From 8d65cee0a9c951f48b38257c6bbd128089b88ecf Mon Sep 17 00:00:00 2001
From: Aditya Patwardhan <aditya.patwardhan@espressif.com>
Date: Tue, 26 Nov 2019 14:39:13 +0530
Subject: [PATCH] esp32/esp-tls: Make crypto abstraction layer inside esp-tls
 Which allows several components to use cryptographic functions from esp-tls
 which is the current abstraction layer.

---
 components/esp-tls/CMakeLists.txt             |  4 +-
 components/esp-tls/component.mk               |  6 +-
 .../esp-tls/esp-tls-crypto/esp_tls_crypto.c   | 85 +++++++++++++++++++
 .../esp-tls/esp-tls-crypto/esp_tls_crypto.h   | 68 +++++++++++++++
 4 files changed, 158 insertions(+), 5 deletions(-)
 create mode 100644 components/esp-tls/esp-tls-crypto/esp_tls_crypto.c
 create mode 100644 components/esp-tls/esp-tls-crypto/esp_tls_crypto.h

diff --git a/components/esp-tls/CMakeLists.txt b/components/esp-tls/CMakeLists.txt
index d8a73c1451..a8ae11e097 100644
--- a/components/esp-tls/CMakeLists.txt
+++ b/components/esp-tls/CMakeLists.txt
@@ -1,4 +1,4 @@
-set(srcs esp_tls.c)
+set(srcs esp_tls.c esp-tls-crypto/esp_tls_crypto.c)
 if(CONFIG_ESP_TLS_USING_MBEDTLS)
     list(APPEND srcs
         "esp_tls_mbedtls.c")
@@ -10,7 +10,7 @@ if(CONFIG_ESP_TLS_USING_WOLFSSL)
 endif()
 
 idf_component_register(SRCS "${srcs}"
-                    INCLUDE_DIRS "."
+                    INCLUDE_DIRS . esp-tls-crypto
                     PRIV_INCLUDE_DIRS "private_include"
                     REQUIRES mbedtls
                     PRIV_REQUIRES lwip nghttp)
diff --git a/components/esp-tls/component.mk b/components/esp-tls/component.mk
index 70f6f2fa72..59eb4a63a7 100644
--- a/components/esp-tls/component.mk
+++ b/components/esp-tls/component.mk
@@ -1,8 +1,8 @@
 
-COMPONENT_SRCDIRS := .
-COMPONENT_OBJS := esp_tls.o
+COMPONENT_SRCDIRS := . esp-tls-crypto
+COMPONENT_OBJS := esp_tls.o esp-tls-crypto/esp_tls_crypto.o
 
-COMPONENT_ADD_INCLUDEDIRS := . private_include
+COMPONENT_ADD_INCLUDEDIRS := . esp-tls-crypto private_include
 
 
 ifneq ($(CONFIG_ESP_TLS_USING_MBEDTLS), )
diff --git a/components/esp-tls/esp-tls-crypto/esp_tls_crypto.c b/components/esp-tls/esp-tls-crypto/esp_tls_crypto.c
new file mode 100644
index 0000000000..8dafa3419c
--- /dev/null
+++ b/components/esp-tls/esp-tls-crypto/esp_tls_crypto.c
@@ -0,0 +1,85 @@
+// Copyright 2020 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "esp_tls_crypto.h"
+#include "esp_log.h"
+#include "esp_err.h"
+static const char *TAG = "esp_crypto";
+#ifdef CONFIG_ESP_TLS_USING_MBEDTLS
+#include "mbedtls/sha1.h"
+#include "mbedtls/base64.h"
+#define _esp_crypto_sha1 esp_crypto_sha1_mbedtls
+#define _esp_crypto_base64_encode esp_crypto_bas64_encode_mbedtls
+#elif  CONFIG_ESP_TLS_USING_WOLFSSL
+#include "wolfssl/ssl.h" /* SHA functions are listed in wolfssl/ssl.h */
+#include "wolfssl/wolfcrypt/coding.h"
+#define _esp_crypto_sha1 esp_crypto_sha1_wolfSSL
+#define _esp_crypto_base64_encode esp_crypto_base64_encode_woflSSL
+#endif
+
+#ifdef CONFIG_ESP_TLS_USING_MBEDTLS
+static int esp_crypto_sha1_mbedtls( const unsigned char *input,
+                                    size_t ilen,
+                                    unsigned char output[20])
+{
+    int ret = mbedtls_sha1_ret(input, ilen, output);
+    if (ret != 0) {
+        ESP_LOGE(TAG, "Error in calculating sha1 sum , Returned 0x%02X", ret);
+    }
+    return ret;
+}
+
+static int esp_crypto_bas64_encode_mbedtls( unsigned char *dst, size_t dlen,
+        size_t *olen, const unsigned char *src,
+        size_t slen)
+{
+    return mbedtls_base64_encode(dst, dlen, olen, src, slen);
+}
+
+#elif CONFIG_ESP_TLS_USING_WOLFSSL
+static int esp_crypto_sha1_wolfSSL( const unsigned char *input,
+                                    size_t ilen,
+                                    unsigned char output[20])
+{
+    unsigned char *ret = wolfSSL_SHA1(input, ilen, output);
+    if (ret == NULL) {
+        ESP_LOGE(TAG, "Error in calculating sha1 sum");
+        return -1;
+    }
+    return 0;
+}
+
+static int esp_crypto_base64_encode_woflSSL(unsigned char *dst, size_t dlen, size_t *olen,
+        const unsigned char *src, size_t slen)
+{
+    *olen = dlen;
+    return Base64_Encode((const byte *) src, (word32) slen, (byte *) dst, (word32 *) olen);
+}
+
+#else
+#error "No TLS/SSL Stack selected"
+#endif
+
+int esp_crypto_sha1( const unsigned char *input,
+                     size_t ilen,
+                     unsigned char output[20])
+{
+    return _esp_crypto_sha1(input, ilen, output);
+}
+
+int esp_crypto_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
+                             const unsigned char *src, size_t slen )
+{
+    return _esp_crypto_base64_encode(dst, dlen, olen, src, slen);
+}
diff --git a/components/esp-tls/esp-tls-crypto/esp_tls_crypto.h b/components/esp-tls/esp-tls-crypto/esp_tls_crypto.h
new file mode 100644
index 0000000000..2336a9cebc
--- /dev/null
+++ b/components/esp-tls/esp-tls-crypto/esp_tls_crypto.h
@@ -0,0 +1,68 @@
+// Copyright 2020 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+#ifndef _ESP_TLS_CRYPTO_H
+#define _ESP_TLS_CRYPTO_H
+
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief Calculate sha1 sum
+ * esp-tls abstraction for crypto sha1 API, calculates the sha1 sum(digest) of
+ * the data provided in input which is of ilen size and returns
+ * a 20 char sha1 sum
+ * @param[in]   input   Input array
+ * @param[in]   ilen    Length of Input array
+ * @param[out]  output  calculated sha1 sum
+ *
+ * @return
+ * mbedtls stack:-
+ *              - MBEDTLS_ERR_SHA1_BAD_INPUT_DATA   on BAD INPUT.
+ *              -  0 on success.
+ * wolfssl stack:-
+ *              - -1    on failure.
+ *              -  0    on success.
+ */
+int esp_crypto_sha1(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[20]);
+
+/**
+ * @brief Do Base64 encode of the src data
+ *
+ * @param[in]   dst   destination buffer
+ * @param[in]   dlen  length of destination buffer
+ * @param[out]  olen  number of bytes written
+ * @param[in]   src   src buffer to be encoded
+ * @param[in]   slen  src buffer len
+ *
+ * @return
+ * mbedtls stack:-
+ *               - MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL  if buffer is of insufficient size.
+ *               -  0   if successful.
+ * wolfssl stack:-
+ *               - <0   on failure.
+ *               -  0   if succcessful.
+ */
+int esp_crypto_base64_encode(unsigned char *dst, size_t dlen,
+                             size_t *olen, const unsigned char *src,
+                             size_t slen);
+
+#ifdef __cplusplus
+}
+#endif
+#endif /* _ESP_TLS_CRYPTO_H */