabled AES acceleration */
#define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES
/* Disabed SHA acceleration */
#define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH
```
### Coding
In your application you must include <wolfssl/wolfcrypt/settings.h> before any other wolfSSL headers. If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` and adding your own `user_settings.h` file. You can find a good reference for this in `IDE/GCC-ARM/Header/user_settings.h`.
### Benchmarks
Software only implementation :
```
AES-128-CBC-enc 1 MB took 1.001 seconds, 1.146 MB/s
AES-128-CBC-dec 1 MB took 1.017 seconds, 1.104 MB/s
AES-192-CBC-enc 1 MB took 1.018 seconds, 1.055 MB/s
AES-192-CBC-dec 1 MB took 1.006 seconds, 1.019 MB/s
AES-256-CBC-enc 1000 KB took 1.000 seconds, 1000.000 KB/s
AES-256-CBC-dec 975 KB took 1.007 seconds, 968.222 KB/s
AES-128-GCM-enc 350 KB took 1.055 seconds, 331.754 KB/s
AES-128-GCM-dec 350 KB took 1.055 seconds, 331.754 KB/s
AES-192-GCM-enc 325 KB took 1.013 seconds, 320.829 KB/s
AES-192-GCM-dec 325 KB took 1.013 seconds, 320.829 KB/s
AES-256-GCM-enc 325 KB took 1.041 seconds, 312.200 KB/s
AES-256-GCM-dec 325 KB took 1.041 seconds, 312.200 KB/s
SHA 6 MB took 1.003 seconds, 5.720 MB/s
SHA-256 2 MB took 1.003 seconds, 2.483 MB/s
SHA-384 1 MB took 1.002 seconds, 1.218 MB/s
SHA-512 1 MB took 1.000 seconds, 1.221 MB/s
HMAC-SHA 6 MB took 1.000 seconds, 5.664 MB/s
HMAC-SHA256 2 MB took 1.002 seconds, 2.461 MB/s
HMAC-SHA384 1 MB took 1.017 seconds, 1.200 MB/s
HMAC-SHA512 1 MB took 1.017 seconds, 1.200 MB/s
```
Hardware Acceleration :
```
AES-128-CBC-enc 6 MB took 1.002 seconds, 6.018 MB/s
AES-128-CBC-dec 5 MB took 1.002 seconds, 5.336 MB/s
AES-192-CBC-enc 6 MB took 1.003 seconds, 6.012 MB/s
AES-192-CBC-dec 5 MB took 1.004 seconds, 5.325 MB/s
AES-256-CBC-enc 6 MB took 1.003 seconds, 6.012 MB/s
AES-256-CBC-dec 5 MB took 1.004 seconds, 5.325 MB/s
AES-128-GCM-enc 350 KB took 1.001 seconds, 349.650 KB/s
AES-128-GCM-dec 350 KB took 1.001 seconds, 349.650 KB/s
AES-192-GCM-enc 350 KB took 1.015 seconds, 344.828 KB/s
AES-192-GCM-dec 350 KB took 1.015 seconds, 344.828 KB/s
AES-256-GCM-enc 350 KB took 1.022 seconds, 342.466 KB/s
AES-256-GCM-dec 350 KB took 1.022 seconds, 342.466 KB/s
SHA 14 MB took 1.001 seconds, 14.073 MB/s
SHA-256 15 MB took 1.000 seconds, 15.259 MB/s
SHA-384 18 MB took 1.000 seconds, 17.529 MB/s
SHA-512 18 MB took 1.000 seconds, 17.529 MB/s
HMAC-SHA 14 MB took 1.001 seconds, 13.805 MB/s
HMAC-SHA256 15 MB took 1.000 seconds, 14.966 MB/s
HMAC-SHA384 17 MB took 1.000 seconds, 16.968 MB/s
HMAC-SHA512 17 MB took 1.001 seconds, 16.951 MB/s
```
Condition :
- Model : ESP32-WROOM-32
- CPU Speed: 240Mhz
- ESP-IDF : v3.3-beta1-39-g6cb37ecc5(commit hash : 6cb37ecc5)
- OS : Ubuntu 18.04.1 LTS (Bionic Beaver)
## Support
Email us at [support@wolfssl.com](mailto:support@wolfssl.com).

290
wolfcrypt/src/port/Espressif/esp32_aes.c Normal file
View File

@ -0,0 +1,290 @@
/**
* aes.c
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <string.h>
#include <stdio.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
#include <wolfssl/wolfcrypt/aes.h>
#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
static const char* TAG = "wolf_hw_aes";
/* mutex */
static wolfSSL_Mutex aes_mutex;
static int espaes_CryptHwMutexInit = 0;
/*
* lock hw engine.
* this should be called before using engine.
*/
static int esp_aes_hw_InUse()
{
ESP_LOGV(TAG, "enter esp_aes_hw_InUse");
int ret = 0;
if(espaes_CryptHwMutexInit == 0) {
ret = esp_CryptHwMutexInit(&aes_mutex);
if(ret == 0){
espaes_CryptHwMutexInit = 1;
} else {
ESP_LOGE(TAG, "aes mutx initialization failed.");
return -1;
}
}
/* lock hardware */
ret = esp_CryptHwMutexLock(&aes_mutex, portMAX_DELAY);
if(ret != 0) {
ESP_LOGE(TAG, "aes engine lock failed.");
return -1;
}
/* Enable AES hardware */
periph_module_enable(PERIPH_AES_MODULE);
ESP_LOGV(TAG, "leave esp_aes_hw_InUse");
return ret;
}
/*
* release hw engine
*/
static void esp_aes_hw_Leave( void )
{
ESP_LOGV(TAG, "enter esp_aes_hw_InUse");
/* Disable AES hardware */
periph_module_disable(PERIPH_AES_MODULE);
/* unlock */
esp_CryptHwMutexUnLock(&aes_mutex);
ESP_LOGV(TAG, "leave esp_aes_hw_Leave");
}
/*
* set key to hardware key registers.
*/
static void esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
{
ESP_LOGV(TAG, "enter esp_aes_hw_InUse");
word32 mode_ = 0;
/* check mode */
if(mode == ESP32_AES_UPDATEKEY_ENCRYPT) {
mode_ = 0;
} else if(mode == ESP32_AES_UPDATEKEY_DECRYPT){
mode_ = 4;
} else {
ESP_LOGE(TAG, "unexpected error.");
return;
}
/* update key */
for(int i=0;i<(ctx->keylen)/sizeof(word32);i++){
DPORT_REG_WRITE(AES_KEY_BASE + (i*4), *(((word32*)ctx->key) + i));
}
/* mode
* 0 AES-128 Encryption
* 1 AES-192 Encryption
* 2 AES-256 Encryption
* 4 AES-128 Decryption
* 5 AES-192 Decryption
* 6 AES-256 Decryption
*/
switch(ctx->keylen){
case 24: mode_ += 1; break;
case 32: mode_ += 2; break;
default: break;
}
DPORT_REG_WRITE(AES_MODE_REG, mode_);
ESP_LOGV(TAG, "leave esp_aes_hw_Setkey");
}
/*
* Porcess a one block of AES
*/
static void esp_aes_bk(const byte* in, byte* out)
{
ESP_LOGV(TAG, "enter esp_aes_hw_InUse");
const word32 *inwords = (const word32 *)in;
word32 *outwords = (word32 *)out;
/* copy text for encrypting/decrypting blocks */
DPORT_REG_WRITE(AES_TEXT_BASE, inwords[0]);
DPORT_REG_WRITE(AES_TEXT_BASE + 4, inwords[1]);
DPORT_REG_WRITE(AES_TEXT_BASE + 8, inwords[2]);
DPORT_REG_WRITE(AES_TEXT_BASE + 12, inwords[3]);
/* start engine */
DPORT_REG_WRITE(AES_START_REG, 1);
/* wait until finishing the process */
while(1) {
if(DPORT_REG_READ(AES_IDLE_REG) == 1)
break;
}
/* read-out blocks */
esp_dport_access_read_buffer(outwords, AES_TEXT_BASE, 4);
ESP_LOGV(TAG, "leave esp_aes_bk");
}
/*
* wc_esp32AesEncrypt
* @brief: a one block encrypt of the input block, into the output block
* @param aes: a pointer of the AES object used to encrypt data
* @param in : a pointer of the input buffer containing plain text to be encrypted
* @param out: a pointer of the output buffer in which to store the cipher text of
* the encrypted message
*/
int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out)
{
ESP_LOGV(TAG, "enter wc_esp32AesEncrypt");
/* lock the hw engine */
esp_aes_hw_InUse();
/* load the key into the register */
esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT);
/* process a one block of AES */
esp_aes_bk(in, out);
/* release hw */
esp_aes_hw_Leave();
return 0;
}
/*
* wc_esp32AesDecrypt
* @brief: a one block decrypt of the input block, into the output block
* @param aes: a pointer of the AES object used to decrypt data
* @param in : a pointer of the input buffer containing plain text to be decrypted
* @param out: a pointer of the output buffer in which to store the cipher text of
* the decrypted message
*/
int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
{
ESP_LOGV(TAG, "enter wc_esp32AesDecrypt");
/* lock the hw engine */
esp_aes_hw_InUse();
/* load the key into the register */
esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT);
/* process a one block of AES */
esp_aes_bk(in, out);
/* release hw engine */
esp_aes_hw_Leave();
return 0;
}
/*
* wc_esp32AesCbcEncrypt
* @brief: Encrypts a plain text message from the input buffer, and places the
* resulting cipher text into the output buffer using cipher block chaining
* with AES.
* @param aes: a pointer of the AES object used to encrypt data
* @param out: a pointer of the output buffer in which to store the cipher text of
* the encrypted message
* @param in : a pointer of the input buffer containing plain text to be encrypted
* @param sz : size of input message
*/
int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
ESP_LOGV(TAG, "enter wc_esp32AesCbcEncrypt");
int i;
int offset = 0;
word32 blocks = (sz / AES_BLOCK_SIZE);
byte *iv;
byte temp_block[AES_BLOCK_SIZE];
iv = (byte*)aes->reg;
esp_aes_hw_InUse();
esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT);
while (blocks--) {
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
/* XOR block with IV for CBC */
for (i = 0; i < AES_BLOCK_SIZE; i++)
temp_block[i] ^= iv[i];
esp_aes_bk(temp_block, (out + offset));
offset += AES_BLOCK_SIZE;
/* store IV for next block */
XMEMCPY(iv, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
}
esp_aes_hw_Leave();
ESP_LOGV(TAG, "leave wc_esp32AesCbcEncrypt");
return 0;
}
/*
* wc_esp32AesCbcDecrypt
* @brief: Encrypts a plain text message from the input buffer, and places the
* resulting cipher text into the output buffer using cipher block chaining
* with AES.
* @param aes: a pointer of the AES object used to decrypt data
* @param out: a pointer of the output buffer in which to store the cipher text of
* the decrypted message
* @param in : a pointer of the input buffer containing plain text to be decrypted
* @param sz : size of input message
*/
int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
ESP_LOGV(TAG, "enter wc_esp32AesCbcDecrypt");
int i;
int offset = 0;
word32 blocks = (sz / AES_BLOCK_SIZE);
byte* iv;
byte temp_block[AES_BLOCK_SIZE];
iv = (byte*)aes->reg;
esp_aes_hw_InUse();
esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT);
while (blocks--) {
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
esp_aes_bk((in + offset), (out + offset));
/* XOR block with IV for CBC */
for (i = 0; i < AES_BLOCK_SIZE; i++)
(out + offset)[i] ^= iv[i];
/* store IV for next block */
XMEMCPY(iv, temp_block, AES_BLOCK_SIZE);
offset += AES_BLOCK_SIZE;
}
esp_aes_hw_Leave();
ESP_LOGV(TAG, "leave wc_esp32AesCbcDecrypt");
return 0;
}
#endif /* WOLFSSL_ESP32WROOM32_CRYPT */

399
wolfcrypt/src/port/Espressif/esp32_sha.c Normal file
View File

@ -0,0 +1,399 @@
/**
* sha.c
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <string.h>
#include <stdio.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include "wolfssl/wolfcrypt/logging.h"
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/sha512.h>
#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
#include "wolfssl/wolfcrypt/error-crypt.h"
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
#else
#define WOLFSSL_MISC_INCLUDED
#include <wolfcrypt/src/misc.c>
#endif
static const char* TAG = "wolf_hw_sha";
/* mutex */
#if defined(SINGLE_THREADED)
static int InUse = 0;
#else
static wolfSSL_Mutex sha_mutex;
static int espsha_CryptHwMutexInit = 0;
#endif
/*
enum SHA_TYPE {
SHA1 = 0,
SHA2_256,
SHA2_384,
SHA2_512,
SHA_INVALID = -1,
};
*/
static word32 esp_sha_digest_size(enum SHA_TYPE type)
{
ESP_LOGV(TAG, "enter esp_sha_digest_sit");
switch(type){
case SHA1:
return WC_SHA_DIGEST_SIZE;
case SHA2_256:
return WC_SHA256_DIGEST_SIZE;
#ifdef WOLFSSL_SHA384
case SHA2_384:
return WC_SHA384_DIGEST_SIZE;
#endif
#ifdef WOLFSSL_SHA512
case SHA2_512:
return WC_SHA512_DIGEST_SIZE;
#endif
default:return WC_SHA_DIGEST_SIZE;
}
ESP_LOGV(TAG, "leave esp_sha_digest_sit");
}
/*
* wait until engines becomes idle
*/
void esp_wait_until_idle()
{
while((DPORT_REG_READ(SHA_1_BUSY_REG) !=0) ||
(DPORT_REG_READ(SHA_256_BUSY_REG)!=0) ||
(DPORT_REG_READ(SHA_384_BUSY_REG)!=0) ||
(DPORT_REG_READ(SHA_512_BUSY_REG)!=0)){ }
}
/*
* lock hw engine.
* this should be called before using engine.
*/
int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
{
ESP_LOGV(TAG, "enter esp_sha_hw_Init");
int ret = 0;
/* Init mutex */
#if defined(SINGLE_THREADED)
if(ctx->mode == ESP32_SHA_INIT) {
if(!InUse) {
ctx->mode = ESP32_SHA_HW;
InUse = 1;
} else {
ctx->mode = ESP32_SHA_SW;
}
} else {
/* this should not happens */
ESP_LOGE(TAG, "unexpected error in esp_sha_try_hw_lock.");
return -1;
}
#else
if(espsha_CryptHwMutexInit == 0){
ret = esp_CryptHwMutexInit(&sha_mutex);
if(ret == 0) {
espsha_CryptHwMutexInit = 1;
} else {
ESP_LOGE(TAG, " mutex initialization failed.");
ctx->mode = ESP32_SHA_SW;
return 0;
}
}
/* check if this sha has been operated as sw or hw, or not yet init */
if(ctx->mode == ESP32_SHA_INIT){
/* try to lock the hw engine */
if(esp_CryptHwMutexLock(&sha_mutex, (TickType_t)0) == 0) {
ctx->mode = ESP32_SHA_HW;
} else {
ESP_LOGI(TAG, "someone used. hw is locked.....");
ESP_LOGI(TAG, "the rest of operaion will use sw implementation for this sha");
ctx->mode = ESP32_SHA_SW;
return 0;
}
} else {
/* this should not happens */
ESP_LOGE(TAG, "unexpected error in esp_sha_try_hw_lock.");
return -1;
}
#endif
/* Enable SHA hardware */
periph_module_enable(PERIPH_SHA_MODULE);
ESP_LOGV(TAG, "leave esp_sha_hw_Init");
return ret;
}
/*
* release hw engine
*/
void esp_sha_hw_Release( void )
{
ESP_LOGV(TAG, "enter esp_sha_hw_Release");
/* Disable AES hardware */
periph_module_disable(PERIPH_SHA_MODULE);
#if defined(SINGLE_THREADED)
InUse = 0;
#else
/* unlock hw engine for next use */
esp_CryptHwMutexUnLock(&sha_mutex);
#endif
ESP_LOGV(TAG, "leave esp_sha_hw_Release");
}
/*
* start sha process by using hw engine
*/
void esp_sha_start_process(WC_ESP32SHA* sha, word32 address)
{
ESP_LOGV(TAG, "enter esp_sha_start_process");
if(sha->isfirstblock){
/* start first message block */
DPORT_REG_WRITE(address, 1);
sha->isfirstblock = 0;
} else {
/* CONTINU_REG */
DPORT_REG_WRITE(address + 0x04, 1);
}
ESP_LOGV(TAG, "leave esp_sha_start_process");
}
/*
* process message block
*/
void esp_process_block(WC_ESP32SHA* ctx, word32 address,
const word32* data, word32 len)
{
ESP_LOGV(TAG, "enter esp_process_block");
/* check if there are any busy engine */
esp_wait_until_idle();
/* load message data into hw */
for(int i=0;i<((len)/(sizeof(word32)));++i){
DPORT_REG_WRITE(SHA_TEXT_BASE+(i*4),*(data+i));
}
/* notify hw to start process */
esp_sha_start_process(ctx, address);
ESP_LOGV(TAG, "leave esp_process_block");
}
/*
* retreive sha digest from memory
*/
void esp_digest_state(WC_ESP32SHA* ctx, byte* hash, enum SHA_TYPE sha_type)
{
ESP_LOGV(TAG, "enter esp_digest_state");
/* registers */
word32 SHA_LOAD_REG = SHA_1_LOAD_REG + sha_type * 0x10;
word32 SHA_BUSY_REG = SHA_1_BUSY_REG + sha_type * 0x10;
if(ctx->isfirstblock == 1){
/* no hardware use yet. Nothing to do yet */
return ;
}
{
/* wait until idle */
esp_wait_until_idle();
/* LOAD final digest */
DPORT_REG_WRITE(SHA_LOAD_REG, 1);
/* wait until done */
while(DPORT_REG_READ(SHA_BUSY_REG) == 1){ }
esp_dport_access_read_buffer((word32*)(hash), SHA_TEXT_BASE,
esp_sha_digest_size(sha_type)/4);
#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
if(sha_type==SHA2_384||sha_type==SHA2_512) {
word32 i;
word32* pwrd1 = (word32*)(hash);
/* swap value */
for(i = 0; i <WC_SHA512_DIGEST_SIZE/4; i+=2 ) {
pwrd1[i] ^= pwrd1[i+1];
pwrd1[i+1]^= pwrd1[i];
pwrd1[i] ^= pwrd1[i+1];
}
}
#endif
}
ESP_LOGV(TAG, "leave esp_digest_state");
}
#ifndef NO_SHA
/*
* sha1 process
*/
int esp_sha_process(struct wc_Sha* sha)
{
ESP_LOGV(TAG, "enter esp_sha_process");
int ret = 0;
word32 SHA_START_REG = SHA_1_START_REG + SHA1 * 0x10;
esp_process_block(&sha->ctx, SHA_START_REG, sha->buffer,
WC_SHA_BLOCK_SIZE);
ESP_LOGV(TAG, "leave esp_sha_process");
return ret;
}
/*
* retrieve sha1 digest
*/
int esp_sha_digest_process(struct wc_Sha* sha, byte blockproc)
{
ESP_LOGV(TAG, "enter esp_sha_digest_process");
int ret = 0;
if(blockproc) {
word32 SHA_START_REG = SHA_1_START_REG + SHA1 * 0x10;
esp_process_block(&sha->ctx, SHA_START_REG, sha->buffer,
WC_SHA_BLOCK_SIZE);
}
esp_digest_state(&sha->ctx, (byte*)sha->digest, SHA1);
ESP_LOGV(TAG, "leave esp_sha_digest_process");
return ret;
}
#endif /* NO_SHA */
#ifndef NO_WOLFSSL_SHA256
/*
* sha256 process
*/
int esp_sha256_process(struct wc_Sha256* sha)
{
ESP_LOGV(TAG, "enter esp_sha256_process");
int ret = 0;
word32 SHA_START_REG = SHA_1_START_REG + SHA2_256 * 0x10;
esp_process_block(&sha->ctx, SHA_START_REG, sha->buffer,
WC_SHA_BLOCK_SIZE);
ESP_LOGV(TAG, "leave esp_sha256_process");
return ret;
}
/*
* retrieve sha256 digest
*/
int esp_sha256_digest_process(struct wc_Sha256* sha, byte blockproc)
{
ESP_LOGV(TAG, "enter esp_sha256_digest_process");
int ret = 0;
if(blockproc) {
word32 SHA_START_REG = SHA_1_START_REG + SHA2_256 * 0x10;
esp_process_block(&sha->ctx, SHA_START_REG, sha->buffer,
WC_SHA_BLOCK_SIZE);
}
esp_digest_state(&sha->ctx, (byte*)sha->digest, SHA2_256);
ESP_LOGV(TAG, "leave esp_sha256_digest_process");
return ret;
}
#endif /* NO_WOLFSSL_SHA256 */
#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
/*
* sha512 proess. this is used for sha384 too.
*/
void esp_sha512_block(struct wc_Sha512* sha, const word32* data, byte isfinal)
{
ESP_LOGV(TAG, "enter esp_sha512_block");
enum SHA_TYPE sha_type = sha->ctx.sha_type;
word32 SHA_START_REG = SHA_1_START_REG;
SHA_START_REG += sha_type * 0x10;
if(sha->ctx.mode == ESP32_SHA_SW){
ByteReverseWords64(sha->buffer, sha->buffer,
WC_SHA512_BLOCK_SIZE);
if(isfinal){
sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha->hiLen;
sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha->loLen;
}
} else {
ByteReverseWords((word32*)sha->buffer, (word32*)sha->buffer,
WC_SHA512_BLOCK_SIZE);
if(isfinal){
sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] =
rotlFixed64(sha->hiLen, 32U);
sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] =
rotlFixed64(sha->loLen, 32U);
}
esp_process_block(&sha->ctx, SHA_START_REG, data, WC_SHA512_BLOCK_SIZE);
}
ESP_LOGV(TAG, "leave esp_sha512_block");
}
/*
* sha512 proess. this is used for sha384 too.
*/
int esp_sha512_process(struct wc_Sha512* sha)
{
ESP_LOGV(TAG, "enter esp_sha512_process");
word32 *data = (word32*)sha->buffer;
esp_sha512_block(sha, data, 0);
ESP_LOGV(TAG, "leave esp_sha512_process");
return 0;
}
/*
* retreive sha512 digest. this is used for sha384 too.
*/
int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc)
{
ESP_LOGV(TAG, "enter esp_sha512_digest_process");
if(blockproc) {
word32* data = (word32*)sha->buffer;
esp_sha512_block(sha, data, 1);
}
if(sha->ctx.mode != ESP32_SHA_SW)
esp_digest_state(&sha->ctx, (byte*)sha->digest, sha->ctx.sha_type);
ESP_LOGV(TAG, "leave esp_sha512_digest_process");
return 0;
}
#endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */
#endif /* WOLFSSL_ESP32WROOM32_CRYPT */

62
wolfcrypt/src/port/Espressif/esp32_util.c Normal file
View File

@ -0,0 +1,62 @@
/**
* util.c
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
(!defined(NO_AES) || !defined(NO_SHA) || !defined(NO_WOLFSSL_SHA256) ||\
defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512))
#include <wolfssl/wolfcrypt/wc_port.h>
int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex) {
return wc_InitMutex(mutex);
}
int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBloxkTime) {
return wc_LockMutex_ex(mutex, xBloxkTime);
}
int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
return wc_UnLockMutex(mutex);
}
#endif
#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG
#include "esp_timer.h"
#include "esp_log.h"
uint64_t startTime = 0;
void wc_esp32TimerStart()
{
startTime = esp_timer_get_time();
}
uint64_t wc_esp32elapsedTime()
{
/* retturn elapsed time since wc_esp32AesTimeStart() is called in us */
return esp_timer_get_time() - startTime;
}
#endif /*WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */

103
wolfcrypt/src/sha.c
View File

@ -239,8 +239,44 @@
#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
/* wolfcrypt/src/port/caam/caam_sha.c */
#else
#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
#define USE_SHA_SOFTWARE_IMPL
static int InitSha(wc_Sha* sha)
{
int ret = 0;
sha->digest[0] = 0x67452301L;
sha->digest[1] = 0xEFCDAB89L;
sha->digest[2] = 0x98BADCFEL;
sha->digest[3] = 0x10325476L;
sha->digest[4] = 0xC3D2E1F0L;
sha->buffLen = 0;
sha->loLen = 0;
sha->hiLen = 0;
/* alwasy start firstblock = 1 when using hw engine */
sha->ctx.isfirstblock = 1;
sha->ctx.sha_type = SHA1;
if(sha->ctx.mode == ESP32_SHA_HW){
/* release hw engine */
esp_sha_hw_Release();
}
/* always set mode as INIT
* whether using HW or SW is detemined at first call of update()
*/
sha->ctx.mode = ESP32_SHA_INIT;
return ret;
}
#else
/* Software implementation */
#define USE_SHA_SOFTWARE_IMPL
@ -394,7 +430,11 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
return BAD_FUNC_ARG;
sha->heap = heap;
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
sha->ctx.mode = ESP32_SHA_INIT;
sha->ctx.isfirstblock = 1;
#endif
ret = InitSha(sha);
if (ret != 0)
return ret;
@ -444,7 +484,19 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
#endif
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
XTRANSFORM(sha, local);
#else
if(sha->ctx.mode == ESP32_SHA_INIT){
esp_sha_try_hw_lock(&sha->ctx);
}
if(sha->ctx.mode == ESP32_SHA_SW){
XTRANSFORM(sha, local);
} else {
esp_sha_process(sha);
}
#endif
AddLength(sha, WC_SHA_BLOCK_SIZE);
sha->buffLen = 0;
}
@ -503,7 +555,19 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
#endif
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
XTRANSFORM(sha, local);
#else
if(sha->ctx.mode == ESP32_SHA_INIT){
esp_sha_try_hw_lock(&sha->ctx);
}
if(sha->ctx.mode == ESP32_SHA_SW){
XTRANSFORM(sha, local);
} else {
esp_sha_process(sha);
}
#endif
sha->buffLen = 0;
}
XMEMSET(&local[sha->buffLen], 0, WC_SHA_PAD_SIZE - sha->buffLen);
@ -528,7 +592,20 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
2 * sizeof(word32));
#endif
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
XTRANSFORM(sha, local);
#else
if(sha->ctx.mode == ESP32_SHA_INIT){
esp_sha_try_hw_lock(&sha->ctx);
}
if(sha->ctx.mode == ESP32_SHA_SW){
XTRANSFORM(sha, local);
} else {
esp_sha_digest_process(sha, 1);
}
#endif
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE);
#endif
@ -571,9 +648,22 @@ int wc_ShaGetHash(wc_Sha* sha, byte* hash)
if (sha == NULL || hash == NULL)
return BAD_FUNC_ARG;
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
if(sha->ctx.mode == ESP32_SHA_INIT){
esp_sha_try_hw_lock(&sha->ctx);
}
if(sha->ctx.mode != ESP32_SHA_SW)
esp_sha_digest_process(sha, 0);
#endif
ret = wc_ShaCopy(sha, &tmpSha);
if (ret == 0) {
ret = wc_ShaFinal(&tmpSha, hash);
ret = wc_ShaFinal(&tmpSha, hash);
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
sha->ctx.mode = ESP32_SHA_SW;
#endif
}
return ret;
}
@ -593,7 +683,12 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
#ifdef WOLFSSL_PIC32MZ_HASH
ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
#endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
dst->ctx.mode = src->ctx.mode;
dst->ctx.isfirstblock = src->ctx.isfirstblock;
dst->ctx.sha_type = src->ctx.sha_type;
#endif
return ret;
}
#endif /* !WOLFSSL_TI_HASH */

137
wolfcrypt/src/sha256.c
View File

@ -140,7 +140,8 @@
#if !defined(WOLFSSL_PIC32MZ_HASH) && !defined(STM32_HASH_SHA2) && \
(!defined(WOLFSSL_IMX6_CAAM) || defined(NO_IMX6_CAAM_HASH)) && \
!defined(WOLFSSL_AFALG_HASH) && !defined(WOLFSSL_DEVCRYPTO_HASH)
!defined(WOLFSSL_AFALG_HASH) && !defined(WOLFSSL_DEVCRYPTO_HASH) && \
(!defined(WOLFSSL_ESP32WROOM32_CRYPT) || defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH))
static int InitSha256(wc_Sha256* sha256)
{
int ret = 0;
@ -451,6 +452,64 @@ static int InitSha256(wc_Sha256* sha256)
#elif defined(WOLFSSL_DEVCRYPTO_HASH)
/* implemented in wolfcrypt/src/port/devcrypto/devcrypt_hash.c */
#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
#define NEED_SOFT_SHA256
static int InitSha256(wc_Sha256* sha256)
{
int ret = 0;
if (sha256 == NULL)
return BAD_FUNC_ARG;
XMEMSET(sha256->digest, 0, sizeof(sha256->digest));
sha256->digest[0] = 0x6A09E667L;
sha256->digest[1] = 0xBB67AE85L;
sha256->digest[2] = 0x3C6EF372L;
sha256->digest[3] = 0xA54FF53AL;
sha256->digest[4] = 0x510E527FL;
sha256->digest[5] = 0x9B05688CL;
sha256->digest[6] = 0x1F83D9ABL;
sha256->digest[7] = 0x5BE0CD19L;
sha256->buffLen = 0;
sha256->loLen = 0;
sha256->hiLen = 0;
/* always start firstblock = 1 when using hw engine */
sha256->ctx.isfirstblock = 1;
sha256->ctx.sha_type = SHA2_256;
if(sha256->ctx.mode == ESP32_SHA_HW) {
/* release hw */
esp_sha_hw_Release();
}
/* always set mode as INIT
* whether using HW or SW is detemined at first call of update()
*/
sha256->ctx.mode = ESP32_SHA_INIT;
return ret;
}
int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId)
{
WOLFSSL_ENTER("wc_InitSha256_ex");
int ret = 0;
if (sha256 == NULL)
return BAD_FUNC_ARG;
XMEMSET(sha256, 0, sizeof(wc_Sha256));
sha256->ctx.mode = ESP32_SHA_INIT;
sha256->ctx.isfirstblock = 1;
(void)devId;
ret = InitSha256(sha256);
WOLFSSL_LEAVE("wc_InitSha256_ex", ret);
return ret;
}
#else
#define NEED_SOFT_SHA256
@ -649,7 +708,20 @@ static int InitSha256(wc_Sha256* sha256)
WC_SHA256_BLOCK_SIZE);
}
#endif
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ret = XTRANSFORM(sha256);
#else
if(sha256->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha256->ctx);
}
if(sha256->ctx.mode == ESP32_SHA_SW){
ret = XTRANSFORM(sha256);
} else {
esp_sha256_process(sha256);
}
#endif
if (ret == 0) {
AddLength(sha256, WC_SHA256_BLOCK_SIZE);
sha256->buffLen = 0;
@ -705,7 +777,20 @@ static int InitSha256(wc_Sha256* sha256)
ByteReverseWords(sha256->buffer, sha256->buffer,
WC_SHA256_BLOCK_SIZE);
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ret = XTRANSFORM(sha256);
#else
if(sha256->ctx.mode == ESP32_SHA_INIT){
esp_sha_try_hw_lock(&sha256->ctx);
}
if(sha256->ctx.mode == ESP32_SHA_SW){
ret = XTRANSFORM(sha256);
} else {
esp_sha256_process(sha256);
}
#endif
if (ret != 0)
break;
}
@ -755,8 +840,19 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif
}
ret = XTRANSFORM(sha256);
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ret = XTRANSFORM(sha256);
#else
if(sha256->ctx.mode == ESP32_SHA_INIT){
esp_sha_try_hw_lock(&sha256->ctx);
}
if(sha256->ctx.mode == ESP32_SHA_SW){
ret = XTRANSFORM(sha256);
} else {
ret = esp_sha256_process(sha256);
}
#endif
if (ret != 0)
return ret;
@ -798,7 +894,20 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif
return XTRANSFORM(sha256);
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
return XTRANSFORM(sha256);
#else
if(sha256->ctx.mode == ESP32_SHA_INIT){
esp_sha_try_hw_lock(&sha256->ctx);
}
if(sha256->ctx.mode == ESP32_SHA_SW){
return XTRANSFORM(sha256);
} else {
ret = esp_sha256_digest_process(sha256, 1);
}
return ret;
#endif
}
int wc_Sha256FinalRaw(wc_Sha256* sha256, byte* hash)
@ -2836,9 +2945,23 @@ int wc_Sha256GetHash(wc_Sha256* sha256, byte* hash)
if (sha256 == NULL || hash == NULL)
return BAD_FUNC_ARG;
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
if(sha256->ctx.mode == ESP32_SHA_INIT){
esp_sha_try_hw_lock(&sha256->ctx);
}
if(sha256->ctx.mode == ESP32_SHA_HW)
{
esp_sha256_digest_process(sha256, 0);
}
#endif
ret = wc_Sha256Copy(sha256, &tmpSha256);
if (ret == 0) {
ret = wc_Sha256Final(&tmpSha256, hash);
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
sha256->ctx.mode = ESP32_SHA_SW;
#endif
wc_Sha256Free(&tmpSha256);
}
return ret;
@ -2861,6 +2984,12 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
#ifdef WOLFSSL_PIC32MZ_HASH
ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
#endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
dst->ctx.mode = src->ctx.mode;
dst->ctx.isfirstblock = src->ctx.isfirstblock;
dst->ctx.sha_type = src->ctx.sha_type;
#endif
return ret;
}

140
wolfcrypt/src/sha512.c
View File

@ -186,6 +186,7 @@
#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
/* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
#else
#ifdef WOLFSSL_SHA512
@ -208,6 +209,21 @@ static int InitSha512(wc_Sha512* sha512)
sha512->loLen = 0;
sha512->hiLen = 0;
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
sha512->ctx.sha_type = SHA2_512;
/* always start firstblock = 1 when using hw engine */
sha512->ctx.isfirstblock = 1;
if(sha512->ctx.mode == ESP32_SHA_HW) {
/* release hw */
esp_sha_hw_Release();
}
/* always set mode as INIT
* whether using HW or SW is detemined at first call of update()
*/
sha512->ctx.mode = ESP32_SHA_INIT;
#endif
return 0;
}
@ -570,11 +586,25 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
#endif
{
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ByteReverseWords64(sha512->buffer, sha512->buffer,
WC_SHA512_BLOCK_SIZE);
WC_SHA512_BLOCK_SIZE);
#endif
}
#endif
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ret = Transform_Sha512(sha512);
#else
if(sha512->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha512->ctx);
}
ret = esp_sha512_process(sha512);
if(ret == 0 && sha512->ctx.mode == ESP32_SHA_SW){
ret = Transform_Sha512(sha512);
}
#endif
if (ret == 0) {
AddLength(sha512, WC_SHA512_BLOCK_SIZE);
sha512->buffLen = 0;
@ -626,10 +656,23 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le
data += WC_SHA512_BLOCK_SIZE;
len -= WC_SHA512_BLOCK_SIZE;
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ByteReverseWords64(sha512->buffer, sha512->buffer,
WC_SHA512_BLOCK_SIZE);
WC_SHA512_BLOCK_SIZE);
#endif
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ret = Transform_Sha512(sha512);
#else
if(sha512->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha512->ctx);
}
ret = esp_sha512_process(sha512);
if(ret == 0 && sha512->ctx.mode == ESP32_SHA_SW){
ret = Transform_Sha512(sha512);
}
#endif
if (ret != 0)
break;
}
@ -689,11 +732,23 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
#endif
{
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ByteReverseWords64(sha512->buffer,sha512->buffer,
WC_SHA512_BLOCK_SIZE);
WC_SHA512_BLOCK_SIZE);
#endif
}
#endif /* LITTLE_ENDIAN_ORDER */
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ret = Transform_Sha512(sha512);
#else
ret = esp_sha512_process(sha512);
if(ret == 0 && sha512->ctx.mode == ESP32_SHA_SW){
ret = Transform_Sha512(sha512);
}
#endif
if (ret != 0)
return ret;
@ -711,19 +766,37 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
#if defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2)
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
#endif
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ByteReverseWords64(sha512->buffer, sha512->buffer, WC_SHA512_PAD_SIZE);
#endif
#endif
/* ! length ordering dependent on digest endian type ! */
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen;
sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen;
#endif
#if defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2)
if (IS_INTEL_AVX1(intel_flags) || IS_INTEL_AVX2(intel_flags))
ByteReverseWords64(&(sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2]),
&(sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2]),
WC_SHA512_BLOCK_SIZE - WC_SHA512_PAD_SIZE);
#endif
#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
ret = Transform_Sha512(sha512);
#else
if(sha512->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha512->ctx);
}
ret = esp_sha512_digest_process(sha512, 1);
if(ret == 0 && sha512->ctx.mode == ESP32_SHA_SW) {
ret = Transform_Sha512(sha512);
}
#endif
if (ret != 0)
return ret;
@ -783,7 +856,6 @@ int wc_Sha512Final(wc_Sha512* sha512, byte* hash)
return InitSha512(sha512); /* reset state */
}
int wc_InitSha512(wc_Sha512* sha512)
{
return wc_InitSha512_ex(sha512, NULL, INVALID_DEVID);
@ -2616,6 +2688,7 @@ static int Transform_Sha512_AVX2_RORX_Len(wc_Sha512* sha512, word32 len)
#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
/* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
#else
static int InitSha384(wc_Sha384* sha384)
@ -2637,6 +2710,22 @@ static int InitSha384(wc_Sha384* sha384)
sha384->loLen = 0;
sha384->hiLen = 0;
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
sha384->ctx.sha_type = SHA2_384;
/* always start firstblock = 1 when using hw engine */
sha384->ctx.isfirstblock = 1;
if(sha384->ctx.mode == ESP32_SHA_HW) {
/* release hw */
esp_sha_hw_Release();
}
/* always set mode as INIT
* whether using HW or SW is detemined at first call of update()
*/
sha384->ctx.mode = ESP32_SHA_INIT;
#endif
return 0;
}
@ -2773,9 +2862,22 @@ int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash)
if (sha512 == NULL || hash == NULL)
return BAD_FUNC_ARG;
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
if(sha512->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha512->ctx);
}
if(sha512->ctx.mode != ESP32_SHA_SW)
esp_sha512_digest_process(sha512, 0);
#endif
ret = wc_Sha512Copy(sha512, &tmpSha512);
if (ret == 0) {
ret = wc_Sha512Final(&tmpSha512, hash);
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
sha512->ctx.mode = ESP32_SHA_SW;;
#endif
wc_Sha512Free(&tmpSha512);
}
return ret;
@ -2796,7 +2898,12 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
#endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
dst->ctx.mode = src->ctx.mode;
dst->ctx.isfirstblock = src->ctx.isfirstblock;
dst->ctx.sha_type = src->ctx.sha_type;
#endif
return ret;
}
@ -2811,10 +2918,22 @@ int wc_Sha384GetHash(wc_Sha384* sha384, byte* hash)
if (sha384 == NULL || hash == NULL)
return BAD_FUNC_ARG;
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
if(sha384->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha384->ctx);
}
if(sha384->ctx.mode != ESP32_SHA_SW) {
esp_sha512_digest_process(sha384, 0);
}
#endif
ret = wc_Sha384Copy(sha384, &tmpSha384);
if (ret == 0) {
ret = wc_Sha384Final(&tmpSha384, hash);
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
sha384->ctx.mode = ESP32_SHA_SW;
#endif
wc_Sha384Free(&tmpSha384);
}
return ret;
@ -2834,7 +2953,12 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
#endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
dst->ctx.mode = src->ctx.mode;
dst->ctx.isfirstblock = src->ctx.isfirstblock;
dst->ctx.sha_type = src->ctx.sha_type;
#endif
return ret;
}

16
wolfcrypt/src/wc_port.c
View File

@ -614,8 +614,13 @@ int wolfSSL_CryptHwMutexUnLock(void) {
(void)m;
return 0;
}
#if defined(WOLFSSL_ESP32WROOM32_CRYPT)
int wc_LockMutex_ex(wolfSSL_Mutex *m, TickType_t xBlockTime)
{
(void)m;
return 0;
}
#endif
int wc_UnLockMutex(wolfSSL_Mutex *m)
{
(void)m;
@ -650,7 +655,12 @@ int wolfSSL_CryptHwMutexUnLock(void) {
xSemaphoreTake( *m, portMAX_DELAY );
return 0;
}
#if defined(WOLFSSL_ESP32WROOM32_CRYPT)
int wc_LockMutex_ex(wolfSSL_Mutex* m, TickType_t xBlockTime)
{
return ((xSemaphoreTake( *m, xBlockTime ) == pdTRUE) ? 0 : BAD_MUTEX_E);
}
#endif
int wc_UnLockMutex(wolfSSL_Mutex* m)
{
xSemaphoreGive( *m );

3
wolfssl/wolfcrypt/include.am
View File

@ -76,7 +76,8 @@ noinst_HEADERS+= \
wolfssl/wolfcrypt/port/caam/wolfcaam.h \
wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h \
wolfssl/wolfcrypt/port/st/stm32.h \
wolfssl/wolfcrypt/port/st/stsafe.h
wolfssl/wolfcrypt/port/st/stsafe.h \
wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
if BUILD_AFALG
nobase_include_HEADERS+= wolfssl/wolfcrypt/port/af_alg/afalg_hash.h

123
wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h Normal file
View File

@ -0,0 +1,123 @@
/**
* esp32-crypt.h
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef __ESP32_CRYPT_H__
#define __ESP32_CRYPT_H__
#include "esp_types.h"
#include "esp_log.h"
#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG
#undef LOG_LOCAL_LEVEL
#define LOG_LOCAL_LEVEL ESP_LOG_VERBOSE
#else
#undef LOG_LOCAL_LEVEL
#define LOG_LOCAL_LEVEL ESP_LOG_ERROR
#endif
#ifndef NO_SHA
#include "rom/sha.h"
#endif
#include <freertos/FreeRTOS.h>
#include "soc/dport_reg.h"
#include "soc/hwcrypto_reg.h"
#include "soc/cpu.h"
#include "driver/periph_ctrl.h"
#include <byteswap.h>
#include <rom/ets_sys.h>
#ifdef __cplusplus
extern "C" {
#endif
int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex);
int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBloxkTime);
int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
#ifndef NO_AES
#include "rom/aes.h"
typedef enum tagES32_AES_PROCESS {
ESP32_AES_LOCKHW = 1,
ESP32_AES_UPDATEKEY_ENCRYPT = 2,
ESP32_AES_UPDATEKEY_DECRYPT = 3,
ESP32_AES_UNLOCKHW = 4
} ESP32_AESPROCESS;
struct Aes;
int wc_esp32AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in, word32 sz);
int wc_esp32AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz);
int wc_esp32AesEncrypt(struct Aes *aes, const byte* in, byte* out);
int wc_esp32AesDecrypt(struct Aes *aes, const byte* in, byte* out);
#endif
#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG
void wc_esp32TimerStart();
uint64_t wc_esp32elapsedTime();
#endif /* WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
#if !defined(NO_SHA) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
typedef enum {
ESP32_SHA_INIT = 0,
ESP32_SHA_HW = 1,
ESP32_SHA_SW = 2,
} ESP32_DOSHA;
typedef struct {
byte isfirstblock;
/* 0 , 1 hard, 2 soft */
byte mode;
/* sha_type */
enum SHA_TYPE sha_type;
} WC_ESP32SHA;
int esp_sha_try_hw_lock(WC_ESP32SHA* ctx);
void esp_sha_hw_Release( void );
struct wc_Sha;
int esp_sha_digest_process(struct wc_Sha* sha, byte bockprocess);
int esp_sha_process(struct wc_Sha* sha);
void esp_sha_digest_state(struct wc_Sha* sha);
#ifndef NO_WOLFSSL_SHA256
struct wc_Sha256;
int esp_sha256_digest_process(struct wc_Sha256* sha, byte bockprocess);
int esp_sha256_process(struct wc_Sha256* sha);
#endif
#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
struct wc_Sha512;
int esp_sha512_process(struct wc_Sha512* sha);
int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc);
#endif
#endif /* NO_SHA && */
#ifdef __cplusplus
}
#endif
#endif /* __ESP32_CRYPT_H__ */

5
wolfssl/wolfcrypt/settings.h
View File

@ -233,6 +233,11 @@
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#if defined(WOLFSSL_ESPWROOM32)
#ifndef NO_ESP32WROOM32_CRYPT
#define WOLFSSL_ESP32WROOM32_CRYPT
#endif
#endif
#if !defined(WOLFSSL_USER_SETTINGS)
#define HAVE_ECC
#endif /* !WOLFSSL_USER_SETTINGS */

7
wolfssl/wolfcrypt/sha.h
View File

@ -69,6 +69,9 @@
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
#ifdef WOLFSSL_ESP32WROOM32_CRYPT
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#endif
#if !defined(NO_OLD_SHA_NAMES)
#define SHA WC_SHA
@ -121,6 +124,10 @@ typedef struct wc_Sha {
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
WC_ESP32SHA ctx;
#endif
} wc_Sha;
#endif /* WOLFSSL_TI_HASH */

7
wolfssl/wolfcrypt/sha256.h
View File

@ -83,6 +83,9 @@
#if defined(WOLFSSL_DEVCRYPTO) && defined(WOLFSSL_DEVCRYPTO_HASH)
#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT)
#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
#endif
#if defined(_MSC_VER)
#define SHA256_NOINLINE __declspec(noinline)
@ -151,6 +154,10 @@ typedef struct wc_Sha256 {
word32 used;
word32 len;
#endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
WC_ESP32SHA ctx;
#endif
#endif
} wc_Sha256;

8
wolfssl/wolfcrypt/sha512.h
View File

@ -72,7 +72,9 @@
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
#ifdef WOLFSSL_ESP32WROOM32_CRYPT
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#endif
#if defined(_MSC_VER)
#define SHA512_NOINLINE __declspec(noinline)
#elif defined(__GNUC__)
@ -112,6 +114,10 @@ enum {
#else
/* wc_Sha512 digest */
typedef struct wc_Sha512 {
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
WC_ESP32SHA ctx;
#endif
word64 digest[WC_SHA512_DIGEST_SIZE / sizeof(word64)];
word64 buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64)];
word32 buffLen; /* in bytes */

3
wolfssl/wolfcrypt/wc_port.h
View File

@ -214,6 +214,9 @@
/* Mutex functions */
WOLFSSL_API int wc_InitMutex(wolfSSL_Mutex*);
#if defined(WOLFSSL_ESP32WROOM32_CRYPT)
WOLFSSL_API int wc_LockMutex_ex(wolfSSL_Mutex* m, TickType_t xBlockTime);
#endif
WOLFSSL_API wolfSSL_Mutex* wc_InitAndAllocMutex(void);
WOLFSSL_API int wc_FreeMutex(wolfSSL_Mutex*);
WOLFSSL_API int wc_LockMutex(wolfSSL_Mutex*);