mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5005 from dgarske/renesas_spell

This commit is contained in:
Chris Conlon 2022-03-31 17:44:04 -06:00 committed by GitHub
parent 7b21cd8cf0 1993851274
commit b45cd921b6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 939 additions and 927 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/ssl.c
View File

@ -44142,13 +44142,13 @@ void wolfSSL_CTX_SetGenSessionKeyCb(WOLFSSL_CTX* ctx, CallbackGenSessionKey cb)
if (ctx)
ctx->GenSessionKeyCb = cb;
}
/* Set sesssion key generation callback context */
/* Set session key generation callback context */
void wolfSSL_SetGenSessionKeyCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->GenSessionKeyCtx = ctx;
}
/* Get sesssion key generation callback context */
/* Get session key generation callback context */
void* wolfSSL_GetGenSessionKeyCtx(WOLFSSL* ssl)
{
if (ssl)

181
wolfcrypt/src/port/Renesas/README.md
View File

@ -1,43 +1,60 @@
# TSIP FIT Module port
Support for TSIP FIT driver for symmetric AES, SHA1/SHA256 hardware acceleration and TLS-linked capability including Root CA, the server certificate or intermediate certificate verification.
Support for TSIP FIT driver for symmetric AES, SHA1/SHA256 hardware acceleration
and TLS-linked capability including Root CA, the server certificate or
intermediate certificate verification.
## Overview
Renesas TSIP FIT module with wolfSSL by setting *WOLFSSL_RENESAS_TSIP* definition.
Including the following examples:
* simple tls_client/tls_server
* crypt test
* crypt benchmark
The *user_settings.h* file enables some of the hardened settings.
The *user_settings.h* file enables some of the hardened settings.
## Requirements
### 1. [Renesas TSIP FIT module](https://www.renesas.com/us/en/products/software-tools/software-os-middleware-driver/security-crypto/trusted-secure-ip-driver.html)
[FIT module](https://www.renesas.com/us/en/products/software-tools/software-os-middleware-driver/software-package/fit.html)
[FIT module](https://www.renesas.com/us/en/products/software-tools/software-os-middleware-driver/software-package/fit.html)
Note : The included example program is tested with <u>TSIP FIT version **1.06**</u>.
### 2. [e2studio](https://www.renesas.com/us/en/products/software-tools/tools/ide/e2studio.html)
### 2. [e2studio](https://www.renesas.com/us/en/products/software-tools/tools/ide/e2studio.html)
### 3. Evaluation Board that supports TSIP
Note : The included example program is tested with [GR-ROSE](http://gadget.renesas.com/en/product/rose.html), which is classified to RX65N.
## Setup and Build wolfSSL library
1. Uncomment out #define WOLFSSL_RENESAS_TSIP in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
Uncomment out #define WOLFSSL_RENESAS_RX65N in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
2. Open a project file at /path/to/wolfssl/IDE/Renesas/e2studio/Projects/wolfssl/ by e2studio and build to create wolfssl library
Note : Generating FIT module source files in advance are required to compile wolfSSL when enabling WOLFSSL_RENESAS_TSIP and WOLFSSL_RENESAS_RX65N. Please see for creating FIT module files at "Setup and Build and example program" in this readme below.
1. Uncomment out `#define WOLFSSL_RENESAS_TSIP` in `/path/to/wolfssl/wolfssl/wolfcrypt/settings.h`
2. Uncomment out `#define WOLFSSL_RENESAS_RX65N` in `/path/to/wolfssl/wolfssl/wolfcrypt/settings.h`
3. Open a project file at /path/to/wolfssl/IDE/Renesas/e2studio/Projects/wolfssl/ by e2studio and build to create wolfssl library
To disable portions of the hardware acceleration you can optionally define:
Note : Generating FIT module source files in advance are required to compile wolfSSL
when enabling `WOLFSSL_RENESAS_TSIP` and `WOLFSSL_RENESAS_RX65N`. Please see for
creating FIT module files at "Setup and Build and example program" in this readme below.
```
To disable portions of the hardware acceleration you can optionally define:
```c
/* Disabled SHA acceleration */
#define NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH
/* Disabled TLS-linked acceleration */
#define NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION
```
### Benchmarks
**Software only implementation:**
## Benchmarks
Platform:
Renesas : e2Studio v7.4.0
ToolChain : Renesas CCRX version 3.00.00
TSIP FIT : version 1.0.6
Board : [GR-ROSE](http://gadget.renesas.com/en/product/rose.html)
wolfSSL : 4.1.0
### Software only implementation:
*block cipher*
```
RNG 200 KB took 1.099 seconds, 182.000 KB/s
@ -50,35 +67,31 @@ SHA-256 425 KB took 1.038 seconds, 409.520 KB/s
TLS_RSA_WITH_AES_128_CBC_SHA : 0.651 (s)
TLS_RSA_WITH_AES_128_CBC_SHA256 : 0.651 (s)
TLS_RSA_WITH_AES_256_CBC_SHA : 0.642 (s)
TLS_RSA_WITH_AES_256_CBAC_SHA256 : 0.662 (s)
TLS_RSA_WITH_AES_256_CBC_SHA256 : 0.662 (s)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : 2.050 (s)
```
**Hardware acceleration:**
### Hardware acceleration:
*block cipher*
```
RNG 1 MB took 1.011 seconds, 1.038 MB/s
SHA 12 MB took 1.001 seconds, 11.515 MB/s
SHA-256 13 MB took 1.001 seconds, 12.900 MB/s
```
*TLS establishment time with TLS-linked capability*
*TLS establishment time with TLS-linked capability*
*Perform full TLS-linked capability*
```
TLS_RSA_WITH_AES_128_CBC_SHA : 0.141 (s)
TLS_RSA_WITH_AES_128_CBC_SHA256 : 0.141 (s)
TLS_RSA_WITH_AES_256_CBC_SHA : 0.141 (s)
TLS_RSA_WITH_AES_256_CBAC_SHA256 : 0.144 (s)
TLS_RSA_WITH_AES_256_CBC_SHA256 : 0.144 (s)
```
*Perform certificate verification by TSIP TLS-linked API*
```
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : 1.721 (s)
```
Condition:
Renesas : e2Studio v7.4.0
ToolChain : Renesas CCRX version 3.00.00
TSIP FIT : version 1.0.6
Board : [GR-ROSE](http://gadget.renesas.com/en/product/rose.html)
wolfSSL : 4.1.0
## Setup and Build an example program
An example program expects the following FIT modules:
@ -94,83 +107,89 @@ An example program expects the following FIT modules:
These needed source files can be generated by creating a dummy project including Renesas Smart Configurator as steps below:
1. Create a dummy project including Renesas Smart Configurator for your evaluation board type
2. Open Smart Configurator and add FIT modules above
It would need to expand *User Stack Size* property and *Heap Size* of r_bsp.
Change IP ADDRESS and PORT NUMBER in r_t4_rx_config.h
`#define T4_CFG_FIXED_IP_ADDRESS_CH0 192,168,1,33`
`#define T4_CFG_TCP_REPID1_PORT_NUMBER 11111`
Note: It would need to modify other configuration base on evaluation board.
When using GR-ROSE, you can choose "GR-ROSE" from "board" tab and "board" drop-down list and then is able to follow settings below:
Go to component tab and open r_ether_rx properties:
Ethernet interface : RMII
The register bus of PHY0 for ETHER0/1: Use ETHER0
Resource, ETHERC: Check ETHERC0_RMII
Go to component tab and open r_t4_rx properties:
Enable/Disable DHCP function : 0
IP address for ch0, when DHCP disable : 192,168,1,33
TCP REPID1 prot number : 11111
Go to pins tab and select ethernet controller
Check to use pins
3. Generate source code
Now, it is able to copy these FIT modules into an example project.
4. Make "smc_gen" folder under /path/to/wolfssl/IDE/Renesas/e2studio/Projects/test/src/
5. Copy the FIT modules into the folder that is created at step 4.
6. Open an example project file at /path/to/wolfssl/IDE/Renesas/e2studio/Projects/test/ by e2studio
7. Enable a macro definition in /path/to/wolfssl/IDE/Renesas/e2studio/Projects/test/src/wolfssl_demo.h for application type
`#define CRYPT_TEST // enable crypt test`
`#define BENCHMARK // enable benchmark application`
`#define TLS_CLIENT // enable simple tls client application`
`#define TLS_SERVER // enable simple tls server application`
`#define USE_TSIP_TLS // to inform user key and flash keying, when using TSIP`
Note: CRYPT_TEST and BENCHMARK can be enabled at the same time. TLS_CLIENT and TLS_SERVER cannot be enabled together other definitions.
7. Setup debug configuration based on your debug hardware
1. Create a dummy project including Renesas Smart Configurator for your evaluation board type
2. Open Smart Configurator and add FIT modules above
It would need to expand *User Stack Size* property and *Heap Size* of r_bsp.
Change IP ADDRESS and PORT NUMBER in r_t4_rx_config.h
`#define T4_CFG_FIXED_IP_ADDRESS_CH0 192,168,1,33`
`#define T4_CFG_TCP_REPID1_PORT_NUMBER 11111`
Note: It would need to modify other configuration base on evaluation board.
When using GR-ROSE, you can choose "GR-ROSE" from "board" tab and "board" drop-down list and then is able to follow settings below:
Go to component tab and open r_ether_rx properties:
Ethernet interface : RMII
The register bus of PHY0 for ETHER0/1: Use ETHER0
Resource, ETHERC: Check ETHERC0_RMII
Go to component tab and open r_t4_rx properties:
Enable/Disable DHCP function : 0
IP address for ch0, when DHCP disable : 192,168,1,33
TCP REPID1 prot number : 11111
Go to pins tab and select ethernet controller
Check to use pins
3. Generate source code
Now, it is able to copy these FIT modules into an example project.
4. Make "smc_gen" folder under /path/to/wolfssl/IDE/Renesas/e2studio/Projects/test/src/
5. Copy the FIT modules into the folder that is created at step 4.
6. Open an example project file at /path/to/wolfssl/IDE/Renesas/e2studio/Projects/test/ by e2studio
7. Enable a macro definition in /path/to/wolfssl/IDE/Renesas/e2studio/Projects/test/src/wolfssl_demo.h for application type
```c
#define CRYPT_TEST /* enable crypt test */
#define BENCHMARK /* enable benchmark application */
#define TLS_CLIENT /* enable simple tls client application */
#define TLS_SERVER /* enable simple tls server application */
#define USE_TSIP_TLS /* to inform user key and flash keying, when using TSIP */
```
Note: CRYPT_TEST and BENCHMARK can be enabled at the same time. TLS_CLIENT and TLS_SERVER cannot be enabled together other definitions.
7. Setup debug configuration based on your debug hardware
## Run client/server program on the device
When testing the embedded client or server on the device, it is recommended to test against one of the standard wolfSSL example application running on a desktop machine.
When testing the embedded client or server on the device, it is recommended to test against one
of the standard wolfSSL example application running on a desktop machine.
For the embedded client, an example server commands for running on a desktop machine, IP address 192.168.1.45, is as follows:
`$./example/server/server -b -d -i`
For the embedded client, an example server commands for running on a desktop machine, IP address 192.168.1.45, is as follows:
`./example/server/server -b -d -i`
For the embedded server, an example client commands for running on a desktop machine is as follows:
`$./example/client/client -h 192.168.1.33 -p 11111`
For the embedded server, an example client commands for running on a desktop machine is as follows:
`./example/client/client -h 192.168.1.33 -p 11111`
## Modify an example program
To use own TSIP keys for TSIP TLS-linked API use, it needs own flash keyring, PSS signed signature and RSA key.
### Create flash keyring and use it in an example program
1. Please follow the instruction at TSIP manual, chapter 7. Key Data Operations.
2. Copy and paste s_flash[] data to s_flash[] data in example-program/key_data.c
1. Please follow the instruction at TSIP manual, chapter 7. Key Data Operations.
2. Copy and paste s_flash[] data to s_flash[] data in example-program/key_data.c
`const uint32_t s_flash[] =`
### Create RSA key pair for signing Root CA verification and use them in an example program
To use TSIP TLS-linked APIs, it needs RSA key pair and Root CA certificate bundle signature by RSA 2048 PSS with SHA256.
Shell and Perl script program in /path/to/wolfssl/IDE/Renesas/e2studio/Projects/tools/ can be used for the purpose.
* generate_rsa_keypair.sh : generate RSA 2048 bit key pair. Show modulus and public exponent when specifying "-s" option
* rsa_pss_sign.sh : sign the file by the specified private key
* genhexbuf.pl : generate C header file including a byte array generated from the specified file in the script
Modulus and public exponent showed by `generate_rsa_keypair.sh` can be used for input date to Renesas Secure Flash Programmer to generate encrypted RSA keys for TSIP TLS-linked API use. Please follow the instruction about how to generate RSA keys in the TSIP manual.
To use TSIP TLS-linked APIs, it needs RSA key pair and Root CA certificate bundle signature by RSA 2048 PSS with SHA256.
Shell and Perl script program in /path/to/wolfssl/IDE/Renesas/e2studio/Projects/tools/ can be used for the purpose.
* `generate_rsa_keypair.sh`: generate RSA 2048 bit key pair. Show modulus and public exponent when specifying "-s" option
* `rsa_pss_sign.sh`: sign the file by the specified private key
* `genhexbuf.pl`: generate C header file including a byte array generated from the specified file in the script
Generated byte array of signed signature by genhexbuf.pl can be replaced signature data in key_data.c of an example program.
Modulus and public exponent showed by `generate_rsa_keypair.sh` can be used for input date to
Renesas Secure Flash Programmer to generate encrypted RSA keys for TSIP TLS-linked API use.
Please follow the instruction about how to generate RSA keys in the TSIP manual.
Generated byte array of signed signature by `genhexbuf.pl` can be replaced signature data in key_data.c of an example program.
Encrypted RSA key and generated byte array of signed signature need to be informed wolfSSL library before loading CA certification. Please see SetTsipTlskey() function an example program about how to inform them.
Encrypted RSA key and generated byte array of signed signature need to be informed wolfSSL library before loading CA certification.
Please see `SetTsipTlskey()` function an example program about how to inform them.
### Coding
In your application you must include <wolfssl/wolfcrypt/settings.h> before any other wolfSSL headers. If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` and adding your own `user_settings.h` file. You can find a good reference for this in `/path/to/Renesas/e2studio/Projects/common/user_settings.h`.
In your application you must include <wolfssl/wolfcrypt/settings.h> before any other wolfSSL headers.
If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` and adding your own `user_settings.h` file.
You can find a good reference for this in `/path/to/Renesas/e2studio/Projects/common/user_settings.h`.
## Support
For question please email [support@wolfssl.com]
For question please email [support@wolfssl.com]

473
wolfcrypt/src/port/Renesas/renesas_common.c
View File

File diff suppressed because it is too large Load Diff

166
wolfcrypt/src/port/Renesas/renesas_sce_aes.c
View File

@ -52,7 +52,7 @@ typedef fsp_err_t (*aesGcmEncUpdateFn)
(sce_gcm_handle_t*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
typedef fsp_err_t (*aesGcmEncFinalFn)
(sce_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*);
typedef fsp_err_t (*aesGcmDecInitFn)
(sce_gcm_handle_t*, sce_aes_wrapped_key_t*, uint8_t*, uint32_t);
typedef fsp_err_t (*aesGcmDecUpdateFn)
@ -84,33 +84,33 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
sce_gcm_handle_t _handle;
uint32_t dataLen = sz;
User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
aesGcmEncInitFn initFn;
aesGcmEncUpdateFn updateFn;
aesGcmEncFinalFn finalFn;
uint8_t* plainBuf = NULL;
uint8_t* cipherBuf = NULL;
uint8_t* aTagBuf = NULL;
uint8_t delta;
const uint8_t* iv_l = NULL;
uint32_t ivSz_l = 0;
sce_hmac_sha_wrapped_key_t key_client_mac;
sce_hmac_sha_wrapped_key_t key_server_mac;
sce_aes_wrapped_key_t key_client_aes;
sce_aes_wrapped_key_t key_server_aes;
/* sanity check */
if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
return BAD_FUNC_ARG;
}
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
return BAD_FUNC_ARG;
}
if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
return BAD_FUNC_ARG;
@ -126,35 +126,35 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
updateFn = R_SCE_AES256GCM_EncryptUpdate;
finalFn = R_SCE_AES256GCM_EncryptFinal;
}
/* check if AES GCM can be used by SCE */
if ((ret = wc_sce_hw_lock()) == 0) {
/* allocate buffers for plaintaxt, ciphertext and authTag to make sure
* those buffers 32bit aligned as SCE requests.
/* allocate buffers for plaintext, ciphertext and authTag to make sure
* those buffers 32bit aligned as SCE requests.
*/
delta = sz % AES_BLOCK_SIZE;
plainBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
cipherBuf = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES);
aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
DYNAMIC_TYPE_AES);
if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) {
WOLFSSL_MSG("wc_sce_AesGcmEncrypt: buffer allocation faild");
WOLFSSL_MSG("wc_sce_AesGcmEncrypt: buffer allocation failed");
ret = -1;
}
if (ret == 0) {
XMEMCPY(plainBuf, in, sz);
XMEMSET((void*)cipherBuf, 0, sz + delta);
XMEMSET((void*)authTag, 0, authTagSz);
}
if (ret == 0 &&
if (ret == 0 &&
info->session_key_set == 1) {
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
*/
ret = R_SCE_TLS_SessionKeyGenerate(
info->sce_cipher,
@ -171,32 +171,34 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
ret = -1;
}
}
else if (info->aes256_installedkey_set == 1 || info->aes128_installedkey_set == 1) {
if(aes->ctx.keySize == 32) {
if (aes->ctx.keySize == 32) {
XMEMCPY(&key_client_aes, &info->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t));
} else {
}
else {
XMEMCPY(&key_client_aes, &info->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t));
}
iv_l = iv;
ivSz_l = ivSz;
} else {
}
else {
WOLFSSL_MSG("AES key for SCE is not set.");
ret = -1;
}
if (ret == 0) {
/* since generated session key is coupled to iv, no need to pass
/* since generated session key is coupled to iv, no need to pass
* them init func.
*/
ret = initFn(&_handle, &key_client_aes, (uint8_t*)iv_l, ivSz_l);
if (ret == FSP_SUCCESS) {
ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
authInSz);
}
if (ret == FSP_SUCCESS) {
@ -206,7 +208,7 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
WOLFSSL_MSG("R_SCE_AesXXXGcmEncryptUpdate: failed");
ret = -1;
}
if (ret == FSP_SUCCESS) {
/* Once R_SCE_AesxxxGcmEncryptInit or R_SCE_AesxxxEncryptUpdate is
* called, R_SCE_AesxxxGcmEncryptFinal must be called regardless of
@ -214,7 +216,7 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
* from its error state and all the trailing APIs will fail.
*/
dataLen = 0;
ret = finalFn(&_handle,
ret = finalFn(&_handle,
cipherBuf + (sz / AES_BLOCK_SIZE) * AES_BLOCK_SIZE,
&dataLen,
aTagBuf);
@ -224,7 +226,7 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
XMEMCPY(out, cipherBuf, dataLen);
/* copy auth tag to caller's buffer */
XMEMCPY((void*)authTag, (void*)aTagBuf,
XMEMCPY((void*)authTag, (void*)aTagBuf,
min(authTagSz, SCE_AES_GCM_AUTH_TAG_SIZE ));
}
@ -238,11 +240,11 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
XFREE(plainBuf, aes->heap, DYNAMIC_TYPE_AES);
XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES);
wc_sce_hw_unlock();
}
}
return ret;
}
/* Perform Aes Gcm decryption by SCE
@ -253,7 +255,7 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
* sz Length of cipher text/plaintext in bytes
* iv Buffer holding IV/nonce
* ivSz Length of IV/nonce in bytes
* authTag Buffer to hold authntication data
* authTag Buffer to hold authentication data
* authTagSz Length of authentication data in bytes
* ctx The Callback context
* return FSP_SUCCESS(0) on Success, otherwise negative value
@ -269,33 +271,33 @@ WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
sce_gcm_handle_t _handle;
uint32_t dataLen = sz;
User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
aesGcmDecInitFn initFn;
aesGcmDecUpdateFn updateFn;
aesGcmDecFinalFn finalFn;
uint8_t* cipherBuf = NULL;
uint8_t* plainBuf = NULL;
uint8_t* aTagBuf = NULL;
uint8_t delta;
const uint8_t* iv_l = NULL;
uint32_t ivSz_l = 0;
sce_hmac_sha_wrapped_key_t key_client_mac;
sce_hmac_sha_wrapped_key_t key_server_mac;
sce_aes_wrapped_key_t key_client_aes;
sce_aes_wrapped_key_t key_server_aes;
/* sanity check */
if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
return BAD_FUNC_ARG;
}
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
return BAD_FUNC_ARG;
}
if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
return BAD_FUNC_ARG;
@ -311,16 +313,16 @@ WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
updateFn = R_SCE_AES256GCM_DecryptUpdate;
finalFn = R_SCE_AES256GCM_DecryptFinal;
}
if ((ret = wc_sce_hw_lock()) == 0) {
/* allocate buffers for plain-taxt, cipher-text, authTag and AAD.
* TSIP requests those buffers 32bit aligned.
/* allocate buffers for plain-text, cipher-text, authTag and AAD.
* TSIP requests those buffers 32bit aligned.
*/
delta = sz % AES_BLOCK_SIZE;
cipherBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
plainBuf = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES);
aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
DYNAMIC_TYPE_AES);
if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) {
@ -333,10 +335,10 @@ WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
XMEMCPY(aTagBuf, authTag, authTagSz);
}
if (ret == 0 &&
if (ret == 0 &&
info->session_key_set == 1) {
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
*/
ret = R_SCE_TLS_SessionKeyGenerate(
info->sce_cipher,
@ -355,30 +357,32 @@ WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
}
}
else if (info->aes256_installedkey_set == 1 || info->aes128_installedkey_set == 1) {
if(aes->ctx.keySize == 32) {
if (aes->ctx.keySize == 32) {
XMEMCPY(&key_server_aes, &info->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t));
} else {
}
else {
XMEMCPY(&key_server_aes, &info->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t));
}
iv_l = iv;
ivSz_l = ivSz;
} else {
}
else {
WOLFSSL_MSG("AES key for SCE is not set.");
ret = -1;
}
if (ret == 0) {
/* since key_index has iv and ivSz in it, no need to pass them init
/* since key_index has iv and ivSz in it, no need to pass them init
* func. Pass NULL and 0 as 3rd and 4th parameter respectively.
*/
ret = initFn(&_handle, &key_server_aes, (uint8_t*)iv_l, ivSz_l);
if (ret == FSP_SUCCESS) {
/* pass only AAD and it's size before passing cipher text */
ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
authInSz);
}
if (ret == FSP_SUCCESS) {
@ -388,7 +392,7 @@ WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
WOLFSSL_MSG("R_SCE_AesXXXGcmDecryptUpdate: failed in decrypt");
ret = -1;
}
if (ret == FSP_SUCCESS) {
dataLen = 0;
ret = finalFn(&_handle,
@ -414,7 +418,7 @@ WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
wc_sce_hw_unlock();
}
return ret;
}
/* Perform Aes Cbc encryption by SCE
@ -433,19 +437,19 @@ WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out,
word32 blocks = (sz / AES_BLOCK_SIZE);
uint32_t dataLength;
byte *iv;
if ((in == NULL) || (out == NULL) || (aes == NULL))
return BAD_FUNC_ARG;
/* while doing TLS handshake, SCE driver keeps true-key and iv *
* on the device. iv is dummy */
iv = (uint8_t*)aes->reg;
if((ret = wc_sce_hw_lock()) != 0){
if ((ret = wc_sce_hw_lock()) != 0) {
WOLFSSL_MSG("Failed to lock");
return ret;
}
if (aes->ctx.keySize == 16) {
ret = R_SCE_AES128CBC_EncryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
}
@ -457,20 +461,20 @@ WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out,
wc_sce_hw_unlock();
return -1;
}
while (ret == FSP_SUCCESS && blocks--) {
if (aes->ctx.keySize == 16)
ret = R_SCE_AES128CBC_EncryptUpdate(&_handle, (uint8_t*)in,
ret = R_SCE_AES128CBC_EncryptUpdate(&_handle, (uint8_t*)in,
(uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
else
ret = R_SCE_AES256CBC_EncryptUpdate(&_handle, (uint8_t*)in,
ret = R_SCE_AES256CBC_EncryptUpdate(&_handle, (uint8_t*)in,
(uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
in += AES_BLOCK_SIZE;
out += AES_BLOCK_SIZE;
}
if (ret == FSP_SUCCESS) {
if (aes->ctx.keySize == 16) {
ret = R_SCE_AES128CBC_EncryptFinal(&_handle, out, &dataLength);
@ -483,7 +487,7 @@ WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out,
WOLFSSL_MSG("SCE AES CBC encryption failed");
ret = -1;
}
wc_sce_hw_unlock();
return ret;
}
@ -502,17 +506,17 @@ WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* i
word32 blocks = (sz / AES_BLOCK_SIZE);
uint32_t dataLength;
byte *iv;
if ((in == NULL) || (out == NULL) || (aes == NULL))
return BAD_FUNC_ARG;
iv = (uint8_t*)aes->reg;
if((ret = wc_sce_hw_lock()) != 0){
if ((ret = wc_sce_hw_lock()) != 0) {
WOLFSSL_MSG("Failed to lock");
return ret;
}
if (aes->ctx.keySize == 16) {
ret = R_SCE_AES128CBC_DecryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
}
@ -523,20 +527,20 @@ WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* i
wc_sce_hw_unlock();
return -1;
}
while (ret == FSP_SUCCESS && blocks--) {
if (aes->ctx.keySize == 16)
ret = R_SCE_AES128CBC_DecryptUpdate(&_handle, (uint8_t*)in,
ret = R_SCE_AES128CBC_DecryptUpdate(&_handle, (uint8_t*)in,
(uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
else
ret = R_SCE_AES256CBC_DecryptUpdate(&_handle, (uint8_t*)in,
ret = R_SCE_AES256CBC_DecryptUpdate(&_handle, (uint8_t*)in,
(uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
in += AES_BLOCK_SIZE;
out += AES_BLOCK_SIZE;
}
if (ret == FSP_SUCCESS) {
if (aes->ctx.keySize == 16)
ret = R_SCE_AES128CBC_DecryptFinal(&_handle, out, &dataLength);
@ -547,7 +551,7 @@ WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* i
WOLFSSL_MSG("SCE AES CBC decryption failed");
ret = -1;
}
wc_sce_hw_unlock();
return ret;
}

50
wolfcrypt/src/port/Renesas/renesas_sce_sha.c
View File

@ -44,7 +44,7 @@ static void SCEHashFree(wolfssl_SCE_Hash* hash)
{
if (hash == NULL)
return;
if (hash->msg != NULL) {
XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
hash->msg = NULL;
@ -63,16 +63,16 @@ static int SCEHashInit(wolfssl_SCE_Hash* hash, void* heap, int devId,
if (hash == NULL) {
return BAD_FUNC_ARG;
}
(void)devId;
XMEMSET(hash, 0, sizeof(wolfssl_SCE_Hash));
hash->heap = heap;
hash->len = 0;
hash->used = 0;
hash->msg = NULL;
hash->sha_type = sha_type;
return 0;
}
@ -88,7 +88,7 @@ static int SCEHashUpdate(wolfssl_SCE_Hash* hash, const byte* data, word32 sz)
if (hash == NULL || (sz > 0 && data == NULL)) {
return BAD_FUNC_ARG;
}
if (hash->len < hash->used + sz) {
if (hash->msg == NULL) {
hash->msg = (byte*)XMALLOC(hash->used + sz, hash->heap,
@ -121,7 +121,7 @@ static int SCEHashUpdate(wolfssl_SCE_Hash* hash, const byte* data, word32 sz)
}
XMEMCPY(hash->msg + hash->used, data , sz);
hash->used += sz;
return 0;
}
@ -130,7 +130,7 @@ static int SCEHashUpdate(wolfssl_SCE_Hash* hash, const byte* data, word32 sz)
* hash The SCE Hash object.
* out Buffer to hold hashed text
* outSz Length of out
* return FSP_SUCCESS(0) on success,
* return FSP_SUCCESS(0) on success,
* otherwise BAD_FUNC_ARG or FSP Error code on failure
*/
static int SCEHashFinal(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
@ -143,23 +143,23 @@ static int SCEHashFinal(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
fsp_err_t (*Init)(sce_sha_md5_handle_t*);
fsp_err_t (*Update)(sce_sha_md5_handle_t*, uint8_t*, uint32_t);
fsp_err_t (*Final )(sce_sha_md5_handle_t*, uint8_t*, uint32_t*);
if (hash == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
if (hash->sha_type == SCE_SHA256) {
Init = R_SCE_SHA256_Init;
Update = R_SCE_SHA256_Update;
Final = R_SCE_SHA256_Final;
}
else
else
return BAD_FUNC_ARG;
heap = hash->heap;
wc_sce_hw_lock();
if (Init(&handle) == FSP_SUCCESS) {
ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
if (ret == FSP_SUCCESS) {
@ -170,7 +170,7 @@ static int SCEHashFinal(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
}
}
wc_sce_hw_unlock();
SCEHashFree(hash);
return SCEHashInit(hash, heap, 0, hash->sha_type);
}
@ -180,25 +180,25 @@ static int SCEHashGet(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
int ret;
sce_sha_md5_handle_t handle;
uint32_t sz;
fsp_err_t (*Init)(sce_sha_md5_handle_t*);
fsp_err_t (*Update)(sce_sha_md5_handle_t*, uint8_t*, uint32_t);
fsp_err_t (*Final )(sce_sha_md5_handle_t*, uint8_t*, uint32_t*);
if (hash == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
if (hash->sha_type == SCE_SHA256) {
Init = R_SCE_SHA256_Init;
Update = R_SCE_SHA256_Update;
Final = R_SCE_SHA256_Final;
}
else
else
return BAD_FUNC_ARG;
wc_sce_hw_lock();
if (Init(&handle) == FSP_SUCCESS) {
ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
if (ret == FSP_SUCCESS) {
@ -208,9 +208,9 @@ static int SCEHashGet(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
}
}
}
wc_sce_hw_unlock();
return 0;
}
/* copy hash result from src to dst */
@ -219,9 +219,9 @@ static int SCEHashCopy(wolfssl_SCE_Hash* src, wolfssl_SCE_Hash* dst)
if (src == NULL || dst == NULL) {
return BAD_FUNC_ARG;
}
XMEMCPY(dst, src, sizeof(wolfssl_SCE_Hash));
if (src->len > 0 && src->msg != NULL) {
dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (dst->msg == NULL) {
@ -229,7 +229,7 @@ static int SCEHashCopy(wolfssl_SCE_Hash* src, wolfssl_SCE_Hash* dst)
}
XMEMCPY(dst->msg, src->msg, src->len);
}
return 0;
}

338
wolfcrypt/src/port/Renesas/renesas_sce_util.c
View File

@ -59,12 +59,12 @@ static int sce_CryptHwMutexInit_ = 0;
static uint32_t sce_sess_idx = 0;
/* Mutex Init */
static int sce_CryptHwMutexInit(wolfSSL_Mutex* mutex)
static int sce_CryptHwMutexInit(wolfSSL_Mutex* mutex)
{
return wc_InitMutex(mutex);
}
/* Mutex Lock */
static int sce_CryptHwMutexLock(wolfSSL_Mutex* mutex)
static int sce_CryptHwMutexLock(wolfSSL_Mutex* mutex)
{
return wc_LockMutex(mutex);
}
@ -82,11 +82,11 @@ WOLFSSL_LOCAL int wc_sce_hw_lock()
{
int ret = 0;
if(sce_CryptHwMutexInit_ == 0){
if (sce_CryptHwMutexInit_ == 0) {
ret = sce_CryptHwMutexInit(&sce_mutex);
if(ret == 0) {
if (ret == 0) {
sce_CryptHwMutexInit_ = 1;
}
else {
@ -94,18 +94,18 @@ WOLFSSL_LOCAL int wc_sce_hw_lock()
return -1;
}
}
if(sce_CryptHwMutexLock(&sce_mutex) != 0) {
if (sce_CryptHwMutexLock(&sce_mutex) != 0) {
/* this should not happens */
return -1;
}
return ret;
}
/*
* release hw engine
*/
WOLFSSL_LOCAL void wc_sce_hw_unlock( void )
WOLFSSL_LOCAL void wc_sce_hw_unlock(void)
{
sce_CryptHwMutexUnLock(&sce_mutex);
}
@ -116,23 +116,23 @@ WOLFSSL_LOCAL int wc_sce_Open()
WOLFSSL_ENTER("wc_sce_Open");
int ret;
if ((ret = wc_sce_hw_lock()) == 0) {
ret = R_SCE_Open(&sce_ctrl, &sce_cfg);
if ( ret != FSP_SUCCESS ) {
if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("RENESAS SCE Open failed");
}
if ( ret == FSP_SUCCESS && g_user_key_info.encrypted_user_tls_key ) {
if (ret == FSP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
ret = R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall(
g_user_key_info.encrypted_provisioning_key,
g_user_key_info.iv,
g_user_key_info.encrypted_user_tls_key,
&g_user_key_info.user_rsa2048_tls_wrappedkey); /* OUT */
/* init vars */
g_CAscm_Idx = (uint32_t)-1;
}
else {
WOLFSSL_MSG("Failed to lock sce hw ");
@ -142,7 +142,7 @@ WOLFSSL_LOCAL int wc_sce_Open()
/* unlock hw */
wc_sce_hw_unlock();
WOLFSSL_LEAVE("wc_sce_Open", ret);
return ret;
}
@ -152,14 +152,14 @@ WOLFSSL_LOCAL void wc_sce_Close()
{
WOLFSSL_ENTER("sce Close");
int ret;
if ((ret = wc_sce_hw_lock()) == 0) {
/* close SCE */
ret = R_SCE_Close(&sce_ctrl);
/* unlock hw */
wc_sce_hw_unlock();
if( ret != FSP_SUCCESS ) {
if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("RENESAS SCE Close failed");
}
}
@ -170,27 +170,27 @@ WOLFSSL_LOCAL void wc_sce_Close()
#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
/* Verify Server Key Exchange while doing ECDH key exchange */
static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig,
static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig,
uint32_t sigSz, void* ctx)
{
int ret = WOLFSSL_FAILURE;
User_SCEPKCbInfo* cbInfo;
byte qx[MAX_ECC_BYTES], qy[MAX_ECC_BYTES];
byte *peerkey = NULL;
word32 qxLen = sizeof(qx), qyLen = sizeof(qy);
(void) sigSz;
/* sanity check */
if (ssl == NULL || sig == NULL || ctx == NULL)
return ret;
cbInfo = (User_SCEPKCbInfo*)ctx;
/* export public peer public key */
ret = wc_ecc_export_public_raw(ssl->peerEccKey, qx, &qxLen, qy, &qyLen);
WOLFSSL_PKMSG("qxLen %d qyLen %d\n", qxLen, qyLen);
if (ret != 0){
if (ret != 0) {
WOLFSSL_MSG("failed to export peer ecc key");
return ret;
}
@ -201,12 +201,12 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
WOLFSSL_MSG("failed to malloc ecc key");
return WOLFSSL_FAILURE;
}
XMEMSET(peerkey, 0, (3 + 1 + qxLen + qyLen));
peerkey[3] = ECC_POINT_UNCOMP;
XMEMCPY(&peerkey[4], qx, qxLen);
XMEMCPY(&peerkey[4+qxLen], qy, qyLen);
/* 0 : RSA 2048bit, 1 : Reserved, 2 : ECDSA P-256 */
ret = R_SCE_TLS_ServerKeyExchangeVerify(
type,
@ -216,7 +216,7 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
(uint8_t*) sig,
(uint32_t*)ssl->peerSceTsipEncRsaKeyIndex,
(uint32_t*)cbInfo->encrypted_ephemeral_ecdh_public_key);
if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
cbInfo->pk_key_set = 0;
@ -225,7 +225,7 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
ret = WOLFSSL_SUCCESS;
cbInfo->pk_key_set = 1;
}
XFREE(peerkey, 0, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
@ -237,24 +237,24 @@ WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
(void) out;
(void) key;
(void) keySz;
WOLFSSL_PKMSG("SCE RSA Verify: sigSz %d, keySz %d\n", sigSz, keySz);
if (wc_sce_usable(ssl, 0))
ret = SCE_ServerKeyExVerify(0, ssl, sig, sigSz, ctx);
else
ret = CRYPTOCB_UNAVAILABLE;
if (ret == WOLFSSL_SUCCESS)
ret = 0; /* 0 for success */
WOLFSSL_PKMSG("SCE RSA Verify: ret %d\n", ret);
return ret;
}
/* Callback for Ecc Verify */
WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
uint32_t sigSz, const uint8_t* hash, uint32_t hashSz,
WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
uint32_t sigSz, const uint8_t* hash, uint32_t hashSz,
const uint8_t* key, uint32_t keySz, int* result, void* ctx)
{
int ret = WOLFSSL_FAILURE;
@ -267,30 +267,30 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
(void) hashSz;
(void) key;
(void) keySz;
sigforSCE = NULL;
pSig = NULL;
WOLFSSL_PKMSG("SCE ECC Verify: ssl->options.serverState = %d sigSz %d, hashSz %d, keySz %d\n",
WOLFSSL_PKMSG("SCE ECC Verify: ssl->options.serverState = %d sigSz %d, hashSz %d, keySz %d\n",
ssl->options.serverState, sigSz, hashSz, keySz);
if (!wc_sce_usable(ssl, 0)) {
WOLFSSL_PKMSG("Cannot handle cipher suite by SCE");
return CRYPTOCB_UNAVAILABLE;
}
if ((sigforSCE = (uint8_t*)XMALLOC(HW_SCE_ECDSA_DATA_BYTE_SIZE, NULL,
DYNAMIC_TYPE_TEMP)) == NULL){
if ((sigforSCE = (uint8_t*)XMALLOC(HW_SCE_ECDSA_DATA_BYTE_SIZE, NULL,
DYNAMIC_TYPE_TEMP)) == NULL) {
WOLFSSL_MSG("failed to malloc memory");
return MEMORY_E;
}
/* initialization */
XMEMCPY(sigforSCE, 0, HW_SCE_ECDSA_DATA_BYTE_SIZE);
/* r */
if (sig[offset] == 0x20) {
XMEMCPY(sigforSCE, &sig[offset+1], rs_size);
offset = 0x25;
/* s */
if (sig[offset] == 0x20) {
@ -302,7 +302,7 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
}
else {
XMEMCPY(sigforSCE, &sig[offset+2], rs_size);
offset = 0x26;
/* s */
if (sig[offset] == rs_size) {
@ -312,18 +312,18 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
XMEMCPY(&sigforSCE[rs_size], &sig[offset+2], rs_size);
}
}
pSig = sigforSCE;
ret = SCE_ServerKeyExVerify(2, ssl, pSig, 64, ctx);
if (ret == WOLFSSL_SUCCESS) {
*result = 1;
ret = 0; /* for success */
}
else
*result = 0;
WOLFSSL_PKMSG("SCE ECC Verify: ret %d, result %d\n", ret, *result);
return ret;
@ -338,18 +338,18 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
(void) side;
User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
(void)ssl;
(void)cbInfo;
/* sanity check */
if (ssl == NULL || pubKeyDer == NULL || pubKeySz == NULL ||
out == NULL || outlen == NULL || ctx == NULL)
return WOLFSSL_FAILURE;
WOLFSSL_PKMSG("PK ECC PMS: Side %s, Peer Curve %d\n",
side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id);
if (cbInfo->pk_key_set == 1) {
/* Generate ECC PUblic key pair */
ret = R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate(
@ -379,16 +379,16 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
/* set master secret generation callback for use */
wolfSSL_CTX_SetGenMasterSecretCb(ssl->ctx, Renesas_cmn_genMasterSecret);
wolfSSL_SetGenMasterSecretCtx(ssl, cbInfo);
}
*outlen = 64;
WOLFSSL_PKMSG("PK ECC PMS: ret %d, PubKeySz %d, OutLen %d\n", ret, *pubKeySz, *outlen);
}
return ret;
}
#endif
/* Return tls cipher suite enumuration that is supported by SCE library */
/* Return tls cipher suite enumeration that is supported by SCE library */
static uint32_t GetSceCipherSuite(
uint8_t cipherSuiteFirst,
uint8_t cipherSuite)
@ -396,9 +396,9 @@ static uint32_t GetSceCipherSuite(
WOLFSSL_ENTER("GetSceCipherSuite");
uint32_t sceCipher;
if(cipherSuiteFirst == CIPHER_BYTE )
if (cipherSuiteFirst == CIPHER_BYTE)
{
switch(cipherSuite){
switch(cipherSuite) {
case TLS_RSA_WITH_AES_128_CBC_SHA256:
sceCipher = SCE_TLS_RSA_WITH_AES_128_CBC_SHA256;
break;
@ -411,14 +411,14 @@ static uint32_t GetSceCipherSuite(
sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
break;
}
WOLFSSL_MSG( "<< GetSceCipherSuite");
WOLFSSL_MSG("<< GetSceCipherSuite");
return sceCipher;
}
else if( cipherSuiteFirst == ECC_BYTE )
else if (cipherSuiteFirst == ECC_BYTE)
{
sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
/* comment out until implementation completes */
switch(cipherSuite){
switch(cipherSuite) {
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
sceCipher = SCE_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
@ -445,7 +445,7 @@ static uint32_t GetSceCipherSuite(
sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
}
WOLFSSL_MSG( "<< GetSceCipherSuite" );
WOLFSSL_MSG("<< GetSceCipherSuite");
return sceCipher;
}
@ -454,28 +454,28 @@ static uint32_t GetSceCipherSuite(
/* ssl : a pointer to WOLFSSL object */
/* session_key_generated : if session key has been generated */
/* return 1 for usable, 0 for unusable */
WOLFSSL_LOCAL int wc_sce_usable(const struct WOLFSSL *ssl,
WOLFSSL_LOCAL int wc_sce_usable(const struct WOLFSSL *ssl,
uint8_t session_key_generated)
{
WOLFSSL_ENTER("sce_usable");
WOLFSSL_ENTER("sce_usable");
byte Scecipher;
byte side;
const Ciphers *enc;
const Ciphers *dec;
/* sanity check */
if (ssl == NULL)
return BAD_FUNC_ARG;
/* when rsa key index == NULL, SCE isn't used for cert verification. */
/* in the case, we cannot use TSIP. */
if (!ssl->peerSceTsipEncRsaKeyIndex)
return 0;
/* when enabled Extended Master Secret, we cannot use SCE. */
if (ssl->options.haveEMS)
return 0;
/* when session_key_generated is set as 1, expects to be created */
/* session key already. */
if (session_key_generated) {
@ -497,7 +497,7 @@ WOLFSSL_LOCAL int wc_sce_usable(const struct WOLFSSL *ssl,
Scecipher = GetSceCipherSuite(ssl->options.cipherSuite0,
ssl->options.cipherSuite);
side = ssl->options.side;
if (Scecipher != WOLFSSL_SCE_ILLEGAL_CIPHERSUITE && side == WOLFSSL_CLIENT_END)
return 1;
else
@ -505,7 +505,7 @@ WOLFSSL_LOCAL int wc_sce_usable(const struct WOLFSSL *ssl,
}
/* Generate Hmac by sha256*/
WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const struct WOLFSSL *ssl,const uint8_t* myInner,
WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const struct WOLFSSL *ssl,const uint8_t* myInner,
uint32_t innerSz,const uint8_t* in, uint32_t sz, byte* digest)
{
WOLFSSL_ENTER("sce_Sha256HmacGenerate");
@ -513,42 +513,42 @@ WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const struct WOLFSSL *ssl,const uint
sce_hmac_sha_handle_t _handle;
sce_hmac_sha_wrapped_key_t wrapped_key;
int ret;
if ((ssl == NULL) || (myInner == NULL) || (in == NULL) ||
(digest == NULL))
return BAD_FUNC_ARG;
wrapped_key = ssl->keys.sce_client_write_MAC_secret;
if ((ret = wc_sce_hw_lock()) != 0) {
WOLFSSL_MSG("hw lock failed");
return ret;
}
ret = R_SCE_SHA256HMAC_GenerateInit(
&_handle,
&wrapped_key);
if (ret == FSP_SUCCESS)
ret = R_SCE_SHA256HMAC_GenerateUpdate(
&_handle,
(uint8_t*)myInner,
(uint8_t*)myInner,
innerSz);
if (ret == FSP_SUCCESS)
ret = R_SCE_SHA256HMAC_GenerateUpdate(
&_handle,
(uint8_t*)in,
sz);
if (ret == FSP_SUCCESS)
if (ret == FSP_SUCCESS)
ret = R_SCE_SHA256HMAC_GenerateFinal(
&_handle,
digest);
if (ret != FSP_SUCCESS)
ret = WOLFSSL_FAILURE;
/* unlock hw */
wc_sce_hw_unlock();
WOLFSSL_LEAVE("sce_Sha256HmacGenerate", ret);
@ -557,7 +557,7 @@ WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const struct WOLFSSL *ssl,const uint
/* Verify hmac */
WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(const struct WOLFSSL *ssl,
const uint8_t* message, uint32_t messageSz,
const uint8_t* message, uint32_t messageSz,
uint32_t macSz, uint32_t content)
{
WOLFSSL_ENTER("sce_Sha256HmacVerify");
@ -569,43 +569,43 @@ WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(const struct WOLFSSL *ssl,
if ((ssl == NULL) || (message == NULL))
return BAD_FUNC_ARG;
wrapped_key = ssl->keys.sce_server_write_MAC_secret;
if ((ret = wc_sce_hw_lock()) != 0) {
WOLFSSL_MSG("hw lock failed");
return ret;
}
wolfSSL_SetTlsHmacInner((struct WOLFSSL*)ssl, myInner,
wolfSSL_SetTlsHmacInner((struct WOLFSSL*)ssl, myInner,
messageSz, content, 1);
ret = R_SCE_SHA256HMAC_VerifyInit(
&_handle,
&wrapped_key);
if (ret == FSP_SUCCESS)
ret = R_SCE_SHA256HMAC_VerifyUpdate(
&_handle,
(uint8_t*)myInner,
(uint8_t*)myInner,
WOLFSSL_TLS_HMAC_INNER_SZ);
if (ret == FSP_SUCCESS)
ret = R_SCE_SHA256HMAC_VerifyUpdate(
&_handle,
(uint8_t*)message,
(uint8_t*)message,
(uint32_t)messageSz);
if (ret == FSP_SUCCESS)
if (ret == FSP_SUCCESS)
ret = R_SCE_SHA256HMAC_VerifyFinal(
&_handle,
(uint8_t*)(message+messageSz),
(uint32_t)macSz);
if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("SCE Mac verification failed");
}
/* unlock hw */
wc_sce_hw_unlock();
WOLFSSL_LEAVE("sce_Sha256HmacVerify", ret);
@ -620,17 +620,17 @@ WOLFSSL_LOCAL int wc_sce_generateVerifyData(const uint8_t *ms, /* master secret
WOLFSSL_ENTER("sce_generateVerifyData");
int ret ;
uint32_t l_side = SCE_TLS_GENERATE_CLIENT_VERIFY;
if ((ms == NULL) || (side == NULL) || (handshake_hash == NULL) ||
(hashes == NULL))
return BAD_FUNC_ARG;
if (XSTRNCMP((const char*)side, (const char*)tls_server, FINISHED_LABEL_SZ)
== 0)
{
l_side = SCE_TLS_GENERATE_SERVER_VERIFY;
}
if ((ret = wc_sce_hw_lock()) == 0) {
ret = R_SCE_TLS_VerifyDataGenerate(l_side, (uint32_t*)ms,
(uint8_t*)handshake_hash, hashes/* out */);
@ -645,7 +645,7 @@ WOLFSSL_LOCAL int wc_sce_generateVerifyData(const uint8_t *ms, /* master secret
}
/* generate keys for TLS communication */
WOLFSSL_LOCAL int wc_sce_generateSessionKey(struct WOLFSSL *ssl,
WOLFSSL_LOCAL int wc_sce_generateSessionKey(struct WOLFSSL *ssl,
User_SCEPKCbInfo* cbInfo, int devId)
{
WOLFSSL_MSG("sce_generateSessionKey()");
@ -658,27 +658,27 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(struct WOLFSSL *ssl,
sce_aes_wrapped_key_t key_server_aes;
uint32_t sceCS = GetSceCipherSuite(ssl->options.cipherSuite0,
ssl->options.cipherSuite);
if (ssl== NULL || cbInfo == NULL)
return BAD_FUNC_ARG;
if ((ret = wc_sce_hw_lock()) == 0) {
if (sceCS == TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ||
sceCS == TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
{
WOLFSSL_MSG("Session key for AES-GCM generation skipped.");
wolfSSL_KeepArrays(ssl);
ret = FSP_SUCCESS;
}
else {
ret = R_SCE_TLS_SessionKeyGenerate(
GetSceCipherSuite(
ssl->options.cipherSuite0,
ssl->options.cipherSuite),
(uint32_t*)ssl->arrays->sce_masterSecret,
(uint32_t*)ssl->arrays->sce_masterSecret,
(uint8_t*) ssl->arrays->clientRandom,
(uint8_t*) ssl->arrays->serverRandom,
NULL,
@ -688,7 +688,7 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(struct WOLFSSL *ssl,
&key_server_aes,
NULL, NULL);
}
if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
}
@ -697,20 +697,20 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(struct WOLFSSL *ssl,
/* alloc aes instance for both enc and dec */
enc = &ssl->encrypt;
dec = &ssl->decrypt;
if (enc) {
if (enc->aes == NULL) {
enc->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap,
enc->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap,
DYNAMIC_TYPE_CIPHER);
if (enc->aes == NULL)
return MEMORY_E;
}
XMEMSET(enc->aes, 0, sizeof(Aes));
}
if (dec) {
if (dec->aes == NULL) {
dec->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap,
dec->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap,
DYNAMIC_TYPE_CIPHER);
if (dec->aes == NULL) {
if (enc) {
@ -719,26 +719,26 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(struct WOLFSSL *ssl,
return MEMORY_E;
}
}
XMEMSET(dec->aes, 0, sizeof(Aes));
}
/* copy key index into aes */
if (ssl->options.side == PROVISION_CLIENT) {
XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_client_aes,
XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_client_aes,
sizeof(key_client_aes));
XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_server_aes,
XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_server_aes,
sizeof(key_server_aes));
}
else {
XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_server_aes,
XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_server_aes,
sizeof(key_server_aes));
XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_client_aes,
XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_client_aes,
sizeof(key_client_aes));
}
/* copy mac key index into keys */
ssl->keys.sce_client_write_MAC_secret = key_client_mac;
ssl->keys.sce_server_write_MAC_secret = key_server_mac;
/* set up key size and marked ready */
if (enc) {
enc->aes->ctx.keySize = ssl->specs.key_size;
@ -753,7 +753,7 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(struct WOLFSSL *ssl,
/* ready for use */
dec->setup = 1;
}
if (cbInfo->sce_cipher == SCE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ||
cbInfo->sce_cipher == SCE_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
enc->aes->nonceSz = AEAD_MAX_IMP_SZ;
@ -761,16 +761,16 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(struct WOLFSSL *ssl,
}
enc->aes->devId = devId;
dec->aes->devId = devId;
/* marked as session key is set */
cbInfo->session_key_set = 1;
}
/* unlock hw */
wc_sce_hw_unlock();
}
else
else
WOLFSSL_LEAVE("hw lock failed", ret);
WOLFSSL_LEAVE("sce_generateSessionKey", ret);
return ret;
}
@ -786,23 +786,23 @@ WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
{
WOLFSSL_ENTER("sce_generateMasterSecretEx");
int ret;
if ((pr == NULL) || (cr == NULL) || (sr == NULL) ||
(ms == NULL))
return BAD_FUNC_ARG;
uint32_t sceCS = GetSceCipherSuite(cipherSuiteFirst, cipherSuite);
if( sceCS == 0xffffffff)
if (sceCS == 0xffffffff)
return BAD_FUNC_ARG;
if ((ret = wc_sce_hw_lock()) == 0) {
ret = R_SCE_TLS_MasterSecretGenerate(
ret = R_SCE_TLS_MasterSecretGenerate(
sceCS,
(uint32_t*)pr,
(uint8_t*)cr, (uint8_t*)sr, (uint32_t*)ms);
if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("R_SCE_TLS_MasterSecretGenerate failed");
}
}
/* unlock hw */
wc_sce_hw_unlock();
}
@ -814,15 +814,15 @@ WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
}
/* generate pre-Master secrete by SCE */
WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(uint8_t *premaster,
WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(uint8_t *premaster,
uint32_t preSz)
{
WOLFSSL_ENTER("sce_generatePremasterSecret");
int ret;
if (premaster == NULL)
return BAD_FUNC_ARG;
if ((ret = wc_sce_hw_lock()) == 0 && preSz >=
(SCE_TLS_MASTER_SECRET_WORD_SIZE*4)) {
/* generate pre-master, 80 bytes */
@ -836,13 +836,13 @@ WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(uint8_t *premaster,
else {
WOLFSSL_MSG(" hw lock failed or preSz is smaller than 80");
}
WOLFSSL_LEAVE("sce_generatePremasterSecret", ret);
return ret;
}
/*
/*
* generate encrypted pre-Master secrete by SCE
*/
WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
@ -852,10 +852,10 @@ WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
{
WOLFSSL_MSG("sce_generateEncryptPreMasterSecret");
int ret;
if ((ssl == NULL) || (out == NULL) || (outSz == NULL))
return BAD_FUNC_ARG;
if ((ret = wc_sce_hw_lock()) == 0) {
if (*outSz >= 256)
ret = R_SCE_TLS_PreMasterSecretEncryptWithRSA2048(
@ -864,7 +864,7 @@ WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
(uint8_t*)out);
else
ret = -1;
if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("R_SCE_TLS_PreMasterSecretEncryptWithRSA2048 failed");
}
@ -872,7 +872,7 @@ WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
*outSz = 256; /* SCE can only handles 2048 RSA */
/* set GenMaster Callback for Master secret generation */
void* ctx = wolfSSL_GetRsaVerifyCtx(ssl);
wolfSSL_CTX_SetGenMasterSecretCb(ssl->ctx,
wolfSSL_CTX_SetGenMasterSecretCb(ssl->ctx,
Renesas_cmn_genMasterSecret);
wolfSSL_SetGenMasterSecretCtx(ssl, ctx);
}
@ -908,7 +908,7 @@ WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
if (cert == NULL)
return BAD_FUNC_ARG;
if (!signature) {
WOLFSSL_MSG(" signature for ca verification is not set");
return -1;
@ -917,21 +917,21 @@ WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
WOLFSSL_MSG(" sce_encPublickey is NULL.");
return -1;
}
if (g_user_key_info.encrypted_user_tls_key_type ==
if (g_user_key_info.encrypted_user_tls_key_type ==
SCE_TLS_PUBLIC_KEY_TYPE_ECDSA_P256/*ECDSA*/) {
if ((sigforSCE = (uint8_t*)XMALLOC(HW_SCE_ECDSA_DATA_BYTE_SIZE, NULL,
DYNAMIC_TYPE_TEMP)) == NULL){
if ((sigforSCE = (uint8_t*)XMALLOC(HW_SCE_ECDSA_DATA_BYTE_SIZE, NULL,
DYNAMIC_TYPE_TEMP)) == NULL) {
WOLFSSL_MSG("failed to malloc memory");
return MEMORY_E;
}
/* initialization */
XMEMCPY(sigforSCE, 0, HW_SCE_ECDSA_DATA_BYTE_SIZE);
if (signature[offset] == 0x20) {
XMEMCPY(sigforSCE, &signature[offset+1], rs_size);
offset = 0x25;
if (signature[offset] == 0x20) {
XMEMCPY(&sigforSCE[rs_size], &signature[offset+1], rs_size);
@ -943,7 +943,7 @@ WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
else {
XMEMCPY(sigforSCE, &signature[offset+2], rs_size);
offset = 0x26;
if (signature[offset] == rs_size) {
XMEMCPY(&sigforSCE[rs_size], &signature[offset+1], rs_size);
}
@ -956,8 +956,8 @@ WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
else {
pSig = (uint8_t*)signature;
}
if ((ret = wc_sce_hw_lock()) == 0) {
ret = R_SCE_TLS_CertificateVerify(
g_user_key_info.encrypted_user_tls_key_type,
@ -998,20 +998,20 @@ WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
uint8_t *signature = (uint8_t*)ca_cert_sig;
WOLFSSL_ENTER("wc_sce_tls_RootCertVerify");
if (cert == NULL)
return BAD_FUNC_ARG;
if (!signature) {
WOLFSSL_MSG(" signature for ca verification is not set");
return -1;
}
if ((ret = wc_sce_hw_lock()) == 0) {
ret = R_SCE_TLS_RootCertificateVerify(
g_user_key_info.encrypted_user_tls_key_type,
(uint8_t*)cert, /* CA cert */
(uint32_t)cert_len, /* length of CA cert */
g_user_key_info.encrypted_user_tls_key_type,
(uint8_t*)cert, /* CA cert */
(uint32_t)cert_len, /* length of CA cert */
key_n_start, /* Byte position of public key */
(key_n_start + key_n_len),
key_e_start,
@ -1045,13 +1045,13 @@ WOLFSSL_LOCAL int wc_sce_storeKeyCtx(struct WOLFSSL* ssl, User_SCEPKCbInfo* info
if (ssl == NULL || info == NULL)
ret = BAD_FUNC_ARG;
if (ret == 0) {
XMEMCPY(info->sce_masterSecret, ssl->arrays->sce_masterSecret,
XMEMCPY(info->sce_masterSecret, ssl->arrays->sce_masterSecret,
SCE_TLS_MASTERSECRET_SIZE);
XMEMCPY(info->sce_clientRandom, ssl->arrays->clientRandom, 32);
XMEMCPY(info->sce_serverRandom, ssl->arrays->serverRandom, 32);
info->sce_cipher = GetSceCipherSuite(ssl->options.cipherSuite0,
ssl->options.cipherSuite);
}
@ -1063,34 +1063,34 @@ WOLFSSL_LOCAL int wc_sce_storeKeyCtx(struct WOLFSSL* ssl, User_SCEPKCbInfo* info
/* signature format expects RSA 2048 PSS with SHA256 */
WOLFSSL_API void wc_sce_inform_cert_sign(const uint8_t *sign)
{
if(sign)
if (sign)
ca_cert_sig = sign;
}
/* let wolfSSL know user key information using TLS operation by SCE */
WOLFSSL_API void wc_sce_inform_user_keys(
uint8_t* encrypted_provisioning_key,
uint8_t* iv,
uint8_t* encrypted_user_tls_key,
uint32_t encrypted_user_tls_key_type)
uint8_t* encrypted_provisioning_key,
uint8_t* iv,
uint8_t* encrypted_user_tls_key,
uint32_t encrypted_user_tls_key_type)
{
WOLFSSL_ENTER("sce_inform_user_keys");
g_user_key_info.encrypted_provisioning_key = NULL;
g_user_key_info.iv = NULL;
g_user_key_info.encrypted_user_tls_key = NULL;
if ( encrypted_provisioning_key ) {
if (encrypted_provisioning_key ) {
g_user_key_info.encrypted_provisioning_key = encrypted_provisioning_key;
}
if ( iv ) {
if (iv) {
g_user_key_info.iv = iv;
}
if ( encrypted_user_tls_key ) {
if (encrypted_user_tls_key) {
g_user_key_info.encrypted_user_tls_key = encrypted_user_tls_key;
}
g_user_key_info.encrypted_user_tls_key_type = encrypted_user_tls_key_type;
/* set callback for ECC */
WOLFSSL_MSG("sce_inform_user_keys_ex");
}
@ -1104,7 +1104,7 @@ WOLFSSL_API void wc_sce_set_callbacks(WOLFSSL_CTX* ctx)
wolfSSL_CTX_SetGenPreMasterCb(ctx, Renesas_cmn_generatePremasterSecret);
wolfSSL_CTX_SetRsaEncCb(ctx, Renesas_cmn_RsaEnc);
wolfSSL_CTX_SetVerifyMacCb(ctx, Renesas_cmn_VerifyHmac);
wolfSSL_CTX_SetEccSharedSecretCb(ctx, NULL);
}
/* Set callback contexts needed for sce TLS api handling */
@ -1117,19 +1117,19 @@ WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx] = (User_SCEPKCbInfo*)user_ctx;
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->pk_key_set = 0;
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->session_key_set = 0;
wolfSSL_SetEccVerifyCtx(ssl, user_ctx);
wolfSSL_SetRsaEncCtx(ssl, user_ctx);
wolfSSL_SetRsaVerifyCtx(ssl, user_ctx);
wolfSSL_SetGenPreMasterCtx(ssl, user_ctx);
wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
wolfSSL_SetVerifyMacCtx(ssl, user_ctx);
/* set up crypt callback */
wc_CryptoCb_CryptInitRenesasCmn(ssl, user_ctx);
gSCE_PKCbInfo.num_session = ++sce_sess_idx;
return 0;
}

109
wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
View File

@ -64,19 +64,19 @@ int wc_tsip_AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
word32 blocks = (sz / AES_BLOCK_SIZE);
uint32_t dataLength;
byte *iv;
if ((in == NULL) || (out == NULL) || (aes == NULL))
return BAD_FUNC_ARG;
/* while doing TLS handshake, TSIP driver keeps true-key and iv *
* on the device. iv is dummy */
iv = (uint8_t*)aes->reg;
if((ret = tsip_hw_lock()) != 0){
if ((ret = tsip_hw_lock()) != 0) {
WOLFSSL_MSG("Failed to lock");
return ret;
}
if (aes->ctx.keySize == 16) {
ret = R_TSIP_Aes128CbcEncryptInit(&_handle, &aes->ctx.tsip_keyIdx, iv);
}
@ -87,20 +87,19 @@ int wc_tsip_AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
tsip_hw_unlock();
return -1;
}
while (ret == TSIP_SUCCESS && blocks--) {
if (aes->ctx.keySize == 16)
ret = R_TSIP_Aes128CbcEncryptUpdate(&_handle, (uint8_t*)in,
ret = R_TSIP_Aes128CbcEncryptUpdate(&_handle, (uint8_t*)in,
(uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
else
ret = R_TSIP_Aes256CbcEncryptUpdate(&_handle, (uint8_t*)in,
ret = R_TSIP_Aes256CbcEncryptUpdate(&_handle, (uint8_t*)in,
(uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
in += AES_BLOCK_SIZE;
out += AES_BLOCK_SIZE;
}
if (ret == TSIP_SUCCESS) {
if (aes->ctx.keySize == 16) {
ret = R_TSIP_Aes128CbcEncryptFinal(&_handle, out, &dataLength);
@ -113,7 +112,7 @@ int wc_tsip_AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
WOLFSSL_MSG("TSIP AES CBC encryption failed");
ret = -1;
}
tsip_hw_unlock();
return ret;
}
@ -125,17 +124,17 @@ int wc_tsip_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
word32 blocks = (sz / AES_BLOCK_SIZE);
uint32_t dataLength;
byte *iv;
if ((in == NULL) || (out == NULL) || (aes == NULL))
return BAD_FUNC_ARG;
iv = (uint8_t*)aes->reg;
if((ret = tsip_hw_lock()) != 0){
if ((ret = tsip_hw_lock()) != 0) {
WOLFSSL_MSG("Failed to lock");
return ret;
}
if (aes->ctx.keySize == 16) {
ret = R_TSIP_Aes128CbcDecryptInit(&_handle, &aes->ctx.tsip_keyIdx, iv);
}
@ -146,20 +145,20 @@ int wc_tsip_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
tsip_hw_unlock();
return -1;
}
while (ret == TSIP_SUCCESS && blocks--) {
if (aes->ctx.keySize == 16)
ret = R_TSIP_Aes128CbcDecryptUpdate(&_handle, (uint8_t*)in,
ret = R_TSIP_Aes128CbcDecryptUpdate(&_handle, (uint8_t*)in,
(uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
else
ret = R_TSIP_Aes256CbcDecryptUpdate(&_handle, (uint8_t*)in,
ret = R_TSIP_Aes256CbcDecryptUpdate(&_handle, (uint8_t*)in,
(uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
in += AES_BLOCK_SIZE;
out += AES_BLOCK_SIZE;
}
if (ret == TSIP_SUCCESS) {
if (aes->ctx.keySize == 16)
ret = R_TSIP_Aes128CbcDecryptFinal(&_handle, out, &dataLength);
@ -170,13 +169,13 @@ int wc_tsip_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
WOLFSSL_MSG("TSIP AES CBC decryption failed");
ret = -1;
}
tsip_hw_unlock();
return ret;
}
/*
/*
* Encrypt plain data then output encrypted data and authentication tag data.
* The session key used for encryption is generated inside this function and
* The session key used for encryption is generated inside this function and
* the key which has been generated and stored in Aes is not used.
* parameter
* - aes: Aes structure
@ -186,12 +185,12 @@ int wc_tsip_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
* - iv: iv should be consist of implicit-iv of 4 bytes and exp-iv of 8 bytes
* - authTag: buffer where the authentication data is output.
* - authTagSz: buffer size for authentication data.
* - authIn: buffer holding Additionnal Authentication Data(AAD)
* - authIn: buffer holding Additional Authentication Data(AAD)
* - authInSz: AAD size
* - ctx: TsipUserCtx
* return 0 on success, otherwise on error.
* Note: As of TSIPv1.13, only accept 128 and 256 bit of key size
*
* return 0 on success, otherwise on error.
* Note: As of TSIPv1.13, only accept 128 and 256 bit of key size
*
*/
int wc_tsip_AesGcmEncrypt(
struct Aes* aes, byte* out,
@ -222,7 +221,7 @@ int wc_tsip_AesGcmEncrypt(
WOLFSSL_ENTER("wc_tsip_AesGcmEncrypt");
if (aes == NULL || ctx == NULL ||
(sz != 0 && (in == NULL || out == NULL)) ||
(sz != 0 && (in == NULL || out == NULL)) ||
(ivSz != 0 && iv == NULL) ||
(ivSz < AESGCM_NONCE_SZ && iv != NULL) || /* Requires 12 bytes of iv */
(authInSz != 0 && authIn == NULL) ||
@ -252,21 +251,21 @@ int wc_tsip_AesGcmEncrypt(
/* buffer for cipher data output must be multiple of AES_BLOCK_SIZE */
cipherBufSz = ((sz / AES_BLOCK_SIZE) + 1) * AES_BLOCK_SIZE;
if ((ret = tsip_hw_lock()) == 0) {
/* allocate buffers for plaintext, ciphertext, authTag and aad to make
* sure those buffers 32bit aligned as TSIP requests.
* sure those buffers 32bit aligned as TSIP requests.
*/
plainBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
cipherBuf = XMALLOC(cipherBufSz, aes->heap, DYNAMIC_TYPE_AES);
aTagBuf = XMALLOC(TSIP_AES_GCM_AUTH_TAG_SIZE, aes->heap,
aTagBuf = XMALLOC(TSIP_AES_GCM_AUTH_TAG_SIZE, aes->heap,
DYNAMIC_TYPE_AES);
aadBuf = XMALLOC(authTagSz, aes->heap, DYNAMIC_TYPE_AES);
if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL ||
aadBuf == NULL ) {
WOLFSSL_MSG("wc_tsip_AesGcmEncrypt: buffer allocation faild");
WOLFSSL_MSG("wc_tsip_AesGcmEncrypt: buffer allocation failed");
ret = -1;
}
@ -278,8 +277,8 @@ int wc_tsip_AesGcmEncrypt(
}
if (ret == 0) {
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
*/
err = R_TSIP_TlsGenerateSessionKey(
userCtx->tsip_cipher,
@ -300,14 +299,14 @@ int wc_tsip_AesGcmEncrypt(
}
if (ret == 0) {
/* since generated session key is coupled to iv, no need to pass
/* since generated session key is coupled to iv, no need to pass
* iv init func.
*/
err = initFn(&hdl, &key_client_aes, NULL, 0UL);
if (err == TSIP_SUCCESS) {
err = updateFn(&hdl, NULL, NULL, 0UL, (uint8_t*)aadBuf,
err = updateFn(&hdl, NULL, NULL, 0UL, (uint8_t*)aadBuf,
min(authInSz, TSIP_AES_GCM_AUTH_TAG_SIZE));
}
if (err == TSIP_SUCCESS) {
@ -317,14 +316,14 @@ int wc_tsip_AesGcmEncrypt(
WOLFSSL_MSG("R_TSIP_AesXXXGcmEncryptUpdate: failed");
ret = -1;
}
/* Once R_TSIP_AesxxxGcmEncryptInit or R_TSIP_AesxxxEncryptUpdate is
* called, R_TSIP_AesxxxGcmEncryptFinal must be called regardless of
* the result of the previous call. Otherwise, TSIP can not come out
* from its error state and all the trailing APIs will fail.
*/
dataLen = 0;
err = finalFn(&hdl,
err = finalFn(&hdl,
cipherBuf + (sz / AES_BLOCK_SIZE) * AES_BLOCK_SIZE,
&dataLen,
aTagBuf); /* aad of 16 bytes will be output */
@ -334,7 +333,7 @@ int wc_tsip_AesGcmEncrypt(
XMEMCPY(out, cipherBuf, sz);
/* copy auth tag to caller's buffer */
XMEMCPY((void*)authTag, (void*)aTagBuf,
XMEMCPY((void*)authTag, (void*)aTagBuf,
min(authTagSz, TSIP_AES_GCM_AUTH_TAG_SIZE ));
}
@ -348,14 +347,14 @@ int wc_tsip_AesGcmEncrypt(
XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES);
XFREE(aadBuf, aes->heap, DYNAMIC_TYPE_AES);
tsip_hw_unlock();
}
return ret;
}
/*
/*
* Decrypt cipher data into plaindata and output authentication tag data.
* The session key used for decryption is generated inside this function and
* The session key used for decryption is generated inside this function and
* the key which has been generated and stored in Aes is not used.
* parameter
* - aes: Aes structure
@ -365,11 +364,11 @@ int wc_tsip_AesGcmEncrypt(
* - iv: iv should be consist of implicit-iv of 4 bytes and exp-iv of 8 bytes
* - authTag: buffer where the authentication data is stored.
* - authTagSz: buffer size for authentication data.
* - authIn: buffer where Additionnal Authentication Data(AAD) is stored
* - authIn: buffer where Additional Authentication Data(AAD) is stored
* - authInSz: AAD size
* return 0 on success, otherwise on error.
* Note: As of TSIPv1.13, only accept 128 and 256 bit of key size
*
* return 0 on success, otherwise on error.
* Note: As of TSIPv1.13, only accept 128 and 256 bit of key size
*
*/
int wc_tsip_AesGcmDecrypt(
Aes* aes, byte* out,
@ -434,11 +433,11 @@ int wc_tsip_AesGcmDecrypt(
if ((ret = tsip_hw_lock()) == 0) {
/* allocate buffers for plaintext, cipher-text, authTag and AAD.
* TSIP requests those buffers 32bit aligned.
* TSIP requests those buffers 32bit aligned.
*/
cipherBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
plainBuf = XMALLOC(plainBufSz, aes->heap, DYNAMIC_TYPE_AES);
aTagBuf = XMALLOC(TSIP_AES_GCM_AUTH_TAG_SIZE, aes->heap,
aTagBuf = XMALLOC(TSIP_AES_GCM_AUTH_TAG_SIZE, aes->heap,
DYNAMIC_TYPE_AES);
aadBuf = XMALLOC(authInSz, aes->heap, DYNAMIC_TYPE_AES);
@ -456,8 +455,8 @@ int wc_tsip_AesGcmDecrypt(
}
if (ret == 0) {
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
*/
err = R_TSIP_TlsGenerateSessionKey(
userCtx->tsip_cipher,
@ -477,14 +476,14 @@ int wc_tsip_AesGcmDecrypt(
}
if (ret == 0) {
/* since key_index has iv and ivSz in it, no need to pass them init
/* since key_index has iv and ivSz in it, no need to pass them init
* func. Pass NULL and 0 as 3rd and 4th parameter respectively.
*/
err = initFn(&hdl, &key_server_aes, NULL, 0UL);
if (err == TSIP_SUCCESS) {
/* pass only AAD and it's size before passing cipher text */
err = updateFn(&hdl, NULL, NULL, 0UL, (uint8_t*)authIn,
err = updateFn(&hdl, NULL, NULL, 0UL, (uint8_t*)authIn,
authInSz);
}
if (err == TSIP_SUCCESS) {

50
wolfcrypt/src/port/Renesas/renesas_tsip_sha.c
View File

@ -42,7 +42,7 @@ static void TSIPHashFree(wolfssl_TSIP_Hash* hash)
{
if (hash == NULL)
return;
if (hash->msg != NULL) {
XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
hash->msg = NULL;
@ -55,16 +55,16 @@ static int TSIPHashInit(wolfssl_TSIP_Hash* hash, void* heap, int devId,
if (hash == NULL) {
return BAD_FUNC_ARG;
}
(void)devId;
XMEMSET(hash, 0, sizeof(wolfssl_TSIP_Hash));
hash->heap = heap;
hash->len = 0;
hash->used = 0;
hash->msg = NULL;
hash->sha_type = sha_type;
return 0;
}
@ -73,7 +73,7 @@ static int TSIPHashUpdate(wolfssl_TSIP_Hash* hash, const byte* data, word32 sz)
if (hash == NULL || (sz > 0 && data == NULL)) {
return BAD_FUNC_ARG;
}
if (hash->len < hash->used + sz) {
if (hash->msg == NULL) {
hash->msg = (byte*)XMALLOC(hash->used + sz, hash->heap,
@ -106,7 +106,7 @@ static int TSIPHashUpdate(wolfssl_TSIP_Hash* hash, const byte* data, word32 sz)
}
XMEMCPY(hash->msg + hash->used, data , sz);
hash->used += sz;
return 0;
}
@ -116,15 +116,15 @@ static int TSIPHashFinal(wolfssl_TSIP_Hash* hash, byte* out, word32 outSz)
void* heap;
tsip_sha_md5_handle_t handle;
uint32_t sz;
e_tsip_err_t (*Init)(tsip_sha_md5_handle_t*);
e_tsip_err_t (*Update)(tsip_sha_md5_handle_t*, uint8_t*, uint32_t);
e_tsip_err_t (*Final )(tsip_sha_md5_handle_t*, uint8_t*, uint32_t*);
if (hash == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
if (hash->sha_type == TSIP_SHA1) {
Init = R_TSIP_Sha1Init;
Update = R_TSIP_Sha1Update;
@ -135,13 +135,13 @@ static int TSIPHashFinal(wolfssl_TSIP_Hash* hash, byte* out, word32 outSz)
Update = R_TSIP_Sha256Update;
Final = R_TSIP_Sha256Final;
}
else
else
return BAD_FUNC_ARG;
heap = hash->heap;
tsip_hw_lock();
if (Init(&handle) == TSIP_SUCCESS) {
ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
if (ret == TSIP_SUCCESS) {
@ -152,7 +152,7 @@ static int TSIPHashFinal(wolfssl_TSIP_Hash* hash, byte* out, word32 outSz)
}
}
tsip_hw_unlock();
TSIPHashFree(hash);
return TSIPHashInit(hash, heap, 0, hash->sha_type);
}
@ -162,15 +162,15 @@ static int TSIPHashGet(wolfssl_TSIP_Hash* hash, byte* out, word32 outSz)
int ret;
tsip_sha_md5_handle_t handle;
uint32_t sz;
e_tsip_err_t (*Init)(tsip_sha_md5_handle_t*);
e_tsip_err_t (*Update)(tsip_sha_md5_handle_t*, uint8_t*, uint32_t);
e_tsip_err_t (*Final )(tsip_sha_md5_handle_t*, uint8_t*, uint32_t*);
if (hash == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
if (hash->sha_type == TSIP_SHA1) {
Init = R_TSIP_Sha1Init;
Update = R_TSIP_Sha1Update;
@ -181,11 +181,11 @@ static int TSIPHashGet(wolfssl_TSIP_Hash* hash, byte* out, word32 outSz)
Update = R_TSIP_Sha256Update;
Final = R_TSIP_Sha256Final;
}
else
else
return BAD_FUNC_ARG;
tsip_hw_lock();
if (Init(&handle) == TSIP_SUCCESS) {
ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
if (ret == TSIP_SUCCESS) {
@ -195,9 +195,9 @@ static int TSIPHashGet(wolfssl_TSIP_Hash* hash, byte* out, word32 outSz)
}
}
}
tsip_hw_unlock();
return 0;
}
@ -206,9 +206,9 @@ static int TSIPHashCopy(wolfssl_TSIP_Hash* src, wolfssl_TSIP_Hash* dst)
if (src == NULL || dst == NULL) {
return BAD_FUNC_ARG;
}
XMEMCPY(dst, src, sizeof(wolfssl_TSIP_Hash));
if (src->len > 0 && src->msg != NULL) {
dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (dst->msg == NULL) {
@ -216,7 +216,7 @@ static int TSIPHashCopy(wolfssl_TSIP_Hash* src, wolfssl_TSIP_Hash* dst)
}
XMEMCPY(dst->msg, src->msg, src->len);
}
return 0;
}
/* */

493
wolfcrypt/src/port/Renesas/renesas_tsip_util.c
View File

File diff suppressed because it is too large Load Diff

2
wolfssl/internal.h
View File

@ -4576,7 +4576,7 @@ struct WOLFSSL {
#endif /* NO_RSA */
void* GenPreMasterCtx; /* Generate Premaster Callback Context */
void* GenMasterCtx; /* Generate Master Callback Context */
void* GenSessionKeyCtx; /* Generate Sesssion Key Callback Context */
void* GenSessionKeyCtx; /* Generate Session Key Callback Context */
void* EncryptKeysCtx; /* Set Encrypt keys Callback Context */
void* TlsFinishedCtx; /* Generate Tls Finished Callback Context */
void* VerifyMacCtx; /* Verify mac Callback Context */