From 9d2294b96741bd5a8428c7ca00a845211a996c8f Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Wed, 21 Nov 2018 18:41:29 +0900 Subject: [PATCH] Support AES and SHA hw acceleration on esp32-wroom-32 Removed unnecessary codes Added README Some clean up for maintenancebility Removed unused methods Removed unused methods --- IDE/Espressif/ESP-IDF/README.md | 18 +- .../examples/wolfssl_benchmark/README.md | 10 +- .../main/include/user_settings.h | 11 +- .../ESP-IDF/examples/wolfssl_client/README.md | 25 +- .../main/include/user_settings.h | 11 +- .../ESP-IDF/examples/wolfssl_server/README.md | 19 +- .../main/include/user_settings.h | 11 +- .../wolfssl_test/main/include/user_settings.h | 11 +- IDE/Espressif/ESP-IDF/libs/component.mk | 1 + IDE/Espressif/ESP-IDF/setup.sh | 3 + IDE/Espressif/ESP-IDF/test/CMakeLists.txt | 6 + IDE/Espressif/ESP-IDF/test/README.md | 18 + IDE/Espressif/ESP-IDF/test/component.mk | 10 + .../ESP-IDF/test/component_wolfssl.mk.use | 16 + IDE/Espressif/ESP-IDF/test/test_wolfssl.c | 524 ++++++++++++++++++ IDE/Espressif/ESP-IDF/test/user_settings.h | 59 ++ wolfcrypt/src/aes.c | 59 +- wolfcrypt/src/include.am | 6 +- wolfcrypt/src/port/Espressif/README.md | 96 ++++ wolfcrypt/src/port/Espressif/esp32_aes.c | 290 ++++++++++ wolfcrypt/src/port/Espressif/esp32_sha.c | 399 +++++++++++++ wolfcrypt/src/port/Espressif/esp32_util.c | 62 +++ wolfcrypt/src/sha.c | 103 +++- wolfcrypt/src/sha256.c | 137 ++++- wolfcrypt/src/sha512.c | 140 ++++- wolfcrypt/src/wc_port.c | 16 +- wolfssl/wolfcrypt/include.am | 3 +- .../wolfcrypt/port/Espressif/esp32-crypt.h | 123 ++++ wolfssl/wolfcrypt/settings.h | 5 + wolfssl/wolfcrypt/sha.h | 7 + wolfssl/wolfcrypt/sha256.h | 7 + wolfssl/wolfcrypt/sha512.h | 8 +- wolfssl/wolfcrypt/wc_port.h | 3 + 33 files changed, 2159 insertions(+), 58 deletions(-) create mode 100644 IDE/Espressif/ESP-IDF/test/CMakeLists.txt create mode 100644 IDE/Espressif/ESP-IDF/test/README.md create mode 100644 IDE/Espressif/ESP-IDF/test/component.mk create mode 100644 IDE/Espressif/ESP-IDF/test/component_wolfssl.mk.use create mode 100644 IDE/Espressif/ESP-IDF/test/test_wolfssl.c create mode 100644 IDE/Espressif/ESP-IDF/test/user_settings.h create mode 100644 wolfcrypt/src/port/Espressif/README.md create mode 100644 wolfcrypt/src/port/Espressif/esp32_aes.c create mode 100644 wolfcrypt/src/port/Espressif/esp32_sha.c create mode 100644 wolfcrypt/src/port/Espressif/esp32_util.c create mode 100644 wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h diff --git a/IDE/Espressif/ESP-IDF/README.md b/IDE/Espressif/ESP-IDF/README.md index f96fbff10..da1dbea81 100644 --- a/IDE/Espressif/ESP-IDF/README.md +++ b/IDE/Espressif/ESP-IDF/README.md @@ -1,24 +1,26 @@ # ESP-IDF port ## Overview ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition - - Including the following examples: - simple tls_client/server - crypt test - crypt benchmark + +Including the following examples: + +* simple tls_client/server +* crypt test +* crypt benchmark The *user_settings.h* file enables some of the hardened settings. ## Requirements - 1. ESP-IDF development framework + 1. ESP-IDF development framework [https://docs.espressif.com/projects/esp-idf/en/latest/get-started/] + Note: This expects to use Linux version. - + ## Setup 1. Run *setup.sh* to deploy files into ESP-IDF tree 2. Find Wolfssl files at /path/to/esp-idf/components/wolfssl/ 3. Find Example programs under /path/to/esp-idf/examples/protocols/wolfssl_xxx - 4. Uncomment out #define WOLFSSL_ESPIDF in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h + 4. Uncomment out #define WOLFSSL_ESPIDF in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h Uncomment out #define WOLFSSL_ESPWROOM32 in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h ## Configuration diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md index 7581e8bce..0430ca2f5 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md @@ -2,12 +2,14 @@ The Example contains of wolfSSL benchmark program. -1. "make menuconfig" to configure the program. - 1-1. Example Configuration -> - BENCH_ARG : argument that you want to use. Default is "-lng 0" - The list of argument can be find in help. +1. "make menuconfig" to configure the program. + 1-1. Example Configuration -> + + BENCH_ARG : argument that you want to use. Default is "-lng 0" + The list of argument can be find in help. When you want to run the benchmark program + 1. "make flash" to compile and load the firmware 2. "make monitor" to see the message diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/user_settings.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/user_settings.h index 35df8c37e..7fade0591 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/user_settings.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/user_settings.h @@ -31,10 +31,13 @@ #define HAVE_AEAD #define HAVE_SUPPORTED_CURVES -#define SINGLE_THREADED /* or define RTOS option */ +/* when you want to use SINGLE THREAD */ +/* #define SINGLE_THREADED */ #define NO_FILESYSTEM #define HAVE_AESGCM +/* when you want to use SHA384 */ +/* #define WOLFSSL_SHA384 */ #define WOLFSSL_SHA512 #define HAVE_ECC #define HAVE_CURVE25519 @@ -43,9 +46,15 @@ /* debug options */ /* #define DEBUG_WOLFSSL */ +/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */ /* date/time */ /* if it cannot adjust time in the device, */ /* enable macro below */ /* #define NO_ASN_TIME */ /* #define XTIME time */ + +/* when you want not to use HW acceleration */ +/* #define NO_ESP32WROOM32_CRYPT */ +/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/ +/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md index 4edec3eeb..0957bb8d0 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md @@ -1,19 +1,22 @@ -#wolfssl Example +#wolfSSL Example The Example contains of wolfSSL tls client demo. -1. "make menuconfig" to config the project - 1-1. Example Configuration -> - WIFI SSID: your own WIFI, which is connected to the Internet.(default is "myssid") - WIFI Password: WIFI password, and default is "mypassword" - Target host ip address : the host that you want to connect to.(default is 127.0.0.1) +1. "make menuconfig" to config the project + 1-1. Example Configuration -> + + WIFI SSID: your own WIFI, which is connected to the Internet.(default is "myssid") + WIFI Password: WIFI password, and default is "mypassword" + Target host ip address : the host that you want to connect to.(default is 127.0.0.1) - Note: the example program uses 11111 port. If you want to use different port - , you need to modifiy DEFAULT_PORT definition in the code. + Note: the example program uses 11111 port. If you want to use different port + , you need to modifiy DEFAULT_PORT definition in the code. When you want to test the wolfSSL client -1. "make falsh monitor" to load the firmware and see the context -2. You can use /examples/server/server program for test. - e.g. Launch ./examples/server/server -v 4 -b -i + +1. "make falsh monitor" to load the firmware and see the context +2. You can use /examples/server/server program for test. + + e.g. Launch ./examples/server/server -v 4 -b -i See the README.md file in the upper level 'examples' directory for more information about examples. diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/user_settings.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/user_settings.h index 35df8c37e..7fade0591 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/user_settings.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/user_settings.h @@ -31,10 +31,13 @@ #define HAVE_AEAD #define HAVE_SUPPORTED_CURVES -#define SINGLE_THREADED /* or define RTOS option */ +/* when you want to use SINGLE THREAD */ +/* #define SINGLE_THREADED */ #define NO_FILESYSTEM #define HAVE_AESGCM +/* when you want to use SHA384 */ +/* #define WOLFSSL_SHA384 */ #define WOLFSSL_SHA512 #define HAVE_ECC #define HAVE_CURVE25519 @@ -43,9 +46,15 @@ /* debug options */ /* #define DEBUG_WOLFSSL */ +/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */ /* date/time */ /* if it cannot adjust time in the device, */ /* enable macro below */ /* #define NO_ASN_TIME */ /* #define XTIME time */ + +/* when you want not to use HW acceleration */ +/* #define NO_ESP32WROOM32_CRYPT */ +/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/ +/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md index 2265618df..854017c1f 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md @@ -3,17 +3,20 @@ The Example contains a wolfSSL simple server. 1. "make menuconfigure" to configure the project - 1-1. Example Configuration -> - WIFI SSID : your own WIFI, which is connected to the Internet.(default is "myssid") - WIFI Password : WIFI password, and default is "mypassword" + + 1-1. Example Configuration -> + WIFI SSID : your own WIFI, which is connected to the Internet.(default is "myssid") + WIFI Password : WIFI password, and default is "mypassword" When you want to test the wolfSSL simple server demo + 1. "make flash" to compile the code and load the firmware -2. "make monitor" to see the context. The assigned IP address can be found in output message. -3. Once the server connects to the wifi, it is waiting for client request. - ("Waiting for a connection..." message will be displayed.) -4. You can use /examples/client to test the server - e.g ./example/client/client -h xx.xx.xx +2. "make monitor" to see the context. The assigned IP address can be found in output message. +3. Once the server connects to the wifi, it is waiting for client request. + ("Waiting for a connection..." message will be displayed.) + +4. You can use /examples/client to test the server + e.g ./example/client/client -h xx.xx.xx See the README.md file in the upper level 'examples' directory for more information about examples. diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/user_settings.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/user_settings.h index 35df8c37e..7fade0591 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/user_settings.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/user_settings.h @@ -31,10 +31,13 @@ #define HAVE_AEAD #define HAVE_SUPPORTED_CURVES -#define SINGLE_THREADED /* or define RTOS option */ +/* when you want to use SINGLE THREAD */ +/* #define SINGLE_THREADED */ #define NO_FILESYSTEM #define HAVE_AESGCM +/* when you want to use SHA384 */ +/* #define WOLFSSL_SHA384 */ #define WOLFSSL_SHA512 #define HAVE_ECC #define HAVE_CURVE25519 @@ -43,9 +46,15 @@ /* debug options */ /* #define DEBUG_WOLFSSL */ +/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */ /* date/time */ /* if it cannot adjust time in the device, */ /* enable macro below */ /* #define NO_ASN_TIME */ /* #define XTIME time */ + +/* when you want not to use HW acceleration */ +/* #define NO_ESP32WROOM32_CRYPT */ +/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/ +/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/user_settings.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/user_settings.h index 35df8c37e..7fade0591 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/user_settings.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/user_settings.h @@ -31,10 +31,13 @@ #define HAVE_AEAD #define HAVE_SUPPORTED_CURVES -#define SINGLE_THREADED /* or define RTOS option */ +/* when you want to use SINGLE THREAD */ +/* #define SINGLE_THREADED */ #define NO_FILESYSTEM #define HAVE_AESGCM +/* when you want to use SHA384 */ +/* #define WOLFSSL_SHA384 */ #define WOLFSSL_SHA512 #define HAVE_ECC #define HAVE_CURVE25519 @@ -43,9 +46,15 @@ /* debug options */ /* #define DEBUG_WOLFSSL */ +/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */ /* date/time */ /* if it cannot adjust time in the device, */ /* enable macro below */ /* #define NO_ASN_TIME */ /* #define XTIME time */ + +/* when you want not to use HW acceleration */ +/* #define NO_ESP32WROOM32_CRYPT */ +/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/ +/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */ diff --git a/IDE/Espressif/ESP-IDF/libs/component.mk b/IDE/Espressif/ESP-IDF/libs/component.mk index 784209fc8..767353c94 100644 --- a/IDE/Espressif/ESP-IDF/libs/component.mk +++ b/IDE/Espressif/ESP-IDF/libs/component.mk @@ -6,6 +6,7 @@ COMPONENT_ADD_INCLUDEDIRS := . COMPONENT_ADD_INCLUDEDIRS += ../freertos/include/freertos/ COMPONENT_SRCDIRS := src wolfcrypt/src +COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o diff --git a/IDE/Espressif/ESP-IDF/setup.sh b/IDE/Espressif/ESP-IDF/setup.sh index 40b307bef..08c70448b 100755 --- a/IDE/Espressif/ESP-IDF/setup.sh +++ b/IDE/Espressif/ESP-IDF/setup.sh @@ -38,6 +38,7 @@ ${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/ ${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/src ${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfcrypt ${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfssl +${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/test popd > /dev/null # $WOLFSSL_ESPIDFDIR pushd ${BASEDIR} > /dev/null # WOLFSSL TOP DIR @@ -51,6 +52,8 @@ ${CPDCMD} -r ./wolfcrypt/benchmark ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/ ${CPDCMD} -r ./wolfssl/*.h ${WOLFSSLLIB_TRG_DIR}/wolfssl/ ${CPDCMD} -r ./wolfssl/wolfcrypt ${WOLFSSLLIB_TRG_DIR}/wolfssl/ +# unit test app +${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/test/* ${WOLFSSLLIB_TRG_DIR}/test/ popd > /dev/null # diff --git a/IDE/Espressif/ESP-IDF/test/CMakeLists.txt b/IDE/Espressif/ESP-IDF/test/CMakeLists.txt new file mode 100644 index 000000000..e0ca89b43 --- /dev/null +++ b/IDE/Espressif/ESP-IDF/test/CMakeLists.txt @@ -0,0 +1,6 @@ +set(COMPONENT_SRCDIRS ".") +set(COMPONENT_ADD_INCLUDEDIRS ".") + +set(COMPONENT_REQUIRES unity test_utils wolfssl) + +register_component() diff --git a/IDE/Espressif/ESP-IDF/test/README.md b/IDE/Espressif/ESP-IDF/test/README.md new file mode 100644 index 000000000..76cbce775 --- /dev/null +++ b/IDE/Espressif/ESP-IDF/test/README.md @@ -0,0 +1,18 @@ +# wolfSSL unit tests + +The test contains of wolfSSL unit-test app on Unity. + +When you want to run the app +1. Copy *test.c* file at /path/to/esp-idf/components/wolfssl/wolfcrypt/test/ folder to the wolfssl/test folder +2. Copy *user_settings.h* to /esp-idf/components/wolfssl/ +3. Add *CFLAGS += -DWOLFSSL_USER_SETTINGS* into components.mk at wolfssl/ +OR, copy *component_wolfssl.mk.use* into wolfssl/ folder +4. Go to /esp-idf/tools/unit-test-app/ folder +5. "make menuconfig" to configure unit test app. +6. "make TEST_COMPONENTS=wolfssl" to build wolfssl unit test app. + +NOTE: + You should remove *user_settings.h* file at wolfssl/ folder after finishing run + the unit test app. + +See [https://docs.espressif.com/projects/esp-idf/en/latest/api-guides/unit-tests.html] for more information about unit test app. diff --git a/IDE/Espressif/ESP-IDF/test/component.mk b/IDE/Espressif/ESP-IDF/test/component.mk new file mode 100644 index 000000000..fb008779b --- /dev/null +++ b/IDE/Espressif/ESP-IDF/test/component.mk @@ -0,0 +1,10 @@ +# +#Component Makefile +# + +#CFLAGS := -v +CFLAGS += -DNO_MAIN_DRIVER +CFLAGS += -DWOLFSSL_USER_SETTINGS +#CFLAGS += -DWOLFSSL_ESP32WROOM32_CRYPT_DEBUG + +COMPONENT_ADD_LDFLAGS = -Wl,--whole-archive -l$(COMPONENT_NAME) -Wl,--no-whole-archive diff --git a/IDE/Espressif/ESP-IDF/test/component_wolfssl.mk.use b/IDE/Espressif/ESP-IDF/test/component_wolfssl.mk.use new file mode 100644 index 000000000..955934c10 --- /dev/null +++ b/IDE/Espressif/ESP-IDF/test/component_wolfssl.mk.use @@ -0,0 +1,16 @@ +# +# Component Makefile +# + +COMPONENT_ADD_INCLUDEDIRS := . +COMPONENT_ADD_INCLUDEDIRS += ../freertos/include/freertos/ + +COMPONENT_SRCDIRS := src wolfcrypt/src +COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif + +CFLAGS +=-DWOLFSSL_USER_SETTINGS + +COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o +COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o +COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o +COMPONENT_OBJEXCLUDE += src/bio.o diff --git a/IDE/Espressif/ESP-IDF/test/test_wolfssl.c b/IDE/Espressif/ESP-IDF/test/test_wolfssl.c new file mode 100644 index 000000000..b4fbefff7 --- /dev/null +++ b/IDE/Espressif/ESP-IDF/test/test_wolfssl.c @@ -0,0 +1,524 @@ +/* +* wolfssl sha tests +*/ + +#include +#include + +#include +#include "freertos/FreeRTOS.h" +#include "freertos/task.h" +#include "freertos/semphr.h" +#include "unity.h" +#include "sdkconfig.h" +#include "esp_log.h" + +#include +#include +#include +#include +#include +#include +#include + +static const char* TAG = "wolfssl unit test"; +static xSemaphoreHandle exit_semaph; +static volatile bool exit_loop=false; + +#define SHA_STACK_SIZE (20*1024) +#define TIMES_SHA 500 +#define TIMES_AES 100 + +#ifndef NO_SHA +int sha_test(); +#endif +#ifndef NO_SHA256 +int sha256_test(); +#endif +#ifdef WOLFSSL_SHA384 +int sha384_test(void); +#endif +#ifdef WOLFSSL_SHA512 +int sha512_test(void); +#endif + +#ifndef NO_AES +int aes_test(void); +static void tskAes_Test(void *pvParam) +{ + ESP_LOGI(TAG, "enter tskAes_Test"); + int ret = 0; + while(exit_loop==false) { + ret = aes_test(); + if(ret != 0) { + printf("result was not good(aes_test)(%d)\n",ret); + TEST_FAIL_MESSAGE("tskAes_Test\n"); + } + } + + ESP_LOGI(TAG, "leave tskAes_Test"); + xSemaphoreGive(exit_semaph); + vTaskDelete(NULL); +} + +int aesgcm_test(void); + +static void tskAesGcm_Test(void *pvParam) +{ + ESP_LOGI(TAG, "enter tskAesGcm_Test"); + int ret = 0; + while(exit_loop==false) { + ret = aesgcm_test(); + if(ret != 0) { + printf(" results was not good(%d). aesGcm_test\n",ret); + TEST_FAIL_MESSAGE("aesGcm_test\n"); + } + } + ESP_LOGI(TAG, "leave tskAesGcm_Test"); + xSemaphoreGive(exit_semaph); + vTaskDelete(NULL); +} + +#ifdef WOLFSSL_AES_192 +int aes192_test(void); +static void tskAes192_Test(void *pvParam) +{ + ESP_LOGI(TAG, "enter tskAes192_Test"); + int ret = 0; + while(exit_loop==false) { + ret = aes192_test(); + if(ret != 0) { + printf(" results was not good(%d). aes192_test\n",ret); + TEST_FAIL_MESSAGE("aes192_test\n"); + } + } + ESP_LOGI(TAG, "leave tskAes192_Test"); + xSemaphoreGive(exit_semaph); + vTaskDelete(NULL); +} +#endif +#ifdef WOLFSSL_AES_256 +int aes256_test(void); +static void tskAes256_Test(void *pvParam) +{ + ESP_LOGI(TAG, "enter tskAes256_Test"); + int ret = 0; + while(exit_loop==false) { + ret = aes256_test(); + if(ret != 0) { + printf(" results was not good(%d). aes256_test\n", ret); + TEST_FAIL_MESSAGE("aes256_test\n"); + } + } + ESP_LOGI(TAG, "leave tskAes256_Test"); + xSemaphoreGive(exit_semaph); + vTaskDelete(NULL); +} +#endif + +TEST_CASE("wolfssl aes test" , "[wolfssl]") +{ + ESP_LOGI(TAG, "aes test"); + TEST_ASSERT_EQUAL(0, aes_test()); +#ifdef WOLFSSL_AES_192 + ESP_LOGI(TAG, "aes_192 test"); + TEST_ASSERT_EQUAL(0, aes192_test()); +#endif +#ifdef WOLFSSL_AES_256 + ESP_LOGI(TAG, "aes_256 test"); + TEST_ASSERT_EQUAL(0, aes256_test()); +#endif + ESP_LOGI(TAG, "aes-gcm test"); + TEST_ASSERT_EQUAL(0, aesgcm_test()); +} + +#endif + +TEST_CASE("wolfssl sha crypt-test", "[wolfssl]") +{ +#ifndef NO_SHA + ESP_LOGI(TAG, "sha_test()"); + TEST_ASSERT_EQUAL(0, sha_test()); +#endif +#ifndef NO_SHA256 + ESP_LOGI(TAG, "sha256_test()"); + TEST_ASSERT_EQUAL(0, sha256_test()); +#endif +#ifdef WOLSSL_SHA384 + ESP_LOGI(TAG, "sha384_test()"); + TEST_ASSERT_EQUAL(0, sha384_test()); +#endif +#ifdef WOLFSSL_SHA512 + ESP_LOGI(TAG, "sha512_test()"); + TEST_ASSERT_EQUAL(0, sha512_test()); +#endif +} + + +#ifndef NO_SHA +static void tskSha_Test(void *pvParam) +{ + ESP_LOGI(TAG, "enter tskSha_Test"); + + int ret = 0; + + while(exit_loop==false) { + ret = sha_test(); + if(ret != 0) { + printf(" results was not good(%d). sha_test\n", ret); + TEST_FAIL_MESSAGE("tskSha_Test\n"); + } + } + + ESP_LOGI(TAG, "leave tskSha_Test"); + xSemaphoreGive(exit_semaph); + vTaskDelete(NULL); +} +#endif + +#ifndef NO_SHA256 +static void tskSha256_Test(void *pvParam) +{ + ESP_LOGI(TAG, "enter tskSha256_Test"); + int ret; + + while(exit_loop==false) { + ret = sha256_test(); + if(ret != 0) { + printf("results was not good(%d). sha256_test\n", ret); + TEST_FAIL_MESSAGE("sha256_test() failed"); + } + } + + ESP_LOGI(TAG, "leave tskSha256_Test"); + xSemaphoreGive(exit_semaph); + vTaskDelete(NULL); +} +#endif + +#ifdef WOLFSSL_SHA384 +static void tskSha384_Test(void *pvParam) +{ + ESP_LOGI(TAG, "enter tskSha384_Test"); + int ret = 0; + + while(exit_loop==false) { + ret = sha384_test(); + if(ret != 0) { + printf("results was not good(%d). sha384_test\n", ret); + TEST_FAIL_MESSAGE("sha384_test() failed\n"); + } + } + + ESP_LOGI(TAG, "leave tskSha384_Test"); + xSemaphoreGive(exit_semaph); + vTaskDelete(NULL); +} +#endif + +#ifdef WOLFSSL_SHA512 +static void tskSha512_Test(void *pvParam) +{ + ESP_LOGI(TAG, "enter tskSha512_Test"); + + int ret = 0; + + while(exit_loop==false) { + ret = sha512_test(); + if(ret != 0) { + printf(" results was not good(%d). sha512_test\n", ret); + TEST_FAIL_MESSAGE("tskSha512_Test() failed\n"); + } + } + ESP_LOGI(TAG, "leave tskSha512_test()"); + xSemaphoreGive(exit_semaph); + vTaskDelete(NULL); + + +} +#endif + +TEST_CASE("wolfssl sha multi-thread test ", "[wolfssl]") +{ + int num = 0; +#ifndef NO_SHA + num++; +#endif +#ifndef NO_SHA256 + num++; +#endif +#ifdef WOLFSSL_SHA384 + num++; +#endif +#ifdef WOLFSSL_SHA512 + num++; +#endif + + exit_loop = false; + + exit_semaph = xSemaphoreCreateCounting(num, 0); + +#ifndef NO_SHA + xTaskCreate(tskSha_Test, "sha_test", SHA_STACK_SIZE, NULL, 3, NULL); +#endif +#ifndef NO_SHA256 + xTaskCreate(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL); +#endif +#ifdef WOLFSSL_SHA384 + xTaskCreate(tskSha384_Test, "sha384_test", SHA_STACK_SIZE, NULL, 3, NULL); +#endif +#ifdef WOLFSSL_SHA512 + xTaskCreate(tskSha512_Test, "sha512_test", SHA_STACK_SIZE, NULL, 3, NULL); +#endif + + ESP_LOGI(TAG, "Waiting for 10s ..."); + vTaskDelay(10000/portTICK_PERIOD_MS); + exit_loop = true; + + for(int i=0;ikeylen = keylen; + aes->rounds = keylen/4 + 6; + + XMEMCPY(aes->key, userKey, keylen); + + return wc_AesSetIV(aes, iv); + } + int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, int dir) { @@ -1983,7 +2027,9 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) aes->rounds = (keylen/4) + 6; XMEMCPY(rk, userKey, keylen); - #if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT) + #if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \ + (!defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)) ByteReverseWords(rk, rk, keylen); #endif @@ -2826,6 +2872,17 @@ int wc_AesSetIV(Aes* aes, const byte* iv) return ret; } #endif /* HAVE_AES_DECRYPT */ +#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES) + + int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + return wc_esp32AesCbcEncrypt(aes, out, in, sz); + } + int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + return wc_esp32AesCbcDecrypt(aes, out, in, sz); + } #elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) /* implemented in wolfcrypt/src/port/caam/caam_aes.c */ diff --git a/wolfcrypt/src/include.am b/wolfcrypt/src/include.am index 8adbbcdb0..d0db26500 100644 --- a/wolfcrypt/src/include.am +++ b/wolfcrypt/src/include.am @@ -68,7 +68,11 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \ wolfcrypt/src/port/devcrypto/devcrypto_hash.c \ wolfcrypt/src/port/devcrypto/wc_devcrypto.c \ wolfcrypt/src/port/devcrypto/README.md \ - wolfcrypt/src/port/mynewt/mynewt_port.c + wolfcrypt/src/port/mynewt/mynewt_port.c \ + wolfcrypt/src/port/Espressif/esp32_aes.c \ + wolfcrypt/src/port/Espressif/esp32_sha.c \ + wolfcrypt/src/port/Espressif/esp32_util.c + if BUILD_CRYPTODEV src_libwolfssl_la_SOURCES += wolfcrypt/src/cryptodev.c diff --git a/wolfcrypt/src/port/Espressif/README.md b/wolfcrypt/src/port/Espressif/README.md new file mode 100644 index 000000000..aea8a8a3b --- /dev/null +++ b/wolfcrypt/src/port/Espressif/README.md @@ -0,0 +1,96 @@ +# ESP32 Port + +Support for the ESP32-WROOM-32 on-board crypto hardware acceleration for symmetric AES and SHA1/SHA256/SHA384/SHA512. + +NOTE: RSA has not supported yet. + +## ESP32 Acceleration + +For detail about ESP32 HW Acceleration, you can find in [Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf) + +### Building + +To enable hw acceleration : + +Uncomment out #define WOLFSSL_ESPIDF in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h +Uncomment out #define WOLFSSL_ESPWROOM32 in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h + +To disable portions of the hardware acceleration you can optionally define: + +``` +/* Disabled SHA and AES acceleration */ +#define NO_ESP32WROOM32_CRYPT +/* Disabled AES acceleration */ +#define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES +/* Disabed SHA acceleration */ +#define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH +``` + +### Coding + +In your application you must include before any other wolfSSL headers. If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` and adding your own `user_settings.h` file. You can find a good reference for this in `IDE/GCC-ARM/Header/user_settings.h`. + + +### Benchmarks + +Software only implementation : + + +``` +AES-128-CBC-enc 1 MB took 1.001 seconds, 1.146 MB/s +AES-128-CBC-dec 1 MB took 1.017 seconds, 1.104 MB/s +AES-192-CBC-enc 1 MB took 1.018 seconds, 1.055 MB/s +AES-192-CBC-dec 1 MB took 1.006 seconds, 1.019 MB/s +AES-256-CBC-enc 1000 KB took 1.000 seconds, 1000.000 KB/s +AES-256-CBC-dec 975 KB took 1.007 seconds, 968.222 KB/s +AES-128-GCM-enc 350 KB took 1.055 seconds, 331.754 KB/s +AES-128-GCM-dec 350 KB took 1.055 seconds, 331.754 KB/s +AES-192-GCM-enc 325 KB took 1.013 seconds, 320.829 KB/s +AES-192-GCM-dec 325 KB took 1.013 seconds, 320.829 KB/s +AES-256-GCM-enc 325 KB took 1.041 seconds, 312.200 KB/s +AES-256-GCM-dec 325 KB took 1.041 seconds, 312.200 KB/s +SHA 6 MB took 1.003 seconds, 5.720 MB/s +SHA-256 2 MB took 1.003 seconds, 2.483 MB/s +SHA-384 1 MB took 1.002 seconds, 1.218 MB/s +SHA-512 1 MB took 1.000 seconds, 1.221 MB/s +HMAC-SHA 6 MB took 1.000 seconds, 5.664 MB/s +HMAC-SHA256 2 MB took 1.002 seconds, 2.461 MB/s +HMAC-SHA384 1 MB took 1.017 seconds, 1.200 MB/s +HMAC-SHA512 1 MB took 1.017 seconds, 1.200 MB/s +``` + +Hardware Acceleration : + + +``` +AES-128-CBC-enc 6 MB took 1.002 seconds, 6.018 MB/s +AES-128-CBC-dec 5 MB took 1.002 seconds, 5.336 MB/s +AES-192-CBC-enc 6 MB took 1.003 seconds, 6.012 MB/s +AES-192-CBC-dec 5 MB took 1.004 seconds, 5.325 MB/s +AES-256-CBC-enc 6 MB took 1.003 seconds, 6.012 MB/s +AES-256-CBC-dec 5 MB took 1.004 seconds, 5.325 MB/s +AES-128-GCM-enc 350 KB took 1.001 seconds, 349.650 KB/s +AES-128-GCM-dec 350 KB took 1.001 seconds, 349.650 KB/s +AES-192-GCM-enc 350 KB took 1.015 seconds, 344.828 KB/s +AES-192-GCM-dec 350 KB took 1.015 seconds, 344.828 KB/s +AES-256-GCM-enc 350 KB took 1.022 seconds, 342.466 KB/s +AES-256-GCM-dec 350 KB took 1.022 seconds, 342.466 KB/s +SHA 14 MB took 1.001 seconds, 14.073 MB/s +SHA-256 15 MB took 1.000 seconds, 15.259 MB/s +SHA-384 18 MB took 1.000 seconds, 17.529 MB/s +SHA-512 18 MB took 1.000 seconds, 17.529 MB/s +HMAC-SHA 14 MB took 1.001 seconds, 13.805 MB/s +HMAC-SHA256 15 MB took 1.000 seconds, 14.966 MB/s +HMAC-SHA384 17 MB took 1.000 seconds, 16.968 MB/s +HMAC-SHA512 17 MB took 1.001 seconds, 16.951 MB/s +``` + +Condition : +- Model : ESP32-WROOM-32 +- CPU Speed: 240Mhz +- ESP-IDF : v3.3-beta1-39-g6cb37ecc5(commit hash : 6cb37ecc5) +- OS : Ubuntu 18.04.1 LTS (Bionic Beaver) + +## Support + +Email us at [support@wolfssl.com](mailto:support@wolfssl.com). diff --git a/wolfcrypt/src/port/Espressif/esp32_aes.c b/wolfcrypt/src/port/Espressif/esp32_aes.c new file mode 100644 index 000000000..66ec98884 --- /dev/null +++ b/wolfcrypt/src/port/Espressif/esp32_aes.c @@ -0,0 +1,290 @@ +/** + * aes.c + * Copyright (C) 2006-2018 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#include +#include + +#ifdef HAVE_CONFIG_H + #include +#endif +#include + +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES) + +#include +#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h" + +static const char* TAG = "wolf_hw_aes"; +/* mutex */ +static wolfSSL_Mutex aes_mutex; +static int espaes_CryptHwMutexInit = 0; + +/* +* lock hw engine. +* this should be called before using engine. +*/ +static int esp_aes_hw_InUse() +{ + ESP_LOGV(TAG, "enter esp_aes_hw_InUse"); + int ret = 0; + + if(espaes_CryptHwMutexInit == 0) { + ret = esp_CryptHwMutexInit(&aes_mutex); + if(ret == 0){ + espaes_CryptHwMutexInit = 1; + } else { + ESP_LOGE(TAG, "aes mutx initialization failed."); + return -1; + } + } + /* lock hardware */ + ret = esp_CryptHwMutexLock(&aes_mutex, portMAX_DELAY); + if(ret != 0) { + ESP_LOGE(TAG, "aes engine lock failed."); + return -1; + } + /* Enable AES hardware */ + periph_module_enable(PERIPH_AES_MODULE); + + ESP_LOGV(TAG, "leave esp_aes_hw_InUse"); + return ret; +} + +/* +* release hw engine +*/ +static void esp_aes_hw_Leave( void ) +{ + ESP_LOGV(TAG, "enter esp_aes_hw_InUse"); + /* Disable AES hardware */ + periph_module_disable(PERIPH_AES_MODULE); + + /* unlock */ + esp_CryptHwMutexUnLock(&aes_mutex); + + ESP_LOGV(TAG, "leave esp_aes_hw_Leave"); +} + +/* + * set key to hardware key registers. + */ +static void esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode) +{ + ESP_LOGV(TAG, "enter esp_aes_hw_InUse"); + word32 mode_ = 0; + + /* check mode */ + if(mode == ESP32_AES_UPDATEKEY_ENCRYPT) { + mode_ = 0; + } else if(mode == ESP32_AES_UPDATEKEY_DECRYPT){ + mode_ = 4; + } else { + ESP_LOGE(TAG, "unexpected error."); + return; + } + + /* update key */ + for(int i=0;i<(ctx->keylen)/sizeof(word32);i++){ + DPORT_REG_WRITE(AES_KEY_BASE + (i*4), *(((word32*)ctx->key) + i)); + } + + /* mode + * 0 AES-128 Encryption + * 1 AES-192 Encryption + * 2 AES-256 Encryption + * 4 AES-128 Decryption + * 5 AES-192 Decryption + * 6 AES-256 Decryption + */ + switch(ctx->keylen){ + case 24: mode_ += 1; break; + case 32: mode_ += 2; break; + default: break; + } + + DPORT_REG_WRITE(AES_MODE_REG, mode_); + ESP_LOGV(TAG, "leave esp_aes_hw_Setkey"); +} + +/* + * Porcess a one block of AES + */ +static void esp_aes_bk(const byte* in, byte* out) +{ + ESP_LOGV(TAG, "enter esp_aes_hw_InUse"); + const word32 *inwords = (const word32 *)in; + word32 *outwords = (word32 *)out; + + /* copy text for encrypting/decrypting blocks */ + DPORT_REG_WRITE(AES_TEXT_BASE, inwords[0]); + DPORT_REG_WRITE(AES_TEXT_BASE + 4, inwords[1]); + DPORT_REG_WRITE(AES_TEXT_BASE + 8, inwords[2]); + DPORT_REG_WRITE(AES_TEXT_BASE + 12, inwords[3]); + + /* start engine */ + DPORT_REG_WRITE(AES_START_REG, 1); + + /* wait until finishing the process */ + while(1) { + if(DPORT_REG_READ(AES_IDLE_REG) == 1) + break; + } + + /* read-out blocks */ + esp_dport_access_read_buffer(outwords, AES_TEXT_BASE, 4); + ESP_LOGV(TAG, "leave esp_aes_bk"); +} + +/* +* wc_esp32AesEncrypt +* @brief: a one block encrypt of the input block, into the output block +* @param aes: a pointer of the AES object used to encrypt data +* @param in : a pointer of the input buffer containing plain text to be encrypted +* @param out: a pointer of the output buffer in which to store the cipher text of +* the encrypted message +*/ +int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out) +{ + ESP_LOGV(TAG, "enter wc_esp32AesEncrypt"); + /* lock the hw engine */ + esp_aes_hw_InUse(); + /* load the key into the register */ + esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT); + /* process a one block of AES */ + esp_aes_bk(in, out); + /* release hw */ + esp_aes_hw_Leave(); + return 0; +} +/* +* wc_esp32AesDecrypt +* @brief: a one block decrypt of the input block, into the output block +* @param aes: a pointer of the AES object used to decrypt data +* @param in : a pointer of the input buffer containing plain text to be decrypted +* @param out: a pointer of the output buffer in which to store the cipher text of +* the decrypted message +*/ +int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out) +{ + ESP_LOGV(TAG, "enter wc_esp32AesDecrypt"); + /* lock the hw engine */ + esp_aes_hw_InUse(); + /* load the key into the register */ + esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT); + /* process a one block of AES */ + esp_aes_bk(in, out); + /* release hw engine */ + esp_aes_hw_Leave(); + return 0; +} +/* +* wc_esp32AesCbcEncrypt +* @brief: Encrypts a plain text message from the input buffer, and places the +* resulting cipher text into the output buffer using cipher block chaining +* with AES. +* @param aes: a pointer of the AES object used to encrypt data +* @param out: a pointer of the output buffer in which to store the cipher text of +* the encrypted message +* @param in : a pointer of the input buffer containing plain text to be encrypted +* @param sz : size of input message +*/ +int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) +{ + ESP_LOGV(TAG, "enter wc_esp32AesCbcEncrypt"); + int i; + int offset = 0; + word32 blocks = (sz / AES_BLOCK_SIZE); + byte *iv; + byte temp_block[AES_BLOCK_SIZE]; + + iv = (byte*)aes->reg; + + esp_aes_hw_InUse(); + + esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT); + + while (blocks--) { + XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE); + + /* XOR block with IV for CBC */ + for (i = 0; i < AES_BLOCK_SIZE; i++) + temp_block[i] ^= iv[i]; + + esp_aes_bk(temp_block, (out + offset)); + + offset += AES_BLOCK_SIZE; + + /* store IV for next block */ + XMEMCPY(iv, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + } + + esp_aes_hw_Leave(); + ESP_LOGV(TAG, "leave wc_esp32AesCbcEncrypt"); + return 0; +} +/* +* wc_esp32AesCbcDecrypt +* @brief: Encrypts a plain text message from the input buffer, and places the +* resulting cipher text into the output buffer using cipher block chaining +* with AES. +* @param aes: a pointer of the AES object used to decrypt data +* @param out: a pointer of the output buffer in which to store the cipher text of +* the decrypted message +* @param in : a pointer of the input buffer containing plain text to be decrypted +* @param sz : size of input message +*/ +int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) +{ + ESP_LOGV(TAG, "enter wc_esp32AesCbcDecrypt"); + int i; + int offset = 0; + word32 blocks = (sz / AES_BLOCK_SIZE); + byte* iv; + byte temp_block[AES_BLOCK_SIZE]; + + iv = (byte*)aes->reg; + + esp_aes_hw_InUse(); + + esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT); + + while (blocks--) { + XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE); + + esp_aes_bk((in + offset), (out + offset)); + + /* XOR block with IV for CBC */ + for (i = 0; i < AES_BLOCK_SIZE; i++) + (out + offset)[i] ^= iv[i]; + + /* store IV for next block */ + XMEMCPY(iv, temp_block, AES_BLOCK_SIZE); + + offset += AES_BLOCK_SIZE; + } + + esp_aes_hw_Leave(); + ESP_LOGV(TAG, "leave wc_esp32AesCbcDecrypt"); + return 0; +} + +#endif /* WOLFSSL_ESP32WROOM32_CRYPT */ diff --git a/wolfcrypt/src/port/Espressif/esp32_sha.c b/wolfcrypt/src/port/Espressif/esp32_sha.c new file mode 100644 index 000000000..ef3d68b83 --- /dev/null +++ b/wolfcrypt/src/port/Espressif/esp32_sha.c @@ -0,0 +1,399 @@ +/** + * sha.c + * Copyright (C) 2006-2018 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +#include +#include + +#ifdef HAVE_CONFIG_H + #include +#endif +#include +#include "wolfssl/wolfcrypt/logging.h" + + +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + +#include +#include +#include + +#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h" +#include "wolfssl/wolfcrypt/error-crypt.h" + +#ifdef NO_INLINE + #include +#else + #define WOLFSSL_MISC_INCLUDED + #include +#endif + +static const char* TAG = "wolf_hw_sha"; + +/* mutex */ +#if defined(SINGLE_THREADED) +static int InUse = 0; +#else +static wolfSSL_Mutex sha_mutex; +static int espsha_CryptHwMutexInit = 0; +#endif +/* + enum SHA_TYPE { + SHA1 = 0, + SHA2_256, + SHA2_384, + SHA2_512, + SHA_INVALID = -1, + }; +*/ +static word32 esp_sha_digest_size(enum SHA_TYPE type) +{ + ESP_LOGV(TAG, "enter esp_sha_digest_sit"); + + switch(type){ + case SHA1: + return WC_SHA_DIGEST_SIZE; + case SHA2_256: + return WC_SHA256_DIGEST_SIZE; +#ifdef WOLFSSL_SHA384 + case SHA2_384: + return WC_SHA384_DIGEST_SIZE; +#endif +#ifdef WOLFSSL_SHA512 + case SHA2_512: + return WC_SHA512_DIGEST_SIZE; +#endif + default:return WC_SHA_DIGEST_SIZE; + } + ESP_LOGV(TAG, "leave esp_sha_digest_sit"); +} +/* +* wait until engines becomes idle +*/ +void esp_wait_until_idle() +{ + while((DPORT_REG_READ(SHA_1_BUSY_REG) !=0) || + (DPORT_REG_READ(SHA_256_BUSY_REG)!=0) || + (DPORT_REG_READ(SHA_384_BUSY_REG)!=0) || + (DPORT_REG_READ(SHA_512_BUSY_REG)!=0)){ } +} +/* +* lock hw engine. +* this should be called before using engine. +*/ +int esp_sha_try_hw_lock(WC_ESP32SHA* ctx) +{ + ESP_LOGV(TAG, "enter esp_sha_hw_Init"); + + int ret = 0; + /* Init mutex */ +#if defined(SINGLE_THREADED) + if(ctx->mode == ESP32_SHA_INIT) { + if(!InUse) { + ctx->mode = ESP32_SHA_HW; + InUse = 1; + } else { + ctx->mode = ESP32_SHA_SW; + } + } else { + /* this should not happens */ + ESP_LOGE(TAG, "unexpected error in esp_sha_try_hw_lock."); + return -1; + } +#else + if(espsha_CryptHwMutexInit == 0){ + ret = esp_CryptHwMutexInit(&sha_mutex); + if(ret == 0) { + espsha_CryptHwMutexInit = 1; + } else { + ESP_LOGE(TAG, " mutex initialization failed."); + ctx->mode = ESP32_SHA_SW; + return 0; + } + } + /* check if this sha has been operated as sw or hw, or not yet init */ + if(ctx->mode == ESP32_SHA_INIT){ + /* try to lock the hw engine */ + if(esp_CryptHwMutexLock(&sha_mutex, (TickType_t)0) == 0) { + ctx->mode = ESP32_SHA_HW; + } else { + ESP_LOGI(TAG, "someone used. hw is locked....."); + ESP_LOGI(TAG, "the rest of operaion will use sw implementation for this sha"); + ctx->mode = ESP32_SHA_SW; + return 0; + } + } else { + /* this should not happens */ + ESP_LOGE(TAG, "unexpected error in esp_sha_try_hw_lock."); + return -1; + } +#endif + /* Enable SHA hardware */ + periph_module_enable(PERIPH_SHA_MODULE); + + ESP_LOGV(TAG, "leave esp_sha_hw_Init"); + return ret; +} +/* +* release hw engine +*/ +void esp_sha_hw_Release( void ) +{ + ESP_LOGV(TAG, "enter esp_sha_hw_Release"); + + /* Disable AES hardware */ + periph_module_disable(PERIPH_SHA_MODULE); +#if defined(SINGLE_THREADED) + InUse = 0; +#else + /* unlock hw engine for next use */ + esp_CryptHwMutexUnLock(&sha_mutex); +#endif + ESP_LOGV(TAG, "leave esp_sha_hw_Release"); +} +/* +* start sha process by using hw engine +*/ +void esp_sha_start_process(WC_ESP32SHA* sha, word32 address) +{ + ESP_LOGV(TAG, "enter esp_sha_start_process"); + + if(sha->isfirstblock){ + /* start first message block */ + DPORT_REG_WRITE(address, 1); + sha->isfirstblock = 0; + } else { + /* CONTINU_REG */ + DPORT_REG_WRITE(address + 0x04, 1); + } + + ESP_LOGV(TAG, "leave esp_sha_start_process"); +} +/* +* process message block +*/ +void esp_process_block(WC_ESP32SHA* ctx, word32 address, + const word32* data, word32 len) +{ + ESP_LOGV(TAG, "enter esp_process_block"); + + /* check if there are any busy engine */ + esp_wait_until_idle(); + /* load message data into hw */ + for(int i=0;i<((len)/(sizeof(word32)));++i){ + DPORT_REG_WRITE(SHA_TEXT_BASE+(i*4),*(data+i)); + } + /* notify hw to start process */ + esp_sha_start_process(ctx, address); + + ESP_LOGV(TAG, "leave esp_process_block"); +} +/* +* retreive sha digest from memory +*/ +void esp_digest_state(WC_ESP32SHA* ctx, byte* hash, enum SHA_TYPE sha_type) +{ + ESP_LOGV(TAG, "enter esp_digest_state"); + /* registers */ + word32 SHA_LOAD_REG = SHA_1_LOAD_REG + sha_type * 0x10; + word32 SHA_BUSY_REG = SHA_1_BUSY_REG + sha_type * 0x10; + + if(ctx->isfirstblock == 1){ + /* no hardware use yet. Nothing to do yet */ + return ; + } + + { + /* wait until idle */ + esp_wait_until_idle(); + + /* LOAD final digest */ + DPORT_REG_WRITE(SHA_LOAD_REG, 1); + /* wait until done */ + while(DPORT_REG_READ(SHA_BUSY_REG) == 1){ } + + esp_dport_access_read_buffer((word32*)(hash), SHA_TEXT_BASE, + esp_sha_digest_size(sha_type)/4); + +#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) + if(sha_type==SHA2_384||sha_type==SHA2_512) { + word32 i; + word32* pwrd1 = (word32*)(hash); + /* swap value */ + for(i = 0; i ctx, SHA_START_REG, sha->buffer, + WC_SHA_BLOCK_SIZE); + + ESP_LOGV(TAG, "leave esp_sha_process"); + return ret; +} +/* +* retrieve sha1 digest +*/ +int esp_sha_digest_process(struct wc_Sha* sha, byte blockproc) +{ + ESP_LOGV(TAG, "enter esp_sha_digest_process"); + int ret = 0; + + if(blockproc) { + word32 SHA_START_REG = SHA_1_START_REG + SHA1 * 0x10; + + esp_process_block(&sha->ctx, SHA_START_REG, sha->buffer, + WC_SHA_BLOCK_SIZE); + } + + esp_digest_state(&sha->ctx, (byte*)sha->digest, SHA1); + + ESP_LOGV(TAG, "leave esp_sha_digest_process"); + + return ret; +} +#endif /* NO_SHA */ + + +#ifndef NO_WOLFSSL_SHA256 +/* +* sha256 process +*/ +int esp_sha256_process(struct wc_Sha256* sha) +{ + ESP_LOGV(TAG, "enter esp_sha256_process"); + int ret = 0; + word32 SHA_START_REG = SHA_1_START_REG + SHA2_256 * 0x10; + + esp_process_block(&sha->ctx, SHA_START_REG, sha->buffer, + WC_SHA_BLOCK_SIZE); + + ESP_LOGV(TAG, "leave esp_sha256_process"); + + return ret; +} +/* +* retrieve sha256 digest +*/ +int esp_sha256_digest_process(struct wc_Sha256* sha, byte blockproc) +{ + ESP_LOGV(TAG, "enter esp_sha256_digest_process"); + int ret = 0; + + if(blockproc) { + word32 SHA_START_REG = SHA_1_START_REG + SHA2_256 * 0x10; + + esp_process_block(&sha->ctx, SHA_START_REG, sha->buffer, + WC_SHA_BLOCK_SIZE); + } + + esp_digest_state(&sha->ctx, (byte*)sha->digest, SHA2_256); + + ESP_LOGV(TAG, "leave esp_sha256_digest_process"); + return ret; +} +#endif /* NO_WOLFSSL_SHA256 */ + +#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) +/* +* sha512 proess. this is used for sha384 too. +*/ +void esp_sha512_block(struct wc_Sha512* sha, const word32* data, byte isfinal) +{ + ESP_LOGV(TAG, "enter esp_sha512_block"); + + enum SHA_TYPE sha_type = sha->ctx.sha_type; + word32 SHA_START_REG = SHA_1_START_REG; + + SHA_START_REG += sha_type * 0x10; + + if(sha->ctx.mode == ESP32_SHA_SW){ + ByteReverseWords64(sha->buffer, sha->buffer, + WC_SHA512_BLOCK_SIZE); + if(isfinal){ + sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha->hiLen; + sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha->loLen; + } + + } else { + ByteReverseWords((word32*)sha->buffer, (word32*)sha->buffer, + WC_SHA512_BLOCK_SIZE); + if(isfinal){ + sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = + rotlFixed64(sha->hiLen, 32U); + sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = + rotlFixed64(sha->loLen, 32U); + } + + esp_process_block(&sha->ctx, SHA_START_REG, data, WC_SHA512_BLOCK_SIZE); + } + ESP_LOGV(TAG, "leave esp_sha512_block"); +} +/* +* sha512 proess. this is used for sha384 too. +*/ +int esp_sha512_process(struct wc_Sha512* sha) +{ + ESP_LOGV(TAG, "enter esp_sha512_process"); + + word32 *data = (word32*)sha->buffer; + esp_sha512_block(sha, data, 0); + + ESP_LOGV(TAG, "leave esp_sha512_process"); + return 0; +} +/* +* retreive sha512 digest. this is used for sha384 too. +*/ +int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc) +{ + ESP_LOGV(TAG, "enter esp_sha512_digest_process"); + + if(blockproc) { + word32* data = (word32*)sha->buffer; + + esp_sha512_block(sha, data, 1); + } + if(sha->ctx.mode != ESP32_SHA_SW) + esp_digest_state(&sha->ctx, (byte*)sha->digest, sha->ctx.sha_type); + + ESP_LOGV(TAG, "leave esp_sha512_digest_process"); + return 0; +} +#endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */ +#endif /* WOLFSSL_ESP32WROOM32_CRYPT */ diff --git a/wolfcrypt/src/port/Espressif/esp32_util.c b/wolfcrypt/src/port/Espressif/esp32_util.c new file mode 100644 index 000000000..d24562e43 --- /dev/null +++ b/wolfcrypt/src/port/Espressif/esp32_util.c @@ -0,0 +1,62 @@ +/** + * util.c + * Copyright (C) 2006-2018 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +#include + +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + (!defined(NO_AES) || !defined(NO_SHA) || !defined(NO_WOLFSSL_SHA256) ||\ + defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)) + +#include + +int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex) { + return wc_InitMutex(mutex); +} + +int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBloxkTime) { + return wc_LockMutex_ex(mutex, xBloxkTime); +} + +int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) { + return wc_UnLockMutex(mutex); +} + +#endif + +#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG + +#include "esp_timer.h" +#include "esp_log.h" + +uint64_t startTime = 0; + + +void wc_esp32TimerStart() +{ + startTime = esp_timer_get_time(); +} + +uint64_t wc_esp32elapsedTime() +{ + /* retturn elapsed time since wc_esp32AesTimeStart() is called in us */ + return esp_timer_get_time() - startTime; +} + +#endif /*WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */ diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c index f8f84e1a5..887a4f8dd 100644 --- a/wolfcrypt/src/sha.c +++ b/wolfcrypt/src/sha.c @@ -239,8 +239,44 @@ #elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) /* wolfcrypt/src/port/caam/caam_sha.c */ -#else +#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + + #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h" + + #define USE_SHA_SOFTWARE_IMPL + + static int InitSha(wc_Sha* sha) + { + int ret = 0; + + sha->digest[0] = 0x67452301L; + sha->digest[1] = 0xEFCDAB89L; + sha->digest[2] = 0x98BADCFEL; + sha->digest[3] = 0x10325476L; + sha->digest[4] = 0xC3D2E1F0L; + + sha->buffLen = 0; + sha->loLen = 0; + sha->hiLen = 0; + + /* alwasy start firstblock = 1 when using hw engine */ + sha->ctx.isfirstblock = 1; + sha->ctx.sha_type = SHA1; + if(sha->ctx.mode == ESP32_SHA_HW){ + /* release hw engine */ + esp_sha_hw_Release(); + } + /* always set mode as INIT + * whether using HW or SW is detemined at first call of update() + */ + sha->ctx.mode = ESP32_SHA_INIT; + + return ret; + } + +#else /* Software implementation */ #define USE_SHA_SOFTWARE_IMPL @@ -394,7 +430,11 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId) return BAD_FUNC_ARG; sha->heap = heap; - +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + sha->ctx.mode = ESP32_SHA_INIT; + sha->ctx.isfirstblock = 1; +#endif ret = InitSha(sha); if (ret != 0) return ret; @@ -444,7 +484,19 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len) #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA) ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE); #endif +#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) XTRANSFORM(sha, local); +#else + if(sha->ctx.mode == ESP32_SHA_INIT){ + esp_sha_try_hw_lock(&sha->ctx); + } + if(sha->ctx.mode == ESP32_SHA_SW){ + XTRANSFORM(sha, local); + } else { + esp_sha_process(sha); + } +#endif AddLength(sha, WC_SHA_BLOCK_SIZE); sha->buffLen = 0; } @@ -503,7 +555,19 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash) #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA) ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE); #endif +#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) XTRANSFORM(sha, local); +#else + if(sha->ctx.mode == ESP32_SHA_INIT){ + esp_sha_try_hw_lock(&sha->ctx); + } + if(sha->ctx.mode == ESP32_SHA_SW){ + XTRANSFORM(sha, local); + } else { + esp_sha_process(sha); + } +#endif sha->buffLen = 0; } XMEMSET(&local[sha->buffLen], 0, WC_SHA_PAD_SIZE - sha->buffLen); @@ -528,7 +592,20 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash) 2 * sizeof(word32)); #endif +#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) XTRANSFORM(sha, local); +#else + if(sha->ctx.mode == ESP32_SHA_INIT){ + esp_sha_try_hw_lock(&sha->ctx); + } + if(sha->ctx.mode == ESP32_SHA_SW){ + XTRANSFORM(sha, local); + } else { + esp_sha_digest_process(sha, 1); + } +#endif + #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE); #endif @@ -571,9 +648,22 @@ int wc_ShaGetHash(wc_Sha* sha, byte* hash) if (sha == NULL || hash == NULL) return BAD_FUNC_ARG; +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + if(sha->ctx.mode == ESP32_SHA_INIT){ + esp_sha_try_hw_lock(&sha->ctx); + } + if(sha->ctx.mode != ESP32_SHA_SW) + esp_sha_digest_process(sha, 0); +#endif + ret = wc_ShaCopy(sha, &tmpSha); if (ret == 0) { - ret = wc_ShaFinal(&tmpSha, hash); + ret = wc_ShaFinal(&tmpSha, hash); +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + sha->ctx.mode = ESP32_SHA_SW; +#endif } return ret; } @@ -593,7 +683,12 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst) #ifdef WOLFSSL_PIC32MZ_HASH ret = wc_Pic32HashCopy(&src->cache, &dst->cache); #endif - +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + dst->ctx.mode = src->ctx.mode; + dst->ctx.isfirstblock = src->ctx.isfirstblock; + dst->ctx.sha_type = src->ctx.sha_type; +#endif return ret; } #endif /* !WOLFSSL_TI_HASH */ diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index 23e0269e6..13e0b4443 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -140,7 +140,8 @@ #if !defined(WOLFSSL_PIC32MZ_HASH) && !defined(STM32_HASH_SHA2) && \ (!defined(WOLFSSL_IMX6_CAAM) || defined(NO_IMX6_CAAM_HASH)) && \ - !defined(WOLFSSL_AFALG_HASH) && !defined(WOLFSSL_DEVCRYPTO_HASH) + !defined(WOLFSSL_AFALG_HASH) && !defined(WOLFSSL_DEVCRYPTO_HASH) && \ + (!defined(WOLFSSL_ESP32WROOM32_CRYPT) || defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)) static int InitSha256(wc_Sha256* sha256) { int ret = 0; @@ -451,6 +452,64 @@ static int InitSha256(wc_Sha256* sha256) #elif defined(WOLFSSL_DEVCRYPTO_HASH) /* implemented in wolfcrypt/src/port/devcrypto/devcrypt_hash.c */ +#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + + #define NEED_SOFT_SHA256 + + static int InitSha256(wc_Sha256* sha256) + { + int ret = 0; + + if (sha256 == NULL) + return BAD_FUNC_ARG; + + XMEMSET(sha256->digest, 0, sizeof(sha256->digest)); + sha256->digest[0] = 0x6A09E667L; + sha256->digest[1] = 0xBB67AE85L; + sha256->digest[2] = 0x3C6EF372L; + sha256->digest[3] = 0xA54FF53AL; + sha256->digest[4] = 0x510E527FL; + sha256->digest[5] = 0x9B05688CL; + sha256->digest[6] = 0x1F83D9ABL; + sha256->digest[7] = 0x5BE0CD19L; + + sha256->buffLen = 0; + sha256->loLen = 0; + sha256->hiLen = 0; + + /* always start firstblock = 1 when using hw engine */ + sha256->ctx.isfirstblock = 1; + sha256->ctx.sha_type = SHA2_256; + if(sha256->ctx.mode == ESP32_SHA_HW) { + /* release hw */ + esp_sha_hw_Release(); + } + /* always set mode as INIT + * whether using HW or SW is detemined at first call of update() + */ + sha256->ctx.mode = ESP32_SHA_INIT; + + return ret; + } + int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId) + { + WOLFSSL_ENTER("wc_InitSha256_ex"); + int ret = 0; + + if (sha256 == NULL) + return BAD_FUNC_ARG; + + XMEMSET(sha256, 0, sizeof(wc_Sha256)); + sha256->ctx.mode = ESP32_SHA_INIT; + sha256->ctx.isfirstblock = 1; + (void)devId; + + ret = InitSha256(sha256); + + WOLFSSL_LEAVE("wc_InitSha256_ex", ret); + return ret; + } #else #define NEED_SOFT_SHA256 @@ -649,7 +708,20 @@ static int InitSha256(wc_Sha256* sha256) WC_SHA256_BLOCK_SIZE); } #endif + + #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) ret = XTRANSFORM(sha256); + #else + if(sha256->ctx.mode == ESP32_SHA_INIT) { + esp_sha_try_hw_lock(&sha256->ctx); + } + if(sha256->ctx.mode == ESP32_SHA_SW){ + ret = XTRANSFORM(sha256); + } else { + esp_sha256_process(sha256); + } + #endif if (ret == 0) { AddLength(sha256, WC_SHA256_BLOCK_SIZE); sha256->buffLen = 0; @@ -705,7 +777,20 @@ static int InitSha256(wc_Sha256* sha256) ByteReverseWords(sha256->buffer, sha256->buffer, WC_SHA256_BLOCK_SIZE); + #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) ret = XTRANSFORM(sha256); + #else + if(sha256->ctx.mode == ESP32_SHA_INIT){ + esp_sha_try_hw_lock(&sha256->ctx); + } + + if(sha256->ctx.mode == ESP32_SHA_SW){ + ret = XTRANSFORM(sha256); + } else { + esp_sha256_process(sha256); + } + #endif if (ret != 0) break; } @@ -755,8 +840,19 @@ static int InitSha256(wc_Sha256* sha256) } #endif } - - ret = XTRANSFORM(sha256); + #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + ret = XTRANSFORM(sha256); + #else + if(sha256->ctx.mode == ESP32_SHA_INIT){ + esp_sha_try_hw_lock(&sha256->ctx); + } + if(sha256->ctx.mode == ESP32_SHA_SW){ + ret = XTRANSFORM(sha256); + } else { + ret = esp_sha256_process(sha256); + } + #endif if (ret != 0) return ret; @@ -798,7 +894,20 @@ static int InitSha256(wc_Sha256* sha256) } #endif - return XTRANSFORM(sha256); + #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + return XTRANSFORM(sha256); + #else + if(sha256->ctx.mode == ESP32_SHA_INIT){ + esp_sha_try_hw_lock(&sha256->ctx); + } + if(sha256->ctx.mode == ESP32_SHA_SW){ + return XTRANSFORM(sha256); + } else { + ret = esp_sha256_digest_process(sha256, 1); + } + return ret; + #endif } int wc_Sha256FinalRaw(wc_Sha256* sha256, byte* hash) @@ -2836,9 +2945,23 @@ int wc_Sha256GetHash(wc_Sha256* sha256, byte* hash) if (sha256 == NULL || hash == NULL) return BAD_FUNC_ARG; +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + if(sha256->ctx.mode == ESP32_SHA_INIT){ + esp_sha_try_hw_lock(&sha256->ctx); + } + if(sha256->ctx.mode == ESP32_SHA_HW) + { + esp_sha256_digest_process(sha256, 0); + } +#endif ret = wc_Sha256Copy(sha256, &tmpSha256); if (ret == 0) { ret = wc_Sha256Final(&tmpSha256, hash); +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + sha256->ctx.mode = ESP32_SHA_SW; +#endif wc_Sha256Free(&tmpSha256); } return ret; @@ -2861,6 +2984,12 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst) #ifdef WOLFSSL_PIC32MZ_HASH ret = wc_Pic32HashCopy(&src->cache, &dst->cache); #endif +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + dst->ctx.mode = src->ctx.mode; + dst->ctx.isfirstblock = src->ctx.isfirstblock; + dst->ctx.sha_type = src->ctx.sha_type; +#endif return ret; } diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index 6bd4f7719..f0d5cb04a 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -186,6 +186,7 @@ #if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) /* functions defined in wolfcrypt/src/port/caam/caam_sha.c */ + #else #ifdef WOLFSSL_SHA512 @@ -208,6 +209,21 @@ static int InitSha512(wc_Sha512* sha512) sha512->loLen = 0; sha512->hiLen = 0; +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + + sha512->ctx.sha_type = SHA2_512; + /* always start firstblock = 1 when using hw engine */ + sha512->ctx.isfirstblock = 1; + if(sha512->ctx.mode == ESP32_SHA_HW) { + /* release hw */ + esp_sha_hw_Release(); + } + /* always set mode as INIT + * whether using HW or SW is detemined at first call of update() + */ + sha512->ctx.mode = ESP32_SHA_INIT; +#endif return 0; } @@ -570,11 +586,25 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags)) #endif { + #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) ByteReverseWords64(sha512->buffer, sha512->buffer, - WC_SHA512_BLOCK_SIZE); + WC_SHA512_BLOCK_SIZE); + #endif } #endif + #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) ret = Transform_Sha512(sha512); + #else + if(sha512->ctx.mode == ESP32_SHA_INIT) { + esp_sha_try_hw_lock(&sha512->ctx); + } + ret = esp_sha512_process(sha512); + if(ret == 0 && sha512->ctx.mode == ESP32_SHA_SW){ + ret = Transform_Sha512(sha512); + } + #endif if (ret == 0) { AddLength(sha512, WC_SHA512_BLOCK_SIZE); sha512->buffLen = 0; @@ -626,10 +656,23 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le data += WC_SHA512_BLOCK_SIZE; len -= WC_SHA512_BLOCK_SIZE; - + #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) ByteReverseWords64(sha512->buffer, sha512->buffer, - WC_SHA512_BLOCK_SIZE); + WC_SHA512_BLOCK_SIZE); + #endif + #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) ret = Transform_Sha512(sha512); + #else + if(sha512->ctx.mode == ESP32_SHA_INIT) { + esp_sha_try_hw_lock(&sha512->ctx); + } + ret = esp_sha512_process(sha512); + if(ret == 0 && sha512->ctx.mode == ESP32_SHA_SW){ + ret = Transform_Sha512(sha512); + } + #endif if (ret != 0) break; } @@ -689,11 +732,23 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512) if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags)) #endif { + + #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) ByteReverseWords64(sha512->buffer,sha512->buffer, - WC_SHA512_BLOCK_SIZE); + WC_SHA512_BLOCK_SIZE); + #endif } #endif /* LITTLE_ENDIAN_ORDER */ +#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) ret = Transform_Sha512(sha512); +#else + ret = esp_sha512_process(sha512); + if(ret == 0 && sha512->ctx.mode == ESP32_SHA_SW){ + ret = Transform_Sha512(sha512); + } +#endif if (ret != 0) return ret; @@ -711,19 +766,37 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512) #if defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2) if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags)) #endif + #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) ByteReverseWords64(sha512->buffer, sha512->buffer, WC_SHA512_PAD_SIZE); + #endif #endif /* ! length ordering dependent on digest endian type ! */ +#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen; sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen; +#endif + #if defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2) if (IS_INTEL_AVX1(intel_flags) || IS_INTEL_AVX2(intel_flags)) ByteReverseWords64(&(sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2]), &(sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2]), WC_SHA512_BLOCK_SIZE - WC_SHA512_PAD_SIZE); #endif +#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \ + defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) ret = Transform_Sha512(sha512); +#else + if(sha512->ctx.mode == ESP32_SHA_INIT) { + esp_sha_try_hw_lock(&sha512->ctx); + } + ret = esp_sha512_digest_process(sha512, 1); + if(ret == 0 && sha512->ctx.mode == ESP32_SHA_SW) { + ret = Transform_Sha512(sha512); + } +#endif if (ret != 0) return ret; @@ -783,7 +856,6 @@ int wc_Sha512Final(wc_Sha512* sha512, byte* hash) return InitSha512(sha512); /* reset state */ } - int wc_InitSha512(wc_Sha512* sha512) { return wc_InitSha512_ex(sha512, NULL, INVALID_DEVID); @@ -2616,6 +2688,7 @@ static int Transform_Sha512_AVX2_RORX_Len(wc_Sha512* sha512, word32 len) #if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) /* functions defined in wolfcrypt/src/port/caam/caam_sha.c */ + #else static int InitSha384(wc_Sha384* sha384) @@ -2637,6 +2710,22 @@ static int InitSha384(wc_Sha384* sha384) sha384->loLen = 0; sha384->hiLen = 0; +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + sha384->ctx.sha_type = SHA2_384; + /* always start firstblock = 1 when using hw engine */ + sha384->ctx.isfirstblock = 1; + if(sha384->ctx.mode == ESP32_SHA_HW) { + /* release hw */ + esp_sha_hw_Release(); + } + /* always set mode as INIT + * whether using HW or SW is detemined at first call of update() + */ + sha384->ctx.mode = ESP32_SHA_INIT; + +#endif + return 0; } @@ -2773,9 +2862,22 @@ int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash) if (sha512 == NULL || hash == NULL) return BAD_FUNC_ARG; +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + if(sha512->ctx.mode == ESP32_SHA_INIT) { + esp_sha_try_hw_lock(&sha512->ctx); + } + if(sha512->ctx.mode != ESP32_SHA_SW) + esp_sha512_digest_process(sha512, 0); +#endif + ret = wc_Sha512Copy(sha512, &tmpSha512); if (ret == 0) { ret = wc_Sha512Final(&tmpSha512, hash); +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + sha512->ctx.mode = ESP32_SHA_SW;; +#endif wc_Sha512Free(&tmpSha512); } return ret; @@ -2796,7 +2898,12 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst) #ifdef WOLFSSL_ASYNC_CRYPT ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev); #endif - +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + dst->ctx.mode = src->ctx.mode; + dst->ctx.isfirstblock = src->ctx.isfirstblock; + dst->ctx.sha_type = src->ctx.sha_type; +#endif return ret; } @@ -2811,10 +2918,22 @@ int wc_Sha384GetHash(wc_Sha384* sha384, byte* hash) if (sha384 == NULL || hash == NULL) return BAD_FUNC_ARG; - +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + if(sha384->ctx.mode == ESP32_SHA_INIT) { + esp_sha_try_hw_lock(&sha384->ctx); + } + if(sha384->ctx.mode != ESP32_SHA_SW) { + esp_sha512_digest_process(sha384, 0); + } +#endif ret = wc_Sha384Copy(sha384, &tmpSha384); if (ret == 0) { ret = wc_Sha384Final(&tmpSha384, hash); +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + sha384->ctx.mode = ESP32_SHA_SW; +#endif wc_Sha384Free(&tmpSha384); } return ret; @@ -2834,7 +2953,12 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst) #ifdef WOLFSSL_ASYNC_CRYPT ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev); #endif - +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + dst->ctx.mode = src->ctx.mode; + dst->ctx.isfirstblock = src->ctx.isfirstblock; + dst->ctx.sha_type = src->ctx.sha_type; +#endif return ret; } diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index 75ffaf01b..2009881d4 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -614,8 +614,13 @@ int wolfSSL_CryptHwMutexUnLock(void) { (void)m; return 0; } - - +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) + int wc_LockMutex_ex(wolfSSL_Mutex *m, TickType_t xBlockTime) + { + (void)m; + return 0; + } +#endif int wc_UnLockMutex(wolfSSL_Mutex *m) { (void)m; @@ -650,7 +655,12 @@ int wolfSSL_CryptHwMutexUnLock(void) { xSemaphoreTake( *m, portMAX_DELAY ); return 0; } - +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) + int wc_LockMutex_ex(wolfSSL_Mutex* m, TickType_t xBlockTime) + { + return ((xSemaphoreTake( *m, xBlockTime ) == pdTRUE) ? 0 : BAD_MUTEX_E); + } +#endif int wc_UnLockMutex(wolfSSL_Mutex* m) { xSemaphoreGive( *m ); diff --git a/wolfssl/wolfcrypt/include.am b/wolfssl/wolfcrypt/include.am index b1d9ff3c2..fde86f74b 100644 --- a/wolfssl/wolfcrypt/include.am +++ b/wolfssl/wolfcrypt/include.am @@ -76,7 +76,8 @@ noinst_HEADERS+= \ wolfssl/wolfcrypt/port/caam/wolfcaam.h \ wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h \ wolfssl/wolfcrypt/port/st/stm32.h \ - wolfssl/wolfcrypt/port/st/stsafe.h + wolfssl/wolfcrypt/port/st/stsafe.h \ + wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h if BUILD_AFALG nobase_include_HEADERS+= wolfssl/wolfcrypt/port/af_alg/afalg_hash.h diff --git a/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h b/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h new file mode 100644 index 000000000..bddc9d845 --- /dev/null +++ b/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h @@ -0,0 +1,123 @@ +/** + * esp32-crypt.h + * Copyright (C) 2006-2018 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +#ifndef __ESP32_CRYPT_H__ + +#define __ESP32_CRYPT_H__ + +#include "esp_types.h" +#include "esp_log.h" + +#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG +#undef LOG_LOCAL_LEVEL +#define LOG_LOCAL_LEVEL ESP_LOG_VERBOSE +#else +#undef LOG_LOCAL_LEVEL +#define LOG_LOCAL_LEVEL ESP_LOG_ERROR +#endif + +#ifndef NO_SHA +#include "rom/sha.h" +#endif +#include +#include "soc/dport_reg.h" +#include "soc/hwcrypto_reg.h" +#include "soc/cpu.h" +#include "driver/periph_ctrl.h" +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex); +int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBloxkTime); +int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex); + +#ifndef NO_AES + +#include "rom/aes.h" + +typedef enum tagES32_AES_PROCESS { + ESP32_AES_LOCKHW = 1, + ESP32_AES_UPDATEKEY_ENCRYPT = 2, + ESP32_AES_UPDATEKEY_DECRYPT = 3, + ESP32_AES_UNLOCKHW = 4 +} ESP32_AESPROCESS; + +struct Aes; +int wc_esp32AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in, word32 sz); +int wc_esp32AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz); +int wc_esp32AesEncrypt(struct Aes *aes, const byte* in, byte* out); +int wc_esp32AesDecrypt(struct Aes *aes, const byte* in, byte* out); + +#endif + +#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG + +void wc_esp32TimerStart(); +uint64_t wc_esp32elapsedTime(); + +#endif /* WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */ + +#if !defined(NO_SHA) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + +typedef enum { + ESP32_SHA_INIT = 0, + ESP32_SHA_HW = 1, + ESP32_SHA_SW = 2, +} ESP32_DOSHA; + +typedef struct { + byte isfirstblock; + /* 0 , 1 hard, 2 soft */ + byte mode; + /* sha_type */ + enum SHA_TYPE sha_type; +} WC_ESP32SHA; + +int esp_sha_try_hw_lock(WC_ESP32SHA* ctx); +void esp_sha_hw_Release( void ); + +struct wc_Sha; +int esp_sha_digest_process(struct wc_Sha* sha, byte bockprocess); +int esp_sha_process(struct wc_Sha* sha); +void esp_sha_digest_state(struct wc_Sha* sha); + +#ifndef NO_WOLFSSL_SHA256 + struct wc_Sha256; + int esp_sha256_digest_process(struct wc_Sha256* sha, byte bockprocess); + int esp_sha256_process(struct wc_Sha256* sha); +#endif + +#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) + struct wc_Sha512; + int esp_sha512_process(struct wc_Sha512* sha); + int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc); +#endif + +#endif /* NO_SHA && */ +#ifdef __cplusplus +} +#endif + +#endif /* __ESP32_CRYPT_H__ */ diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index ac53e902a..791c05912 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -233,6 +233,11 @@ #define TFM_TIMING_RESISTANT #define ECC_TIMING_RESISTANT #define WC_RSA_BLINDING +#if defined(WOLFSSL_ESPWROOM32) + #ifndef NO_ESP32WROOM32_CRYPT + #define WOLFSSL_ESP32WROOM32_CRYPT + #endif +#endif #if !defined(WOLFSSL_USER_SETTINGS) #define HAVE_ECC #endif /* !WOLFSSL_USER_SETTINGS */ diff --git a/wolfssl/wolfcrypt/sha.h b/wolfssl/wolfcrypt/sha.h index 7f92c5895..1985ecbbb 100644 --- a/wolfssl/wolfcrypt/sha.h +++ b/wolfssl/wolfcrypt/sha.h @@ -69,6 +69,9 @@ #ifdef WOLFSSL_ASYNC_CRYPT #include #endif +#ifdef WOLFSSL_ESP32WROOM32_CRYPT + #include +#endif #if !defined(NO_OLD_SHA_NAMES) #define SHA WC_SHA @@ -121,6 +124,10 @@ typedef struct wc_Sha { WC_ASYNC_DEV asyncDev; #endif /* WOLFSSL_ASYNC_CRYPT */ #endif +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + WC_ESP32SHA ctx; +#endif } wc_Sha; #endif /* WOLFSSL_TI_HASH */ diff --git a/wolfssl/wolfcrypt/sha256.h b/wolfssl/wolfcrypt/sha256.h index 71f06e1f0..5d9f8ed8c 100644 --- a/wolfssl/wolfcrypt/sha256.h +++ b/wolfssl/wolfcrypt/sha256.h @@ -83,6 +83,9 @@ #if defined(WOLFSSL_DEVCRYPTO) && defined(WOLFSSL_DEVCRYPTO_HASH) #include #endif +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) + #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h" +#endif #if defined(_MSC_VER) #define SHA256_NOINLINE __declspec(noinline) @@ -151,6 +154,10 @@ typedef struct wc_Sha256 { word32 used; word32 len; #endif +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + WC_ESP32SHA ctx; +#endif #endif } wc_Sha256; diff --git a/wolfssl/wolfcrypt/sha512.h b/wolfssl/wolfcrypt/sha512.h index af32e38b8..cbe18d37c 100644 --- a/wolfssl/wolfcrypt/sha512.h +++ b/wolfssl/wolfcrypt/sha512.h @@ -72,7 +72,9 @@ #ifdef WOLFSSL_ASYNC_CRYPT #include #endif - +#ifdef WOLFSSL_ESP32WROOM32_CRYPT + #include +#endif #if defined(_MSC_VER) #define SHA512_NOINLINE __declspec(noinline) #elif defined(__GNUC__) @@ -112,6 +114,10 @@ enum { #else /* wc_Sha512 digest */ typedef struct wc_Sha512 { +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + WC_ESP32SHA ctx; +#endif word64 digest[WC_SHA512_DIGEST_SIZE / sizeof(word64)]; word64 buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64)]; word32 buffLen; /* in bytes */ diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index d05d0862b..10e1408d0 100755 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -214,6 +214,9 @@ /* Mutex functions */ WOLFSSL_API int wc_InitMutex(wolfSSL_Mutex*); +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) +WOLFSSL_API int wc_LockMutex_ex(wolfSSL_Mutex* m, TickType_t xBlockTime); +#endif WOLFSSL_API wolfSSL_Mutex* wc_InitAndAllocMutex(void); WOLFSSL_API int wc_FreeMutex(wolfSSL_Mutex*); WOLFSSL_API int wc_LockMutex(wolfSSL_Mutex*);