From 34d897e433d14b351a41f9baa352b1e9f85ac704 Mon Sep 17 00:00:00 2001
From: Andrew Hutchings <andrew@wolfssl.com>
Date: Thu, 7 Jul 2022 16:11:54 +0100
Subject: [PATCH] Fixes to SE050 port

This fixes the following things:

* Memory leaks in SE050 SHA messages
* Add key to SE050 for ECC sign hash function
* Remove circular include
* Correct prototype for `se050_hash_final`
* A few defined check fixes
---
 wolfcrypt/src/port/nxp/se050_port.c     | 44 +++++++++++++++++++++++--
 wolfcrypt/src/sha.c                     |  4 +--
 wolfcrypt/src/sha256.c                  |  5 +--
 wolfcrypt/src/sha512.c                  | 10 +++---
 wolfssl/wolfcrypt/port/nxp/se050_port.h |  5 ++-
 wolfssl/wolfcrypt/sha512.h              |  4 +--
 6 files changed, 54 insertions(+), 18 deletions(-)

diff --git a/wolfcrypt/src/port/nxp/se050_port.c b/wolfcrypt/src/port/nxp/se050_port.c
index f568aa67a..40e6baf40 100644
--- a/wolfcrypt/src/port/nxp/se050_port.c
+++ b/wolfcrypt/src/port/nxp/se050_port.c
@@ -258,7 +258,8 @@ int se050_hash_final(SE050_HASH_Context* se050Ctx, byte* hash, size_t digestLen,
 
 void se050_hash_free(SE050_HASH_Context* se050Ctx)
 {
-    (void)se050Ctx;
+    XFREE(se050Ctx->msg, se050Ctx->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    se050Ctx->msg = NULL;
 }
 
 #ifndef NO_AES
@@ -511,6 +512,9 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out,
     sss_algorithm_t     algorithm;
     int                 keySize;
     int                 keySizeBits;
+    int                 keyCreated = 0;
+    int                 keyId;
+    sss_cipher_type_t   curveType;
 
 #ifdef SE050_DEBUG
     printf("se050_ecc_sign_hash_ex: key %p, in %p (%d), out %p (%d), keyId %d\n",
@@ -525,7 +529,7 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out,
     }
 
     keySize = key->dp->size;
-    ret = se050_map_curve(key->dp->id, keySize, &keySizeBits, NULL);
+    ret = se050_map_curve(key->dp->id, keySize, &keySizeBits, &curveType);
     if (ret != 0) {
         return ret;
     }
@@ -557,9 +561,38 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out,
     if (status == kStatus_SSS_Success) {
         status = sss_key_object_init(&newKey, &host_keystore);
     }
+    /* this is run when a key was not generated and was instead passed in */
     if (status == kStatus_SSS_Success) {
-        status = sss_key_object_get_handle(&newKey, key->keyId);
+        keyId = key->keyId;
+        if (keyId <= 0) {
+            byte derBuf[SE050_ECC_DER_MAX];
+            word32 derSz;
+
+            ret = wc_EccKeyToDer(key, derBuf, (word32)sizeof(derBuf));
+            if (ret >= 0) {
+                derSz = ret;
+                ret = 0;
+            }
+            else {
+                status = kStatus_SSS_Fail;
+            }
+            if (status == kStatus_SSS_Success) {
+                keyId = se050_allocate_key(SE050_ECC_KEY);
+                status = sss_key_object_allocate_handle(&newKey, keyId,
+                    kSSS_KeyPart_Pair, curveType, keySize,
+                    kKeyObject_Mode_Transient);
+            }
+            if (status == kStatus_SSS_Success) {
+                keyCreated = 1;
+                status = sss_key_store_set_key(&host_keystore, &newKey, derBuf,
+                                                derSz, keySizeBits, NULL, 0);
+            }
+        }
+        else {
+            status = sss_key_object_get_handle(&newKey, keyId);
+        }
     }
+
     if (status == kStatus_SSS_Success) {
         status = sss_asymmetric_context_init(&ctx_asymm, cfg_se050_i2c_pi,
             &newKey, algorithm, kMode_SSS_Sign);
@@ -583,9 +616,14 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out,
     }
 
     if (status == kStatus_SSS_Success) {
+        key->keyId = keyId;
         ret = 0;
     }
     else {
+        if (keyCreated) {
+            sss_key_store_erase_key(&host_keystore, &newKey);
+            sss_key_object_free(&newKey);
+        }
         if (ret == 0)
             ret = WC_HW_E;
     }
diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c
index 8113997fa..2d5f28b58 100644
--- a/wolfcrypt/src/sha.c
+++ b/wolfcrypt/src/sha.c
@@ -358,7 +358,6 @@
         int ret = 0;
         ret = se050_hash_final(&sha->se050Ctx, hash, WC_SHA_DIGEST_SIZE,
                                kAlgorithm_SSS_SHA1);
-        (void)wc_InitSha(sha);
         return ret;
     }
     int wc_ShaFinalRaw(wc_Sha* sha, byte* hash)
@@ -366,7 +365,6 @@
         int ret = 0;
         ret = se050_hash_final(&sha->se050Ctx, hash, WC_SHA_DIGEST_SIZE,
                                kAlgorithm_SSS_SHA1);
-        (void)wc_InitSha(sha);
         return ret;
     }
 
@@ -849,7 +847,7 @@ void wc_ShaFree(wc_Sha* sha)
     wc_ShaPic32Free(sha);
 #endif
 #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-   se050_hash_free(&sha->se050Ctx);
+    se050_hash_free(&sha->se050Ctx);
 #endif
 #if (defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
     !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH))
diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c
index 6da015153..2d7e87813 100644
--- a/wolfcrypt/src/sha256.c
+++ b/wolfcrypt/src/sha256.c
@@ -619,7 +619,6 @@ static int InitSha256(wc_Sha256* sha256)
         int ret = 0;
         ret = se050_hash_final(&sha256->se050Ctx, hash, WC_SHA256_DIGEST_SIZE,
                                kAlgorithm_SSS_SHA256);
-        (void)wc_InitSha256(sha256);
         return ret;
     }
     int wc_Sha256FinalRaw(wc_Sha256* sha256, byte* hash)
@@ -627,7 +626,6 @@ static int InitSha256(wc_Sha256* sha256)
         int ret = 0;
         ret = se050_hash_final(&sha256->se050Ctx, hash, WC_SHA256_DIGEST_SIZE,
                                kAlgorithm_SSS_SHA256);
-        (void)wc_InitSha256(sha256);
         return ret;
     }
 
@@ -1696,6 +1694,9 @@ void wc_Sha256Free(wc_Sha256* sha256)
         sha256->msg = NULL;
     }
 #endif
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
+    se050_hash_free(&sha256->se050Ctx);
+#endif
 #if defined(WOLFSSL_KCAPI_HASH)
     KcapiHashFree(&sha256->kcapi);
 #endif
diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c
index f6c863665..36874932e 100644
--- a/wolfcrypt/src/sha512.c
+++ b/wolfcrypt/src/sha512.c
@@ -232,7 +232,6 @@
     #endif
         ret = se050_hash_final(&sha512->se050Ctx, hash, WC_SHA512_DIGEST_SIZE,
                                kAlgorithm_SSS_SHA512);
-        (void)wc_InitSha512_ex(sha512, sha512->heap, devId);
         return ret;
     }
     int wc_Sha512FinalRaw(wc_Sha512* sha512, byte* hash)
@@ -247,12 +246,11 @@
     #endif
         ret = se050_hash_final(&sha512->se050Ctx, hash, WC_SHA512_DIGEST_SIZE,
                                kAlgorithm_SSS_SHA512);
-        (void)wc_InitSha512_ex(sha512, sha512->heap, devId);
         return ret;
     }
     void wc_Sha512Free(wc_Sha512* sha512)
     {
-        (void)sha512;
+        se050_hash_free(&sha512->se050Ctx);
     }
 
 #else
@@ -1264,7 +1262,6 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
         int ret = 0;
         ret = se050_hash_final(&sha384->se050Ctx, hash, WC_SHA384_DIGEST_SIZE,
                                kAlgorithm_SSS_SHA384);
-        (void)wc_InitSha384(sha384);
         return ret;
     }
     int wc_Sha384FinalRaw(wc_Sha384* sha384, byte* hash)
@@ -1272,7 +1269,6 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
         int ret = 0;
         ret = se050_hash_final(&sha384->se050Ctx, hash, WC_SHA384_DIGEST_SIZE,
                                kAlgorithm_SSS_SHA384);
-        (void)wc_InitSha384(sha384);
         return ret;
     }
 
@@ -1482,6 +1478,10 @@ void wc_Sha384Free(wc_Sha384* sha384)
     }
 #endif
 
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
+    se050_hash_free(&sha384->se050Ctx);
+#endif
+
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
     wolfAsync_DevCtxFree(&sha384->asyncDev, WOLFSSL_ASYNC_MARKER_SHA384);
 #endif /* WOLFSSL_ASYNC_CRYPT */
diff --git a/wolfssl/wolfcrypt/port/nxp/se050_port.h b/wolfssl/wolfcrypt/port/nxp/se050_port.h
index a58e97be6..bd59ba12f 100644
--- a/wolfssl/wolfcrypt/port/nxp/se050_port.h
+++ b/wolfssl/wolfcrypt/port/nxp/se050_port.h
@@ -24,7 +24,6 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/wolfcrypt/visibility.h>
-#include <wolfssl/wolfcrypt/asn_public.h>
 
 #ifdef __GNUC__
 #pragma GCC diagnostic push
@@ -39,7 +38,7 @@
 #include "fsl_sss_api.h"
 #endif
 
-#ifdef WOLFSSL_SE050
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
     /* NXP SE050 - Disable SHA512 224/256 support */
     #ifndef WOLFSSL_NOSHA512_224
     #define WOLFSSL_NOSHA512_224
@@ -105,7 +104,7 @@ WOLFSSL_LOCAL int se050_hash_init(SE050_HASH_Context* se050Ctx, void* heap);
 WOLFSSL_LOCAL int se050_hash_update(SE050_HASH_Context* se050Ctx,
     const byte* data, word32 len);
 WOLFSSL_LOCAL int se050_hash_final(SE050_HASH_Context* se050Ctx, byte* hash,
-    size_t digestLen, word32 algo);
+    size_t digestLen, sss_algorithm_t algo);
 WOLFSSL_LOCAL void se050_hash_free(SE050_HASH_Context* se050Ctx);
 
 struct Aes;
diff --git a/wolfssl/wolfcrypt/sha512.h b/wolfssl/wolfcrypt/sha512.h
index b4e6dfaac..6c0af560a 100644
--- a/wolfssl/wolfcrypt/sha512.h
+++ b/wolfssl/wolfcrypt/sha512.h
@@ -142,7 +142,7 @@ enum {
 #if defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM)
     #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
 #else
-#if defined(WOLFSSL_SE050)
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
     #include "wolfssl/wolfcrypt/port/nxp/se050_port.h"
 #endif
 /* wc_Sha512 digest */
@@ -177,7 +177,7 @@ struct wc_Sha512 {
 #ifdef WOLFSSL_KCAPI_HASH
     wolfssl_KCAPI_Hash kcapi;
 #endif
-#if defined(WOLFSSL_SE050)
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
     SE050_HASH_Context se050Ctx;
 #endif
 #if defined(WOLFSSL_HASH_KEEP)