diff --git a/IDE/Renesas/e2studio/RA6M4/README.md b/IDE/Renesas/e2studio/RA6M4/README.md new file mode 100644 index 000000000..b9eebcb17 --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/README.md @@ -0,0 +1,230 @@ +wolfSSL for Renesas RA Evaluation Kit (EK-RA6M4) +================================================= + +## Description + +This directory contains e2studio projects targeted at the Renesas RA 32-bit MCUs. +The example projects include a wolfSSL TLS client. +They also include benchmark and cryptography tests for the wolfCrypt library. + + +The wolfssl project contains both the wolfSSL and wolfCrypt libraries. +It is built as a `Renesas RA C Library Project` and contains the Renesas RA +configuration. The wolfssl project uses `Secure Cryptography Engine on RA6 Protected Mode` +as hardware acceleration for cypto and TLS operation. + + +The other projects (benchmark, client, and test) are built as a +`Renesas RA C Project Using RA Library`, where the RA library is the wolfssl project. +The wolfssl Project Summary is listed below and is relevant for every project. + +### Project Summary +|Item|Name/Version| +|:--|:--| +|Board|EK-RA6M4| +|Device|R7FA6M4AF3CFB| +|Toolchain|GCC ARM Embedded| +|FSP Version|3.4.0a| + +#### Selected software components + +|Components|Version| +|:--|:--| +|Board Support Package Common Files|v3.4.0a| +|Secure Cryptography Engine on RA6 Protected Mode|v3.4.0a| +|I/O Port|v3.4.0a| +|Arm CMSIS Version 5 - Core (M)|v5.7.0+fsp.3.4.0a| +|RA6M3G-EK Board Support Files|v3.4.0a| +|Board support package for R7FA6M4AF3CFB|v3.4.0a| +|Board support package for RA6M4|v3.4.0a| +|FreeRTOS|v10.4.3+fsp.3.4.0a| +|FreeRTOS - Memory Management - Heap 4|v10.4.3+fsp.3.4.0a| +|r_ether to FreeRTOS+TCP Wrapper|v3.4.0a| +|Ethernet|v3.4.0.a| +|Ethernet PHY|v3.4.0a| +|FreeRTOS+TCP|v2.3.2+fsp.3.4.0a| +|FreeRTOS - Buffer Allocation 2|v2.3.2+fsp.3.4.0a| + +## Setup Steps and Build wolfSSL Library + +1.) Import projects from [File]->[Open projects from File System] + ++ Select folder at /path/to/wolfssl/IDE/Renesas/e2studio/RA6M4 ++ Deselect the Non-Eclipse project, RA6M4, by clicking the checkbox\ + Only the folders with 'Eclipse project' under 'Import as' need to be selected. + +2.) Create a `dummy_library` Static Library. + ++ Click File->New->`RA C/C++ Project`. ++ Select `EK-RA6M4` from Drop-down list. ++ Check `Static Library`. ++ Select FreeRTOS from RTOS selection. Click Next. ++ Check `FreeRTOS minimal - Static Allocation`. Click Finish. ++ Open Smart Configurator by clicking configuration.xml in the project ++ Go to `BSP` tab and increase Heap Size under `RA Common` on Properties page ++ Go to `Stacks` tab ++ Add `SCE Protected Mode` stack from `New Stack` -> `Driver` -> `Crypt` ++ Add New thead and set properties + +|Property|Value| +|:--|:--| +|Thread Symbol|sce_tst_thread| +|Thread Name|sce_tst_thread| +|Thread Stack size|increase depending on your environment| +|Thread MemoryAllocation|Dyamic| +|Common General Use Mutexes|Enabled| +|Common General Enable Backward Compatibility|Enabled| +|Common Memory Allocation Support Dynamic Allocation|Enabled| +|Common Memory Allocation Total Heap Size|increase depending on your environment| + ++ Add `Heap 4` stack to sce_tst_thread from `New Stack` -> `FreeRTOS` -> `Memory Management` ++ Add `FreeRTOS + TCP` stack to sce_tst_thread from `New Stack` -> `FreeRTOS` -> `Libraries` and set properties + +|Property|Value| +|:--|:--| +|Network Events call vApplicationIPNetworkEventHook|Disable| +|Use DHCP|Disable| + ++ Save `dummy_library` FSP configuration ++ Copy configuration.xml and pincfg under `dummy_library` to `wolfSSL_RA6M4` ++ Open Smart Configurator by clicking copied configuration.xml ++ Click `Generate Project Content` on Smart Configurator + +3.) Build the wolfSSL project + +4.) Create a 'dummy_application' Renesas RA C Project Using RA Library. + ++ Click File->New->`RA C/C++ Project`. ++ Select `EK-RA6M4` from Drop-down list. ++ Check `Executable Using an RA Static Library`. ++ Select FreeRTOS from RTOS selection. Click Finish. ++ Enter `dummy_application` as the project name. Click Next. ++ Under `RA library project`, select `wolfSSL_RA6M4`. ++ Click Finish. ++ Copy the followng folder inside dummy_app to `test_RA6M4`\ + script/ + src/sce_tst_thread_entry.c + ++ Add `sce_test()` call under /* TODO: add your own code here */ line at sce_tst_thread_entry.c +``` +... + /* TODO: add your own code here */ + sce_test(); +... +``` + +5.) Prepare SEGGER_RTT to logging + ++ Download J-Link software from [Segger](https://www.segger.com/downloads/jlink) ++ Choose `J-Link Software and Documentation Pack` ++ Copy sample program files below from `Installed SEGGER` folder, `e.g C:\Program Files\SEGGER\JLink\Samples\RTT`, to /path/to/wolfssl/IDE/Reenesas/e2studio/RA6M4/test/src/SEGGER_RTT\ + + SEGGER_RTT.c\ + SEGGER_RTT.h\ + SEGGER_RTT_Conf.h\ + SEGGER_RTT_printf.c + ++ To connect RTT block, you can configure RTT viewer configuration based on where RTT block is in map file\ + e.g.\ + [test_RA6M4.map] + ``` + COMMON 0x200232a8 0xa8 ./src/SEGGER_RTT/SEGGER_RTT.o\ + ```` + you can specify "RTT control block" to 0x200232a8 by Address\ + OR\ + you can specify "RTT control block" to 0x20020000 0x10000 by Search Range + +## Run Client +1.) Enable TLS_CLIENT definition in wolfssl_demo.h of test_RA6M4 projet + +2.) Client IP address and Server IP address + ++ Client IP address can be changed by the following line in wolf_client.c. +``` +static const byte ucIPAddress[4] = { 192, 168, 11, 241 }; +``` ++ Client IP address can be changed by the following line in wolf_client.c. +``` +#define SERVER_IP "192.168.11.40" +``` + +3.) Build test_RA6M4 project + +4.) Prepare peer wolfssl server + ++ On Linux +``` +$ autogen.sh +$ ./configure --enable-extended-master=no CFLAGS="-DWOLFSSL_STATIC_RSA -DHAVE_AES_CBC" +``` +Run peer wolfSSL server + +RSA sign and verify use, launch server with the following option +``` +$./example/server/server -b -d -i +``` + +You will see the following message on J-LinK RTT Viewer +``` +cipher : AES128-SHA256 +Received: I hear you fa shizzle! + +cipher : AES256-SHA256 +Received: I hear you fa shizzle! + +cipher : ECDHE-RSA-AES128-SHA256 +Received: I hear you fa shizzle! + +cipher : ECDHE-RSA-AES128-GCM-SHA256 +Received: I hear you fa shizzle! +``` + +ECDSA sign and verify use, launch server with the following option +``` +$./examples/server/server -b -d -c ./certs/server-ecc.pem -k ./certs/ecc-key.pem +``` + +You will see the following message on J-LinK RTT Viewer +``` +cipher : ECDHE-ECDSA-AES128-SHA256 +Received: I hear you fa shizzle! + +cipher : ECDHE-ECDSA-AES128-GCM-SHA256 +Received: I hear you fa shizzle! +``` + +5.) Run the example Client + + **Note**\ + To run "RSA verify" client, enable "#define USE_CERT_BUFFERS_2048" in wolfssl_demo.h\ + To run "ECDSA verify" client, enable "#define USE_CERT_BUFFERS_256" in wolfssl_demo.h + +## Run Crypt test and Benchmark + +1.) Enable CRYPT_TEST and/or BENCHMARK definition in wolfssl_demo.h + +2.) Enable SCEKEY_INSTALLED definition in user_settings.h if you have installed key for AES + +In the example code for benchmark, it assumes that AES key is installed at DIRECT_KEY_ADDRESS which is 0x08000000U as follows: +``` +#if defined(SCEKEY_INSTALLED) + /* aes 256 */ + memcpy(guser_PKCbInfo.sce_wrapped_key_aes256.value, + (uint32_t *)DIRECT_KEY_ADDRESS, HW_SCE_AES256_KEY_INDEX_WORD_SIZE*4); + guser_PKCbInfo.sce_wrapped_key_aes256.type = SCE_KEY_INDEX_TYPE_AES256; + guser_PKCbInfo.aes256_installedkey_set = 1; + /* aes 128 */ + guser_PKCbInfo.aes128_installedkey_set = 0; +#endif +``` + +To install key, please refer [Installing and Updating Secure Keys](https://www.renesas.com/us/en/document/apn/installing-and-updating-secure-keys-ra-family). + +You can update code above to handle AES128 key when you install its key. + +3.) Run Benchmark and Crypto Test + + +## Support + +For support inquiries and questions, please email support@wolfssl.com. Feel free to reach out to info@wolfssl.jp as well. diff --git a/IDE/Renesas/e2studio/RA6M4/common/user_settings.h b/IDE/Renesas/e2studio/RA6M4/common/user_settings.h new file mode 100644 index 000000000..2284f0985 --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/common/user_settings.h @@ -0,0 +1,80 @@ +/* user_settings.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +/* Operating Environment and Threading */ +#define FREERTOS +#define FREERTOS_TCP + +#define NO_MAIN_DRIVER +#define BENCH_EMBEDDED +#define NO_WRITEV + +#define NO_DEV_RANDOM +#define SIZEOF_LONG_LONG 8 +#define NO_WOLFSSL_DIR +#define WOLFSSL_NO_CURRDIR +#define NO_WOLF_C99 +#define NO_MULTIBYTE_PRINT +#define NO_FILESYSTEM + +#define XVALIDATEDATE(d, f,t) (0) + +#define TFM_TIMING_RESISTANT +#define ECC_TIMING_RESISTANT +#define WC_RSA_BLINDING + +#define HAVE_AESGCM +#define WOLFSSL_SHA512 +#define HAVE_ECC +#define HAVE_CURVE25519 +#define CURVE25519_SMALL + +#define WOLFSSL_SMALL_STACK +#define USE_FAST_MATH + +/* static RSA */ +#define WOLFSSL_STATIC_RSA + +/* SEGGER printf */ +#define USE_SEGGER_RTT_PRINTF + +#ifdef USE_SEGGER_RTT_PRINTF + int myprintf(const char * sFormat, ...); + #undef printf + #define printf myprintf +#endif + +/* #define WOLFSSL_TLS13 */ + +#if defined(WOLFSSL_TLS13) + #include + #define HAVE_FFDHE_2048 + #define HAVE_HKDF + #define WC_RSA_PSS + #define HAVE_TLS_EXTENSIONS + #define HAVE_SUPPORTED_CURVES +#endif + +#define WOLF_CRYPTO_CB +/* Enable SCEKEY_INSTALLED if keys are installed */ +#define SCEKEY_INSTALLED +#if defined(WOLFSSL_RENESAS_SCEPROTECT) && defined(SCEKEY_INSTALLED) + #define HAVE_RENESAS_SYNC +#endif diff --git a/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h b/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h new file mode 100644 index 000000000..617dad959 --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h @@ -0,0 +1,84 @@ +/* wolfssl_demo.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#ifndef WOLFSSL_DEMO_H_ +#define WOLFSSL_DEMO_H_ + +#include +#include "FreeRTOS_IP.h" +#include "FreeRTOS_Sockets.h" + +#define FREQ 10000 /* Hz */ + +#define FLASH_HP_DF_BLOCK_0 0x08000000U /* 64 B: 0x40100000 - 0x4010003F */ +#define FLASH_HP_DF_BLOCK_1 0x08000040U /* 64 B: 0x40100040 - 0x4010007F */ +#define FLASH_HP_DF_BLOCK_2 0x08000080U /* 64 B: 0x40100080 - 0x401000BF */ +#define FLASH_HP_DF_BLOCK_3 0x080000C0U /* 64 B: 0x401000C0 - 0x401000FF */ +#define DIRECT_KEY_ADDRESS FLASH_HP_DF_BLOCK_1 + +/* Enable wolfcrypt test */ +/* can be enabled with benchmark test */ +/*#define CRYPT_TEST*/ + +/* Enable benchmark */ +/* can be enabled with cyrpt test */ +/*#define BENCHMARK*/ + +/* Enable TLS client */ +/* cannot enable with CRYPT_TEST or BENCHMARK */ +#define TLS_CLIENT +/* Specifiy cipher suites that are supported by SCE + * ClientHello specifies the cipher suite to communicate peer Server + * so that TLS handshake uses SCE protect mode + */ +#define TEST_CIPHER_SPECIFIED + +/* Use RSA certificates */ +#define USE_CERT_BUFFERS_2048 +/* Use ECC certificates */ +/*#define USE_CERT_BUFFERS_256*/ + +#if defined(USE_CERT_BUFFERS_2048) && defined(USE_CERT_BUFFERS_256) + #error please set either macro USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_256 +#endif + +void wolfSSL_TLS_client_init(); +void wolfSSL_TLS_client(); + +static void util_Cleanup(xSocket_t xSock, WOLFSSL_CTX *ctx, WOLFSSL *ssl) { + printf("Cleaning up socket and wolfSSL objects.\n"); + if (xSock != NULL) + FreeRTOS_closesocket(xSock); + if (ssl != NULL) + wolfSSL_free(ssl); + if (ctx != NULL) + wolfSSL_CTX_free(ctx); + wolfSSL_Cleanup(); +} + +static inline void util_inf_loop(xSocket_t xClientSocket, WOLFSSL_CTX *ctx, + WOLFSSL *ssl) { + util_Cleanup(xClientSocket, ctx, ssl); + printf("Reached infinite loop.\n"); + while (1) + ; +} +#endif /* WOLFSSL_DEMO_H_ */ diff --git a/IDE/Renesas/e2studio/RA6M4/include.am b/IDE/Renesas/e2studio/RA6M4/include.am new file mode 100644 index 000000000..b975dca4d --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/include.am @@ -0,0 +1,18 @@ +# vim:ft=automake +# included from Top Level Makefile.am +# All paths should be given relative to the root + +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/README.md +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/wolfssl/.project +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/.cproject +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/.project +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/test_RA6M4Debug.launch +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/src/test_main.c +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/src/SEGGER_RTT/myprint.c +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/src/common/.gitignore +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h +EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/common/user_settings.h diff --git a/IDE/Renesas/e2studio/RA6M4/test/.cproject b/IDE/Renesas/e2studio/RA6M4/test/.cproject new file mode 100644 index 000000000..7d3b1437b --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/test/.cproject @@ -0,0 +1,334 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/IDE/Renesas/e2studio/RA6M4/test/.project b/IDE/Renesas/e2studio/RA6M4/test/.project new file mode 100644 index 000000000..f8df2a741 --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/test/.project @@ -0,0 +1,49 @@ + + + test_RA6M4 + + + + + + org.eclipse.cdt.managedbuilder.core.genmakebuilder + clean,full,incremental, + + + + + org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder + full,incremental, + + + + + + org.eclipse.cdt.core.cnature + com.renesas.cdt.ra.contentgen.raExecutableNature + org.eclipse.cdt.managedbuilder.core.managedBuildNature + org.eclipse.cdt.managedbuilder.core.ScannerConfigNature + + + + src/benchmark.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/benchmark/benchmark.c + + + src/test.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/test/test.c + + + src/common/user_settings.h + 1 + PARENT-1-PROJECT_LOC/common/user_settings.h + + + src/common/wolfssl_demo.h + 1 + PARENT-1-PROJECT_LOC/common/wolfssl_demo.h + + + diff --git a/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h b/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h new file mode 100644 index 000000000..78d660a74 --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h @@ -0,0 +1,20 @@ + +#ifndef __KEY_DATA_H__ + +#include "r_sce.h" + +/** Firmware update data and user key datas */ +typedef struct user_key_block_data +{ + /* Provisioning key wapped by Renesas DLM */ + uint8_t encrypted_provisioning_key[HW_SCE_AES_CBC_IV_BYTE_SIZE * 2]; + /* Initial vector to be used when creating encrypted key */ + uint8_t iv[HW_SCE_AES_CBC_IV_BYTE_SIZE]; + /* RSA 2048 bit key, encrypted by AES128-ECB */ + uint8_t encrypted_user_rsa2048_ne_key[HW_SCE_RSA2048_NE_KEY_BYTE_SIZE + 16]; +} st_user_key_block_data_t; + + extern const unsigned char ca_cert_der_sign[]; + extern const unsigned char ca_ecc_cert_der_sign[]; + +#endif /* __KEY_DATA_H__ */ \ No newline at end of file diff --git a/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c b/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c new file mode 100644 index 000000000..abc7fcb96 --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c @@ -0,0 +1,139 @@ +/* key_data.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +#include "key_data.h" +#include "wolfssl_demo.h" + +/******************************************************************************* + * SCE Key Information + *******************************************************************************/ +const st_user_key_block_data_t g_key_block_data = +{ + /* uint8_t encrypted_provisioning_key[R_TSIP_AES_CBC_IV_BYTE_SIZE * 2]; */ + { + 0xE7, 0x1C, 0xEB, 0xCA, 0x3A, 0x64, 0x0B, 0xD2, 0xC5, 0xB8, 0xF2, 0xD0, + 0xF7, 0x1B, 0xA9, 0x4A, 0x98, 0xFF, 0xF3, 0x48, 0x81, 0xAD, 0xAF, 0x63, + 0x19, 0x24, 0x4B, 0x2B, 0xC0, 0x8B, 0x9C, 0x6B + }, + /* uint8_t iv[R_TSIP_AES_CBC_IV_BYTE_SIZE]; */ + { + 0xD7, 0x97, 0x56, 0x82, 0x5B, 0x4B, 0x7F, 0xB2, 0x1C, 0x1F, 0xEE, 0x85, + 0x02, 0xC5, 0xD0, 0xBA + }, + /* uint8_t encrypted_user_rsa2048_ne_key[R_TSIP_RSA2048_NE_KEY_BYTE_SIZE + 16]; */ + { + 0x3F, 0xA5, 0xBE, 0xBF, 0x86, 0xEC, 0x23, 0x37, 0x82, 0x37, 0x71, 0x0C, + 0x83, 0xA7, 0x8E, 0x86, 0xF0, 0x16, 0xD3, 0x7B, 0xF1, 0x25, 0xA4, 0x37, + 0x7A, 0x2D, 0x16, 0xF2, 0xFF, 0x3D, 0xEE, 0x46, 0xE0, 0x05, 0x58, 0x56, + 0xC2, 0xE7, 0x9D, 0x2C, 0x01, 0x84, 0x59, 0x8E, 0xA8, 0x9E, 0xEE, 0x3F, + 0x22, 0x83, 0x68, 0xDA, 0x9E, 0xCE, 0xEA, 0x99, 0xFD, 0xAF, 0xDF, 0x67, + 0x1E, 0x73, 0x25, 0x68, 0xBF, 0x0A, 0xDF, 0xAF, 0xC4, 0x3D, 0xF1, 0xBD, + 0x41, 0xF5, 0xAC, 0xAC, 0xA4, 0x36, 0xF8, 0x96, 0xC0, 0x8C, 0x2F, 0x1A, + 0x79, 0x75, 0x28, 0xAE, 0x67, 0xC9, 0x5A, 0xDE, 0x2A, 0xB4, 0x99, 0xDB, + 0x8C, 0x25, 0x53, 0x58, 0x8C, 0xDC, 0xA8, 0x0D, 0xFE, 0xEE, 0x0F, 0x6C, + 0x61, 0xE6, 0x43, 0x66, 0xE8, 0x4A, 0xE3, 0xEB, 0xAB, 0xA2, 0x52, 0xE4, + 0x67, 0xC2, 0x9A, 0x57, 0xA4, 0x1F, 0xE0, 0xFC, 0x2B, 0xBE, 0x25, 0xBF, + 0xF0, 0x70, 0x18, 0x88, 0x93, 0xB7, 0x2F, 0x74, 0xF8, 0xF3, 0x88, 0xB8, + 0xFA, 0x18, 0xBE, 0xC1, 0xB2, 0x24, 0x4B, 0xBC, 0x89, 0x2D, 0xC4, 0x02, + 0xB3, 0x82, 0xEC, 0xDB, 0xC9, 0xF0, 0xA9, 0xC3, 0x30, 0x7C, 0xF5, 0x15, + 0xEB, 0x9B, 0x16, 0x8C, 0x9D, 0xEF, 0x42, 0x8A, 0xCA, 0x5D, 0x28, 0xDF, + 0x68, 0xEA, 0xE0, 0xB8, 0x76, 0x7C, 0xBB, 0x4A, 0x51, 0xDD, 0x55, 0x14, + 0xB7, 0xAB, 0xD2, 0xF1, 0xB9, 0x51, 0x19, 0x05, 0x26, 0x87, 0xF7, 0x5C, + 0x69, 0x45, 0x3C, 0x82, 0xE8, 0x82, 0x05, 0x5D, 0x33, 0x8E, 0xD1, 0x42, + 0x71, 0xD6, 0x96, 0xDA, 0xAB, 0xB8, 0xC0, 0x0F, 0xF7, 0x85, 0x8A, 0x12, + 0xEF, 0xB9, 0x53, 0xFF, 0xD2, 0x95, 0x18, 0x2F, 0x0C, 0xA6, 0x72, 0x98, + 0xC3, 0xC6, 0x9B, 0x95, 0x70, 0x69, 0xC5, 0xB7, 0xD5, 0x24, 0x77, 0x05, + 0xD0, 0x68, 0x85, 0x36, 0xB8, 0x57, 0xE3, 0xED, 0x2E, 0x4D, 0x95, 0xD3, + 0xFC, 0x24, 0x1B, 0x22, 0xFA, 0x43, 0xD8, 0x62, 0x28, 0x57, 0x6B, 0x34, + 0xBF, 0xD1, 0x63, 0x4B, 0xB5, 0xF5, 0x88, 0xBC, 0xB8, 0x69, 0xF3, 0xB5 + }, +}; + +#ifndef USE_CERT_BUFFERS_256 +/* ca-cert.der.sign, + * ca-cert.der signed by RSA2048 PSS with SHA256 + * This is used for Root Certificate verify by SCE */ +const unsigned char ca_cert_der_sign[] = +{ + 0x07, 0x1A, 0x68, 0xF4, 0x53, 0x2A, 0x9B, 0x1F, 0xF7, 0x7B, + 0x5C, 0x70, 0x88, 0x46, 0x03, 0x10, 0x35, 0x0C, 0x84, 0x4F, + 0xDC, 0x09, 0x8D, 0xD8, 0x97, 0x10, 0xFA, 0xC7, 0x1D, 0x7F, + 0xCC, 0xF2, 0xC9, 0x41, 0x27, 0xBA, 0x0C, 0x93, 0x77, 0x64, + 0x46, 0x89, 0xC3, 0x36, 0x45, 0x5B, 0x2E, 0xC7, 0xCF, 0xE7, + 0xDF, 0x61, 0x95, 0x12, 0x7B, 0x9B, 0x6B, 0x8B, 0xD8, 0xBD, + 0xEA, 0x7B, 0xCD, 0xF9, 0x74, 0xA1, 0x1B, 0x41, 0x91, 0x9D, + 0xC8, 0x08, 0xBA, 0xA4, 0x69, 0x19, 0xAD, 0xE0, 0x41, 0x54, + 0xC6, 0x1A, 0x4A, 0x0E, 0xDB, 0x36, 0x23, 0xD9, 0xAC, 0xF6, + 0x1B, 0x49, 0x6D, 0x74, 0x4D, 0x67, 0x5D, 0x36, 0xB9, 0xED, + 0xC6, 0x09, 0x25, 0x13, 0x3A, 0x88, 0x3D, 0x83, 0x41, 0x16, + 0x49, 0x94, 0xC5, 0x24, 0xFC, 0xD4, 0x81, 0xAE, 0x3F, 0x03, + 0x1D, 0x9D, 0x76, 0x1F, 0x44, 0x1A, 0x91, 0xFB, 0xD7, 0x7E, + 0xB7, 0x29, 0xA3, 0x73, 0x4D, 0x72, 0x21, 0xE4, 0x70, 0x02, + 0x6F, 0xBE, 0xE0, 0x73, 0x5F, 0x44, 0x91, 0x34, 0xBC, 0x5B, + 0x93, 0x27, 0x37, 0x05, 0x48, 0x19, 0x3B, 0x50, 0x19, 0x53, + 0xC0, 0xE9, 0xA1, 0x1C, 0x26, 0xA5, 0x16, 0x80, 0xE8, 0x61, + 0x39, 0xFF, 0x8B, 0x52, 0x10, 0xF7, 0x6B, 0x7A, 0x8F, 0xEC, + 0x95, 0x1B, 0x30, 0xA4, 0xA0, 0xD7, 0xDB, 0x3F, 0xEB, 0xA5, + 0x74, 0x48, 0xBA, 0x34, 0xB3, 0x34, 0xA5, 0xC1, 0x46, 0x65, + 0x2E, 0xEA, 0xF1, 0xB9, 0x00, 0xF6, 0x13, 0xC9, 0x15, 0xC6, + 0xB0, 0x4A, 0x18, 0xA8, 0x10, 0x57, 0xDF, 0x8E, 0x09, 0x67, + 0xCC, 0xCA, 0x03, 0x15, 0x04, 0x17, 0x0A, 0xAC, 0x47, 0x8F, + 0x1B, 0x0F, 0x0B, 0x6C, 0x91, 0x98, 0xFF, 0xFD, 0xC5, 0x10, + 0x3F, 0x0A, 0xE7, 0x5D, 0x48, 0xE1, 0xD9, 0x79, 0xEB, 0xEA, + 0x8D, 0x03, 0x96, 0x44, 0xB0, 0x0B +}; + +const int sizeof_ca_cert_der_sign = sizeof(ca_cert_der_sign); +#else +/* ca-ecc-cert.der.sign, + * ca-ecc-cert.der signed by RSA2048 PSS with SHA256 + * This is used for Root Certificate verify by SCE + */ +const unsigned char ca_ecc_cert_der_sign[] = +{ + 0x07, 0xCA, 0x3B, 0x8F, 0x49, 0x26, 0x33, 0x80, 0x46, 0xFE, + 0x07, 0x91, 0x75, 0x5B, 0xC3, 0x98, 0x5F, 0x0E, 0x93, 0x0B, + 0xDF, 0x1B, 0x1B, 0x01, 0x00, 0xD0, 0x5A, 0x48, 0x81, 0x05, + 0xFC, 0x57, 0xB6, 0x0F, 0xF4, 0x6E, 0x4E, 0x7D, 0xB4, 0x14, + 0x88, 0xFF, 0x8D, 0x75, 0x7A, 0xF5, 0xDE, 0x7B, 0x74, 0xF0, + 0x98, 0x0B, 0xE2, 0x7A, 0xCB, 0xF3, 0x41, 0x70, 0xBC, 0xE2, + 0x07, 0xF7, 0x3D, 0x69, 0xAF, 0xA8, 0xDA, 0xC5, 0x92, 0xAA, + 0xE6, 0xA6, 0xF9, 0x1A, 0xED, 0x12, 0x76, 0x06, 0x1E, 0x4D, + 0x43, 0xD9, 0x27, 0xEF, 0x30, 0x3D, 0x07, 0xAF, 0x63, 0x39, + 0x3F, 0x95, 0x5F, 0xA5, 0x54, 0xFC, 0x26, 0x52, 0xFB, 0xDC, + 0x8C, 0xA6, 0x64, 0x20, 0x39, 0x35, 0x6A, 0xB9, 0xFD, 0x52, + 0x81, 0xAE, 0x56, 0x52, 0x61, 0xDD, 0xC0, 0xCE, 0x92, 0x4F, + 0xEC, 0x0C, 0x72, 0x28, 0x2E, 0x3E, 0xB3, 0x29, 0xAA, 0x8B, + 0xF1, 0xE9, 0xC7, 0x40, 0x57, 0x3C, 0xF1, 0x5D, 0xA8, 0x43, + 0x17, 0xDB, 0x6A, 0x88, 0x36, 0x1E, 0x84, 0x88, 0xA4, 0x5D, + 0x20, 0x64, 0xD5, 0x7D, 0x48, 0x72, 0xF5, 0x1E, 0x50, 0xF7, + 0xB5, 0x49, 0x07, 0xD3, 0x9C, 0xB8, 0x2C, 0x0E, 0x9D, 0x0E, + 0x4F, 0xFA, 0xB8, 0xCC, 0x4E, 0x14, 0xFD, 0xC1, 0xA4, 0x8E, + 0x6F, 0x57, 0xA8, 0x75, 0x29, 0x25, 0xD3, 0x93, 0xD6, 0xF0, + 0x22, 0xE6, 0x1A, 0x73, 0x51, 0xFA, 0x92, 0x3D, 0x0A, 0x04, + 0xCB, 0x62, 0x8C, 0x9E, 0x50, 0x65, 0x11, 0x2A, 0xB9, 0xB8, + 0x8B, 0x5C, 0x86, 0x6C, 0x37, 0x96, 0x5F, 0xEE, 0x50, 0xC0, + 0x30, 0x9E, 0x54, 0x9E, 0xB5, 0xD8, 0xBB, 0xC5, 0x1B, 0x16, + 0xB6, 0x54, 0x6B, 0x5E, 0xA4, 0x54, 0xA7, 0x04, 0xB3, 0x30, + 0x7E, 0xE9, 0xB0, 0xAB, 0x10, 0x95, 0x6C, 0xE5, 0x76, 0x75, + 0x5B, 0x52, 0xFB, 0x37, 0x4E, 0x23 +}; +static const int sizeof_ca_ecc_cert_der_sign = sizeof(ca_ecc_cert_der_sign); +#endif /* USE_CERT_BUFFERS_256 */ diff --git a/IDE/Renesas/e2studio/RA6M4/test/src/SEGGER_RTT/myprint.c b/IDE/Renesas/e2studio/RA6M4/test/src/SEGGER_RTT/myprint.c new file mode 100644 index 000000000..dda9a15fc --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/test/src/SEGGER_RTT/myprint.c @@ -0,0 +1,34 @@ +/* myprintf.c + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +#include "SEGGER_RTT.h" + +#define SEGGER_INDEX (0) + +int myprintf(const char * sFormat, ...) +{ + int r; + va_list ParamList; + + va_start(ParamList, sFormat); + r = SEGGER_RTT_vprintf(0, sFormat, &ParamList); + va_end(ParamList); + return r; +} diff --git a/IDE/Renesas/e2studio/RA6M4/test/src/common/.gitignore b/IDE/Renesas/e2studio/RA6M4/test/src/common/.gitignore new file mode 100644 index 000000000..c96a04f00 --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/test/src/common/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore \ No newline at end of file diff --git a/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c b/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c new file mode 100644 index 000000000..96199642d --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c @@ -0,0 +1,207 @@ +/* test_main.c + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#include "stdio.h" +#include "stdint.h" +#include +#include + +#if defined(WOLFSSL_RENESAS_SCEPROTECT) + #include + User_SCEPKCbInfo guser_PKCbInfo; +#endif + +#include +#include "key_data.h" +#include "hal_data.h" + +#ifdef __cplusplus +extern "C" { +void abort(void); +} +#endif + +/* the function is called just before main() to set up pins */ +/* this needs to be called to setup IO Port */ +void R_BSP_WarmStart (bsp_warm_start_event_t event) +{ + + if (BSP_WARM_START_POST_C == event) { + /* C runtime environment and system clocks are setup. */ + /* Configure pins. */ + R_IOPORT_Open(&g_ioport_ctrl, g_ioport.p_cfg); + } +} + +#if defined(TLS_CLIENT) || defined(TLS_SERVER) || defined(EXTRA_SCE_TSIP_TEST) + +extern const st_user_key_block_data_t g_key_block_data; + +/* Key type of the encrypted user_public_key 0: RSA-2048 2: ECDSA-P256*/ +uint32_t encrypted_user_key_type = 0; + +static int SetScetlsKey() +{ +#if defined(WOLFSSL_RENESAS_SCEPROTECT) + + #if defined(TLS_CLIENT) || defined(EXTRA_SCE_TSIP_TEST) + + #if defined(USE_CERT_BUFFERS_256) + wc_sce_inform_cert_sign((const byte *)ca_ecc_cert_der_sign); + encrypted_user_key_type = 2; + #else + wc_sce_inform_cert_sign((const byte *)ca_cert_der_sign); + #endif + wc_sce_inform_user_keys( + (byte*)&g_key_block_data.encrypted_provisioning_key, + (byte*)&g_key_block_data.iv, + (byte*)&g_key_block_data.encrypted_user_rsa2048_ne_key, + encrypted_user_key_type); + #if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC) + guser_PKCbInfo.user_key_id = 0; /* not use user key id */ + #endif + + #elif defined(TLS_SERVER) + + wc_sce_inform_cert_sign((const byte *)client_cert_der_sign); + wc_sce_inform_user_keys( + (byte*)&g_key_block_data.encrypted_provisioning_key, + (byte*)&g_key_block_data.iv, + (byte*)&g_key_block_data.encrypted_user_rsa2048_ne_key, + encrypted_user_key_type); + + #endif + +#endif + return 0; +} +#endif + +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + + +void wolfcrypt_test(func_args args); +int benchmark_test(void *args); + + +void sce_test(void) +{ + +#if defined(CRYPT_TEST) || defined(BENCHMARK) +#if defined(CRYPT_TEST) + int ret; + func_args args = { 0 }; + + if ((ret = wolfCrypt_Init()) != 0) { + printf("wolfCrypt_Init failed %d\n", ret); + } + + printf("Start wolfCrypt Test\n"); + wolfcrypt_test(args); + printf("End wolfCrypt Test\n"); + + if ((ret = wolfCrypt_Cleanup()) != 0) { + printf("wolfCrypt_Cleanup failed %d\n", ret); + } +#endif +#if defined(BENCHMARK) + #include "hal_data.h" + #include "r_sce.h" + + printf("Prepare Installed key\n"); +#if defined(WOLFSSL_RENESAS_SCEPROTECT) && defined(SCEKEY_INSTALLED) + /* aes 256 */ + memcpy(guser_PKCbInfo.sce_wrapped_key_aes256.value, + (uint32_t *)DIRECT_KEY_ADDRESS, HW_SCE_AES256_KEY_INDEX_WORD_SIZE*4); + guser_PKCbInfo.sce_wrapped_key_aes256.type = SCE_KEY_INDEX_TYPE_AES256; + guser_PKCbInfo.aes256_installedkey_set = 1; + /* aes 128 */ + guser_PKCbInfo.aes128_installedkey_set = 0; +#endif + printf("Start wolfCrypt Benchmark\n"); + benchmark_test(NULL); + printf("End wolfCrypt Benchmark\n"); +#endif + +#elif defined(TLS_CLIENT) + #include "hal_data.h" + #include "r_sce.h" + + #if defined(USE_CERT_BUFFERS_256) + #if defined(TEST_CIPHER_SPECIFIED) + const char* cipherlist[] = { + "ECDHE-ECDSA-AES128-SHA256", + "ECDHE-ECDSA-AES128-GCM-SHA256" + }; + const int cipherlist_sz = 2; + #else + const char* cipherlist[] = { + NULL + }; + const int cipherlist_sz = 1; + #endif /* TEST_CIPHER_SPECIFIED */ + + #else + #if defined(TEST_CIPHER_SPECIFIED) + const char* cipherlist[] = { + "AES128-SHA256", + "AES256-SHA256", + "ECDHE-RSA-AES128-SHA256", + "ECDHE-RSA-AES128-GCM-SHA256" + }; + const int cipherlist_sz = 4; + #else + const char* cipherlist[] = { + NULL + }; + const int cipherlist_sz = 1; + #endif /* TEST_CIPHER_SPECIFIED */ + #endif + + int i = 0; + + SetScetlsKey(); + + TCPInit(); + + do { + if(cipherlist_sz > 0 && cipherlist[i] != NULL ) + printf("cipher : %s\n", cipherlist[i]); + + wolfSSL_TLS_client_init(cipherlist[i]); + wolfSSL_TLS_client(); + + i++; + } while (i < cipherlist_sz); +#endif +} + +#ifdef __cplusplus +void abort(void) +{ + +} +#endif diff --git a/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c b/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c new file mode 100644 index 000000000..4aa1463a3 --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c @@ -0,0 +1,189 @@ +/* wolf_client.c + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#include "wolfssl_demo.h" + +#include +#include +#include +#include "wolfssl/wolfcrypt/settings.h" +#include "wolfssl/ssl.h" +#include "wolfssl/certs_test.h" + +uint32_t g_encrypted_root_public_key[140]; +static WOLFSSL_CTX *client_ctx; + +extern uint8_t g_ether0_mac_address[6]; +typedef struct user_EccPKCbInfo; +extern struct user_PKCbInfo guser_PKCbInfo; +static const byte ucIPAddress[4] = { 192, 168, 11, 241 }; +static const byte ucNetMask[4] = { 255, 255, 255, 0 }; +static const byte ucGatewayAddress[4] = { 192, 168, 11, 1 }; +static const byte ucDNSServerAddress[4] = { 192, 168, 11, 1 }; + +/* Client connects to the server with these details. */ +#define SERVER_IP "192.168.11.40" +#define DEFAULT_PORT 11111 + +#define FR_SOCKET_SUCCESS 0 + +void TCPInit( ) +{ + BaseType_t fr_status; + + /* FreeRTOS+TCP Ethernet and IP Setup */ + fr_status = FreeRTOS_IPInit(ucIPAddress, + ucNetMask, + ucGatewayAddress, + ucDNSServerAddress, + g_ether0_mac_address); + if (pdPASS != fr_status) { + printf("Error [%ld]: FreeRTOS_IPInit.\n",fr_status); + } +} + +void wolfSSL_TLS_client_init(const char* cipherlist) +{ + + #ifndef NO_FILESYSTEM + #ifdef USE_ECC_CERT + char *cert = "./certs/ca-ecc-cert.pem"; + #else + char *cert = "./certs/ca-cert.pem"; + #endif + #else + #ifdef USE_CERT_BUFFERS_256 + const unsigned char *cert = ca_ecc_cert_der_256; + #define SIZEOF_CERT sizeof_ca_ecc_cert_der_256 + #else + const unsigned char *cert = ca_cert_der_2048; + #define SIZEOF_CERT sizeof_ca_cert_der_2048 + #endif + #endif + + wolfSSL_Init(); + #ifdef DEBUG_WOLFSSL + wolfSSL_Debugging_ON(); + #endif + + /* Create and initialize WOLFSSL_CTX */ + if ((client_ctx = wolfSSL_CTX_new(wolfSSLv23_client_method_ex((void *)NULL))) == NULL) { + printf("ERROR: failed to create WOLFSSL_CTX\n"); + return; + } + #if defined(WOLFSSL_RENESAS_SCEPROTECT) + /* set callback functions for ECC */ + wc_sce_set_callbacks(client_ctx); + #endif + + #if !defined(NO_FILESYSTEM) + if (wolfSSL_CTX_load_verify_locations(client_ctx, cert, 0) != SSL_SUCCESS) { + printf("ERROR: can't load \"%s\"\n", cert); + return NULL; + } + #else + if (wolfSSL_CTX_load_verify_buffer(client_ctx, cert, SIZEOF_CERT, SSL_FILETYPE_ASN1) != SSL_SUCCESS){ + printf("ERROR: can't load certificate data\n"); + return; + } + #endif + + /* use specific cipher */ + if (cipherlist != NULL && wolfSSL_CTX_set_cipher_list(client_ctx, cipherlist) != WOLFSSL_SUCCESS) { + wolfSSL_CTX_free(client_ctx); client_ctx = NULL; + printf("client can't set cipher list 1"); + } +} + +void wolfSSL_TLS_client( ) +{ + int ret; + /* FreeRTOS+TCP Objects */ + socklen_t xSize = sizeof(struct freertos_sockaddr); + xSocket_t xClientSocket = NULL; + struct freertos_sockaddr xRemoteAddress; + + WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)client_ctx; + WOLFSSL *ssl; + + #define BUFF_SIZE 256 + static const char sendBuff[]= "Hello Server\n" ; + + char rcvBuff[BUFF_SIZE] = {0}; + + /* Client Socket Setup */ + xRemoteAddress.sin_port = FreeRTOS_htons(DEFAULT_PORT); + xRemoteAddress.sin_addr = FreeRTOS_inet_addr(SERVER_IP); + + /* Create a FreeRTOS TCP Socket and connect */ + xClientSocket = FreeRTOS_socket(FREERTOS_AF_INET, + FREERTOS_SOCK_STREAM, + FREERTOS_IPPROTO_TCP); + configASSERT(xClientSocket != FREERTOS_INVALID_SOCKET); + FreeRTOS_bind(xClientSocket, &xRemoteAddress, sizeof(xSize)); + + /* Client Socket Connect */ + ret = FreeRTOS_connect(xClientSocket, + &xRemoteAddress, + sizeof(xRemoteAddress)); + if (ret != FR_SOCKET_SUCCESS) { + printf("Error [%d]: FreeRTOS_connect.\n",ret); + util_inf_loop(xClientSocket, ctx, ssl); + } + + if((ssl = wolfSSL_new(ctx)) == NULL) { + printf("ERROR wolfSSL_new: %d\n", wolfSSL_get_error(ssl, 0)); + return; + } + #if defined(WOLFSSL_RENESAS_SCEPROTECT) + /* set callback ctx */ + wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo); + #endif + /* Attach wolfSSL to the socket */ + ret = wolfSSL_set_fd(ssl, (int) xClientSocket); + if (ret != WOLFSSL_SUCCESS) { + printf("Error [%d]: wolfSSL_set_fd.\n",ret); + util_inf_loop(xClientSocket, ctx, ssl); + } + + if(wolfSSL_connect(ssl) != SSL_SUCCESS) { + printf("ERROR SSL connect: %d\n", wolfSSL_get_error(ssl, 0)); + return; + } + + if (wolfSSL_write(ssl, sendBuff, strlen(sendBuff)) != strlen(sendBuff)) { + printf("ERROR SSL write: %d\n", wolfSSL_get_error(ssl, 0)); + return; + } + + if ((ret=wolfSSL_read(ssl, rcvBuff, BUFF_SIZE)) < 0) { + printf("ERROR SSL read: %d\n", wolfSSL_get_error(ssl, 0)); + return; + } + + rcvBuff[ret] = '\0' ; + printf("Received: %s\n\n", rcvBuff); + + /* frees all data before client termination */ + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + wolfSSL_Cleanup(); +} diff --git a/IDE/Renesas/e2studio/RA6M4/test/test_RA6M4Debug.launch b/IDE/Renesas/e2studio/RA6M4/test/test_RA6M4Debug.launch new file mode 100644 index 000000000..3a98cbf6b --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/test/test_RA6M4Debug.launch @@ -0,0 +1,78 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject b/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject new file mode 100644 index 000000000..b3a924d7b --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject @@ -0,0 +1,345 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/IDE/Renesas/e2studio/RA6M4/wolfssl/.project b/IDE/Renesas/e2studio/RA6M4/wolfssl/.project new file mode 100644 index 000000000..9dc12ee0b --- /dev/null +++ b/IDE/Renesas/e2studio/RA6M4/wolfssl/.project @@ -0,0 +1,430 @@ + + + wolfSSL_RA6M4 + + + + + + com.renesas.cdt.ddsc.contentgen.ddscBuilder + + + + + org.eclipse.cdt.managedbuilder.core.genmakebuilder + clean,full,incremental, + + + + + org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder + full,incremental, + + + + + com.renesas.cdt.ddsc.contentgen.ddscInterlockBundleBuilder + + + + + + org.eclipse.cdt.core.cnature + org.eclipse.cdt.managedbuilder.core.managedBuildNature + org.eclipse.cdt.managedbuilder.core.ScannerConfigNature + com.renesas.cdt.ddsc.contentgen.ddscNature + com.renesas.cdt.ra.contentgen.raNature + + + + wolfCrypt/aes.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/aes.c + + + wolfCrypt/arc4.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/arc4.c + + + wolfCrypt/asm.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/asm.c + + + wolfCrypt/asn.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/asn.c + + + wolfCrypt/blake2b.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/blake2b.c + + + wolfCrypt/camellia.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/camellia.c + + + wolfCrypt/chacha.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/chacha.c + + + wolfCrypt/chacha20_poly1305.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/chacha20_poly1305.c + + + wolfCrypt/cmac.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/cmac.c + + + wolfCrypt/coding.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/coding.c + + + wolfCrypt/compress.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/compress.c + + + wolfCrypt/cpuid.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/cpuid.c + + + wolfCrypt/cryptocb.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/cryptocb.c + + + wolfCrypt/curve25519.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/curve25519.c + + + wolfCrypt/des3.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/des3.c + + + wolfCrypt/dh.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/dh.c + + + wolfCrypt/dsa.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/dsa.c + + + wolfCrypt/ecc.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/ecc.c + + + wolfCrypt/ecc_fp.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/ecc_fp.c + + + wolfCrypt/ed25519.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/ed25519.c + + + wolfCrypt/error.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/error.c + + + wolfCrypt/fe_low_mem.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/fe_low_mem.c + + + wolfCrypt/fe_operations.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/fe_operations.c + + + wolfCrypt/ge_low_mem.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/ge_low_mem.c + + + wolfCrypt/ge_operations.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/ge_operations.c + + + wolfCrypt/hash.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/hash.c + + + wolfCrypt/hc128.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/hc128.c + + + wolfCrypt/hmac.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/hmac.c + + + wolfCrypt/idea.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/idea.c + + + wolfCrypt/integer.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/integer.c + + + wolfCrypt/kdf.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/kdf.c + + + wolfCrypt/logging.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/logging.c + + + wolfCrypt/md2.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/md2.c + + + wolfCrypt/md4.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/md4.c + + + wolfCrypt/md5.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/md5.c + + + wolfCrypt/memory.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/memory.c + + + wolfCrypt/pkcs12.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/pkcs12.c + + + wolfCrypt/pkcs7.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/pkcs7.c + + + wolfCrypt/poly1305.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/poly1305.c + + + wolfCrypt/pwdbased.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/pwdbased.c + + + wolfCrypt/rabbit.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/rabbit.c + + + wolfCrypt/random.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/random.c + + + wolfCrypt/rsa.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/rsa.c + + + wolfCrypt/sha.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sha.c + + + wolfCrypt/sha256.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sha256.c + + + wolfCrypt/sha3.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sha3.c + + + wolfCrypt/sha512.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sha512.c + + + wolfCrypt/signature.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/signature.c + + + wolfCrypt/sp_arm32.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_arm32.c + + + wolfCrypt/sp_arm64.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_arm64.c + + + wolfCrypt/sp_armthumb.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_armthumb.c + + + wolfCrypt/sp_c32.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_c32.c + + + wolfCrypt/sp_c64.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_c64.c + + + wolfCrypt/sp_cortexm.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_cortexm.c + + + wolfCrypt/sp_dsp32.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_dsp32.c + + + wolfCrypt/sp_int.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_int.c + + + wolfCrypt/sp_x86_64.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_x86_64.c + + + wolfCrypt/srp.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/srp.c + + + wolfCrypt/tfm.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/tfm.c + + + wolfCrypt/wc_dsp.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_dsp.c + + + wolfCrypt/wc_encrypt.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_encrypt.c + + + wolfCrypt/wc_pkcs11.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_pkcs11.c + + + wolfCrypt/wc_port.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_port.c + + + wolfCrypt/wolfevent.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/wolfevent.c + + + wolfCrypt/wolfmath.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/wolfmath.c + + + wolfSSL/crl.c + 1 + PARENT-5-PROJECT_LOC/src/crl.c + + + wolfSSL/internal.c + 1 + PARENT-5-PROJECT_LOC/src/internal.c + + + wolfSSL/keys.c + 1 + PARENT-5-PROJECT_LOC/src/keys.c + + + wolfSSL/ocsp.c + 1 + PARENT-5-PROJECT_LOC/src/ocsp.c + + + wolfSSL/sniffer.c + 1 + PARENT-5-PROJECT_LOC/src/sniffer.c + + + wolfSSL/ssl.c + 1 + PARENT-5-PROJECT_LOC/src/ssl.c + + + wolfSSL/tls.c + 1 + PARENT-5-PROJECT_LOC/src/tls.c + + + wolfSSL/tls13.c + 1 + PARENT-5-PROJECT_LOC/src/tls13.c + + + wolfSSL/wolfio.c + 1 + PARENT-5-PROJECT_LOC/src/wolfio.c + + + wolfCrypt/port/renesas_common.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_common.c + + + wolfCrypt/port/renesas_sce_aes.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_aes.c + + + wolfCrypt/port/renesas_sce_sha.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_sha.c + + + wolfCrypt/port/renesas_sce_util.c + 1 + PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_util.c + + + diff --git a/IDE/include.am b/IDE/include.am index 7d12b578a..f20b73715 100644 --- a/IDE/include.am +++ b/IDE/include.am @@ -31,6 +31,7 @@ include IDE/Renesas/e2studio/Projects/include.am include IDE/Renesas/e2studio/RA6M3/include.am include IDE/Renesas/e2studio/GR-ROSE/include.am include IDE/Renesas/e2studio/RX72NEnvisionKit/include.am +include IDE/Renesas/e2studio/RA6M4/include.am include IDE/WICED-STUDIO/include.am include IDE/CRYPTOCELL/include.am include IDE/M68K/include.am diff --git a/src/internal.c b/src/internal.c index ed0dcd68f..3ef8a108f 100644 --- a/src/internal.c +++ b/src/internal.c @@ -225,6 +225,10 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int tsip_generatePremasterSecret(); int tsip_generateEncryptPreMasterSecret(WOLFSSL *ssl, byte *out, word32 *outSz); #endif +#if defined(WOLFSSL_RENESAS_SCEPROTECT) +#include +#endif + #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) static int SessionSecret_callback(WOLFSSL* ssl, void* secret, @@ -1817,7 +1821,11 @@ int wolfSSL_session_import_internal(WOLFSSL* ssl, const unsigned char* buf, /* set hmac function to use when verifying */ if (ssl->options.tls == 1 || ssl->options.tls1_1 == 1 || ssl->options.dtls == 1) { + #if !defined(WOLFSSL_RENESAS_SCEPROTECT) ssl->hmac = TLS_hmac; + #else + ssl->hmac = Renesas_cmn_TLS_hmac; + #endif } /* do not allow stream ciphers with DTLS, except for NULL cipher */ @@ -4298,6 +4306,7 @@ int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo, int hashAlgo, RsaKey* key, buffer* keyBufInfo) { int ret; + #ifdef HAVE_PK_CALLBACKS const byte* keyBuf = NULL; word32 keySz = 0; @@ -4348,7 +4357,11 @@ int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo, void* ctx = wolfSSL_GetRsaVerifyCtx(ssl); ret = ssl->ctx->RsaVerifyCb(ssl, in, inSz, out, keyBuf, keySz, ctx); } + #if !defined(WOLFSSL_RENESAS_SCEPROTECT) else + #else + if (!ssl->ctx->RsaVerifyCb || ret == CRYPTOCB_UNAVAILABLE) + #endif #endif /*HAVE_PK_CALLBACKS */ { ret = wc_RsaSSL_VerifyInline(in, inSz, out, key); @@ -4593,7 +4606,11 @@ int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz, void* ctx = wolfSSL_GetRsaEncCtx(ssl); ret = ssl->ctx->RsaEncCb(ssl, in, inSz, out, outSz, keyBuf, keySz, ctx); } + #if !defined(WOLFSSL_RENESAS_SCEPROTECT) else + #else + if (!ssl->ctx->RsaEncCb || ret == CRYPTOCB_UNAVAILABLE) + #endif #endif /* HAVE_PK_CALLBACKS */ { ret = wc_RsaPublicEncrypt(in, inSz, out, *outSz, key, ssl->rng); @@ -4707,7 +4724,11 @@ int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out, ret = ssl->ctx->EccVerifyCb(ssl, in, inSz, out, outSz, keyBuf, keySz, &ssl->eccVerifyRes, ctx); } + #if !defined(WOLFSSL_RENESAS_SCEPROTECT) else + #else + if (!ssl->ctx->EccVerifyCb || ret == CRYPTOCB_UNAVAILABLE) + #endif #endif /* HAVE_PK_CALLBACKS */ { ret = wc_ecc_verify_hash(in, inSz, out, outSz, &ssl->eccVerifyRes, key); @@ -6375,7 +6396,11 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) #ifndef NO_OLD_TLS ssl->hmac = SSL_hmac; /* default to SSLv3 */ #elif !defined(WOLFSSL_NO_TLS12) + #if !defined(WOLFSSL_RENESAS_SCEPROTECT) ssl->hmac = TLS_hmac; + #else + ssl->hmac = Renesas_cmn_TLS_hmac; + #endif #endif #endif @@ -7029,8 +7054,8 @@ void SSL_ResourceFree(WOLFSSL* ssl) FreeKey(ssl, DYNAMIC_TYPE_RSA, (void**)&ssl->peerRsaKey); ssl->peerRsaKeyPresent = 0; #endif -#ifdef WOLFSSL_RENESAS_TSIP_TLS - XFREE(ssl->peerTsipEncRsaKeyIndex, ssl->heap, DYNAMIC_TYPE_RSA); +#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) + XFREE(ssl->peerSceTsipEncRsaKeyIndex, ssl->heap, DYNAMIC_TYPE_RSA); #endif if (ssl->buffers.inputBuffer.dynamicFlag) ShrinkInputBuffer(ssl, FORCED_FREE); @@ -11044,17 +11069,31 @@ int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx) /* only setup the verify callback if a PK is set */ #ifdef HAVE_ECC + #if defined(WOLFSSL_RENESAS_SCEPROTECT) + sigCtx->pkCbEcc = Renesas_cmn_SigPkCbEccVerify; + sigCtx->pkCtxEcc = (void*)&sigCtx->CertAtt; + (void)SigPkCbEccVerify; + #else if (ssl->ctx->EccVerifyCb) { sigCtx->pkCbEcc = SigPkCbEccVerify; sigCtx->pkCtxEcc = ssl; } + #endif + #endif #ifndef NO_RSA /* only setup the verify callback if a PK is set */ + #if defined(WOLFSSL_RENESAS_SCEPROTECT) + sigCtx->pkCbRsa = Renesas_cmn_SigPkCbRsaVerify; + sigCtx->pkCtxRsa = (void*)&sigCtx->CertAtt; + (void)SigPkCbRsaVerify; + #else if (ssl->ctx->RsaVerifyCb) { sigCtx->pkCbRsa = SigPkCbRsaVerify; sigCtx->pkCtxRsa = ssl; } + #endif + #endif return 0; @@ -12783,21 +12822,22 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, } else { ssl->peerRsaKeyPresent = 1; - #ifdef WOLFSSL_RENESAS_TSIP_TLS + #if defined(WOLFSSL_RENESAS_TSIP_TLS) || \ + defined(WOLFSSL_RENESAS_SCEPROTECT) /* copy encrypted tsip key index into ssl object */ - if (args->dCert->tsip_encRsaKeyIdx) { - if (!ssl->peerTsipEncRsaKeyIndex) { - ssl->peerTsipEncRsaKeyIndex = (byte*)XMALLOC( + if (args->dCert->sce_tsip_encRsaKeyIdx) { + if (!ssl->peerSceTsipEncRsaKeyIndex) { + ssl->peerSceTsipEncRsaKeyIndex = (byte*)XMALLOC( TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY, ssl->heap, DYNAMIC_TYPE_RSA); - if (!ssl->peerTsipEncRsaKeyIndex) { + if (!ssl->peerSceTsipEncRsaKeyIndex) { args->lastErr = MEMORY_E; goto exit_ppc; } } - XMEMCPY(ssl->peerTsipEncRsaKeyIndex, - args->dCert->tsip_encRsaKeyIdx, + XMEMCPY(ssl->peerSceTsipEncRsaKeyIndex, + args->dCert->sce_tsip_encRsaKeyIdx, TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY); } #endif @@ -12846,7 +12886,24 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, { int keyRet = 0; word32 idx = 0; + #if defined(WOLFSSL_RENESAS_SCEPROTECT) + /* copy encrypted tsip/sce key index into ssl object */ + if (args->dCert->sce_tsip_encRsaKeyIdx) { + if (!ssl->peerSceTsipEncRsaKeyIndex) { + ssl->peerSceTsipEncRsaKeyIndex = (byte*)XMALLOC( + TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY, + ssl->heap, DYNAMIC_TYPE_RSA); + if (!ssl->peerSceTsipEncRsaKeyIndex) { + args->lastErr = MEMORY_E; + ERROR_OUT(MEMORY_ERROR, exit_ppc); + } + } + XMEMCPY(ssl->peerSceTsipEncRsaKeyIndex, + args->dCert->sce_tsip_encRsaKeyIdx, + TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY); + } + #endif if (ssl->peerEccDsaKey == NULL) { /* alloc/init on demand */ keyRet = AllocKey(ssl, DYNAMIC_TYPE_ECC, @@ -12865,6 +12922,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, } else { ssl->peerEccDsaKeyPresent = 1; + #ifdef HAVE_PK_CALLBACKS if (ssl->buffers.peerEccDsaKey.buffer) XFREE(ssl->buffers.peerEccDsaKey.buffer, @@ -16652,6 +16710,19 @@ static WC_INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz, padByte = 1; if (ssl->options.tls) { +#if !defined(NO_CERTS) && defined(HAVE_PK_CALLBACKS) + ret = PROTOCOLCB_UNAVAILABLE; + if(ssl->ctx->VerifyMacCb) { + void* ctx = wolfSSL_GetVerifyMacCtx(ssl); + ret = ssl->ctx->VerifyMacCb(ssl, input, + (msgSz - ivExtra) - digestSz - pad - 1, + digestSz, content, ctx); + if (ret != 0 && ret != PROTOCOLCB_UNAVAILABLE) { + return ret; + } + } + if (!ssl->ctx->VerifyMacCb || ret == PROTOCOLCB_UNAVAILABLE) +#endif ret = TimingPadVerify(ssl, input, pad, digestSz, msgSz - ivExtra, content); if (ret != 0) @@ -24867,6 +24938,14 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, #endif case rsa_sa_algo: { + #if defined(WOLFSSL_RENESAS_SCEPROTECT) && \ + defined(WOLFSSL_RENESAS_SCEPROTECT_ECC) + /* already checked signature result by SCE */ + /* skip the sign checks below */ + if (Renesas_cmn_usable(ssl, 0)) { + break; + } + #endif if (IsAtLeastTLSv1_2(ssl)) { #ifdef WOLFSSL_SMALL_STACK byte* encodedSig; @@ -25330,6 +25409,16 @@ int SendClientKeyExchange(WOLFSSL* ssl) #ifndef NO_RSA case rsa_kea: { + #if defined(HAVE_PK_CALLBACKS) + if (ssl->ctx->GenPreMasterCb) { + void* ctx = wolfSSL_GetGenPreMasterCtx(ssl); + ret = ssl->ctx->GenPreMasterCb(ssl, ssl->arrays->preMasterSecret, ENCRYPT_LEN, ctx); + if (ret != 0 && ret != PROTOCOLCB_UNAVAILABLE) { + goto exit_scke; + } + } + if (!ssl->ctx->GenPreMasterCb || ret == PROTOCOLCB_UNAVAILABLE) { + #endif /* build PreMasterSecret with RNG data */ #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \ !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION) @@ -25342,19 +25431,21 @@ int SendClientKeyExchange(WOLFSSL* ssl) ret = wc_RNG_GenerateBlock(ssl->rng, &ssl->arrays->preMasterSecret[VERSION_SZ], SECRET_LEN - VERSION_SZ); - #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \ - !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION) + #if (defined(WOLFSSL_RENESAS_TSIP_TLS) && \ + !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION)) } #endif if (ret != 0) { goto exit_scke; } - + ssl->arrays->preMasterSecret[0] = ssl->chVersion.major; ssl->arrays->preMasterSecret[1] = ssl->chVersion.minor; - ssl->arrays->preMasterSz = SECRET_LEN; - + ssl->arrays->preMasterSz = SECRET_LEN; + #if defined(HAVE_PK_CALLBACKS) + } + #endif break; } #endif /* !NO_RSA */ diff --git a/src/keys.c b/src/keys.c index caf004653..f162af097 100644 --- a/src/keys.c +++ b/src/keys.c @@ -42,6 +42,11 @@ !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION) int tsip_useable(const WOLFSSL *ssl); #endif + +#if defined(WOLFSSL_RENESAS_SCEPROTECT) +#include +#endif + int SetCipherSpecs(WOLFSSL* ssl) { #ifndef NO_WOLFSSL_CLIENT @@ -2101,7 +2106,11 @@ int SetCipherSpecs(WOLFSSL* ssl) #ifndef NO_TLS ssl->options.tls = 1; #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) + #if !defined(WOLFSSL_RENESAS_SCEPROTECT) ssl->hmac = TLS_hmac; + #else + ssl->hmac = Renesas_cmn_TLS_hmac; + #endif #endif if (ssl->version.minor >= 2) { ssl->options.tls1_1 = 1; @@ -2118,7 +2127,11 @@ int SetCipherSpecs(WOLFSSL* ssl) #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_AEAD_ONLY) if (ssl->options.dtls) + #if !defined(WOLFSSL_RENESAS_SCEPROTECT) ssl->hmac = TLS_hmac; + #else + ssl->hmac = Renesas_cmn_TLS_hmac; + #endif #endif return 0; @@ -3096,13 +3109,22 @@ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side) } #endif -#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \ - !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION) +#if (defined(WOLFSSL_RENESAS_TSIP_TLS) && \ + !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION)) /* check if keys for TSIP has been created */ if (tsip_useable(ssl) == 1) ret = 0; else #endif + +#if !defined(NO_CERTS) && defined(HAVE_PK_CALLBACKS) + ret = PROTOCOLCB_UNAVAILABLE; + if (ssl->ctx->EncryptKeysCb) { + void* ctx = wolfSSL_GetEncryptKeysCtx(ssl); + ret = ssl->ctx->EncryptKeysCb(ssl, ctx); + } + if (!ssl->ctx->EncryptKeysCb || ret == PROTOCOLCB_UNAVAILABLE) +#endif ret = SetKeys(wc_encrypt, wc_decrypt, keys, &ssl->specs, ssl->options.side, ssl->heap, ssl->devId, ssl->rng, ssl->options.tls1_3); diff --git a/src/ssl.c b/src/ssl.c index 7cb5aa7be..a93f238e6 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -238,13 +238,8 @@ const WOLF_EC_NIST_NAME kNistCurves[] = { }; #endif -#if defined(WOLFSSL_RENESAS_TSIP_TLS) - /* for root ca verification */ -int tsip_tls_RootCertVerify(const byte *cert, word32 cert_len, - word32 key_n_start, word32 key_n_len, - word32 key_e_start, word32 key_e_len, - word32 cm_row); -byte tsip_rootCAverified( ); +#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) +#include #endif #ifdef WOLFSSL_SESSION_EXPORT @@ -4998,7 +4993,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) FreeSigner(signer, cm->heap); } } -#if defined(WOLFSSL_RENESAS_TSIP_TLS) +#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) /* Verify CA by TSIP so that generated tsip key is going to be able to */ /* be used for peer's cert verification */ /* TSIP is only able to handle USER CA, and only one CA. */ @@ -5006,18 +5001,21 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) /* verified CA. */ if ( ret == 0 && signer != NULL ) { signer->cm_idx = row; - if (type == WOLFSSL_USER_CA && tsip_rootCAverified() == 0 ) { - if ((ret = tsip_tls_RootCertVerify(cert->source, cert->maxIdx, - cert->sigCtx.pubkey_n_start, cert->sigCtx.pubkey_n_len - 1, - cert->sigCtx.pubkey_e_start, cert->sigCtx.pubkey_e_len - 1, + if (type == WOLFSSL_USER_CA) { + if ((ret = wc_Renesas_cmn_RootCertVerify(cert->source, cert->maxIdx, + cert->sigCtx.CertAtt.pubkey_n_start, + cert->sigCtx.CertAtt.pubkey_n_len - 1, + cert->sigCtx.CertAtt.pubkey_e_start, + cert->sigCtx.CertAtt.pubkey_e_len - 1, row/* cm index */)) - != 0) - WOLFSSL_MSG("tsip_tls_RootCertVerify() failed"); + < 0) + WOLFSSL_MSG("Renesas_RootCertVerify() failed"); else - WOLFSSL_MSG("tsip_tls_RootCertVerify() succeed"); + WOLFSSL_MSG("Renesas_RootCertVerify() succeed or skipped"); } } -#endif +#endif /* TSIP or SCE */ + WOLFSSL_MSG("\tFreeing Parsed CA"); FreeDecodedCert(cert); #ifdef WOLFSSL_SMALL_STACK @@ -41978,6 +41976,135 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl) } #endif /* NO_RSA */ +/* callback for premaster secret generation */ +void wolfSSL_CTX_SetGenPreMasterCb(WOLFSSL_CTX* ctx, CallbackGenPreMaster cb) +{ + if (ctx) + ctx->GenPreMasterCb = cb; +} +/* Set premaster secret generation callback context */ +void wolfSSL_SetGenPreMasterCtx(WOLFSSL* ssl, void *ctx) +{ + if (ssl) + ssl->GenPreMasterCtx = ctx; +} +/* Get premaster secret generation callback context */ +void* wolfSSL_GetGenPreMasterCtx(WOLFSSL* ssl) +{ + if (ssl) + return ssl->GenPreMasterCtx; + + return NULL; +} + +/* callback for master secret generation */ +void wolfSSL_CTX_SetGenMasterSecretCb(WOLFSSL_CTX* ctx, CallbackGenMasterSecret cb) +{ + if (ctx) + ctx->GenMasterCb = cb; +} +/* Set master secret generation callback context */ +void wolfSSL_SetGenMasterSecretCtx(WOLFSSL* ssl, void *ctx) +{ + if (ssl) + ssl->GenMasterCtx = ctx; +} +/* Get master secret generation callback context */ +void* wolfSSL_GetGenMasterSecretCtx(WOLFSSL* ssl) +{ + if (ssl) + return ssl->GenMasterCtx; + + return NULL; +} + +/* callback for session key generation */ +void wolfSSL_CTX_SetGenSessionKeyCb(WOLFSSL_CTX* ctx, CallbackGenSessionKey cb) +{ + if (ctx) + ctx->GenSessionKeyCb = cb; +} +/* Set sesssion key generation callback context */ +void wolfSSL_SetGenSessionKeyCtx(WOLFSSL* ssl, void *ctx) +{ + if (ssl) + ssl->GenSessionKeyCtx = ctx; +} +/* Get sesssion key generation callback context */ +void* wolfSSL_GetGenSessionKeyCtx(WOLFSSL* ssl) +{ + if (ssl) + return ssl->GenSessionKeyCtx; + + return NULL; +} + +/* callback for setting encryption keys */ +void wolfSSL_CTX_SetEncryptKeysCb(WOLFSSL_CTX* ctx, CallbackEncryptKeys cb) +{ + if (ctx) + ctx->EncryptKeysCb = cb; +} +/* Set encryption keys callback context */ +void wolfSSL_SetEncryptKeysCtx(WOLFSSL* ssl, void *ctx) +{ + if (ssl) + ssl->EncryptKeysCtx = ctx; +} +/* Get encryption keys callback context */ +void* wolfSSL_GetEncryptKeysCtx(WOLFSSL* ssl) +{ + if (ssl) + return ssl->EncryptKeysCtx; + + return NULL; +} + +/* callback for Tls finished */ +/* the callback can be used to build TLS Finished message if enabled */ +void wolfSSL_CTX_SetTlsFinishedCb(WOLFSSL_CTX* ctx, CallbackTlsFinished cb) +{ + if (ctx) + ctx->TlsFinishedCb = cb; +} +/* Set Tls finished callback context */ +void wolfSSL_SetTlsFinishedCtx(WOLFSSL* ssl, void *ctx) +{ + if (ssl) + ssl->TlsFinishedCtx = ctx; +} +/* Get Tls finished callback context */ +void* wolfSSL_GetTlsFinishedCtx(WOLFSSL* ssl) +{ + if (ssl) + return ssl->TlsFinishedCtx; + + return NULL; +} +#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) +/* callback for verify data */ +void wolfSSL_CTX_SetVerifyMacCb(WOLFSSL_CTX* ctx, CallbackVerifyMac cb) +{ + if (ctx) + ctx->VerifyMacCb = cb; +} + +/* Set set keys callback context */ +void wolfSSL_SetVerifyMacCtx(WOLFSSL* ssl, void *ctx) +{ + if (ssl) + ssl->VerifyMacCtx = ctx; +} +/* Get set keys callback context */ +void* wolfSSL_GetVerifyMacCtx(WOLFSSL* ssl) +{ + if (ssl) + return ssl->VerifyMacCtx; + + return NULL; +} +#endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_AEAD_ONLY */ + #endif /* HAVE_PK_CALLBACKS */ #endif /* NO_CERTS */ diff --git a/src/tls.c b/src/tls.c index 9f614fa0c..a9600568a 100644 --- a/src/tls.c +++ b/src/tls.c @@ -210,6 +210,14 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) side = tls_server; #ifdef WOLFSSL_HAVE_PRF +#if !defined(NO_CERTS) && defined(HAVE_PK_CALLBACKS) + if (ssl->ctx->TlsFinishedCb) { + void* ctx = wolfSSL_GetTlsFinishedCtx(ssl); + ret = ssl->ctx->TlsFinishedCb(ssl, side, handshake_hash, + (byte*)hashes, ctx); + } + if (!ssl->ctx->TlsFinishedCb || ret == PROTOCOLCB_UNAVAILABLE) +#endif #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \ !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION) if (tsip_useable(ssl)) { @@ -393,15 +401,23 @@ int DeriveTlsKeys(WOLFSSL* ssl) ret = tsip_generateSeesionKey(ssl); else { #endif - ret = _DeriveTlsKeys(key_dig, key_dig_len, +#if !defined(NO_CERTS) && defined(HAVE_PK_CALLBACKS) + ret = PROTOCOLCB_UNAVAILABLE; + if (ssl->ctx->GenSessionKeyCb) { + void* ctx = wolfSSL_GetGenSessionKeyCtx(ssl); + ret = ssl->ctx->GenSessionKeyCb(ssl, ctx); + } + if (!ssl->ctx->GenSessionKeyCb || ret == PROTOCOLCB_UNAVAILABLE) +#endif + ret = _DeriveTlsKeys(key_dig, key_dig_len, ssl->arrays->masterSecret, SECRET_LEN, ssl->arrays->serverRandom, ssl->arrays->clientRandom, IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm, ssl->heap, ssl->devId); if (ret == 0) ret = StoreKeys(ssl, key_dig, PROVISION_CLIENT_SERVER); -#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \ - !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION) +#if (defined(WOLFSSL_RENESAS_TSIP_TLS) && \ + !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION)) } #endif @@ -576,6 +592,14 @@ int MakeTlsMasterSecret(WOLFSSL* ssl) #endif } else +#endif +#if !defined(NO_CERTS) && defined(HAVE_PK_CALLBACKS) + ret = PROTOCOLCB_UNAVAILABLE; + if (ssl->ctx->GenMasterCb) { + void* ctx = wolfSSL_GetGenMasterSecretCtx(ssl); + ret = ssl->ctx->GenMasterCb(ssl, ctx); + } + if (!ssl->ctx->GenMasterCb || ret == PROTOCOLCB_UNAVAILABLE) #endif ret = _MakeTlsMasterSecret(ssl->arrays->masterSecret, SECRET_LEN, ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz, @@ -1196,6 +1220,7 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz, return ret; } #endif + ret = wc_HmacInit(&hmac, ssl->heap, ssl->devId); if (ret != 0) return ret; diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 6adc857d9..f0e562565 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -215,6 +215,9 @@ #ifdef HAVE_CAVIUM_OCTEON_SYNC #include #endif + #ifdef HAVE_RENESAS_SYNC + #include + #endif #endif #ifdef WOLFSSL_ASYNC_CRYPT @@ -1452,6 +1455,12 @@ static void* benchmarks_do(void* args) printf("Couldn't get the Octeon device ID\n"); } #endif +#ifdef HAVE_RENESAS_SYNC + devId = wc_CryptoCb_CryptInitRenesasCmn(NULL, &guser_PKCbInfo); + if (devId == INVALID_DEVID) { + printf("Couldn't get the Renesas device ID\n"); + } +#endif #endif #if defined(HAVE_LOCAL_RNG) @@ -1523,7 +1532,8 @@ static void* benchmarks_do(void* args) bench_aescbc(0); #endif #if ((defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)) || \ - defined(HAVE_INTEL_QA_SYNC) || defined(HAVE_CAVIUM_OCTEON_SYNC)) && \ + defined(HAVE_INTEL_QA_SYNC) || defined(HAVE_CAVIUM_OCTEON_SYNC) || \ + defined(HAVE_RENESAS_SYNC)) && \ !defined(NO_HW_BENCH) bench_aescbc(1); #endif @@ -1535,7 +1545,8 @@ static void* benchmarks_do(void* args) bench_aesgcm(0); #endif #if ((defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)) || \ - defined(HAVE_INTEL_QA_SYNC) || defined(HAVE_CAVIUM_OCTEON_SYNC)) && \ + defined(HAVE_INTEL_QA_SYNC) || defined(HAVE_CAVIUM_OCTEON_SYNC) || \ + defined(HAVE_RENESAS_SYNC)) && \ !defined(NO_HW_BENCH) bench_aesgcm(1); #endif @@ -2107,9 +2118,11 @@ int benchmark_free(void) { int ret; +#ifndef HAVE_RENESAS_SYNC if (gPrintStats || devId != INVALID_DEVID) { bench_stats_print(); } +#endif bench_stats_free(); @@ -2120,6 +2133,9 @@ int benchmark_free(void) #ifdef HAVE_CAVIUM_OCTEON_SYNC wc_CryptoCb_CleanupOcteon(&devId); #endif +#ifdef HAVE_RENESAS_SYNC + wc_CryptoCb_CleanupRenesasCmn(&devId); +#endif #endif #ifdef WOLFSSL_ASYNC_CRYPT diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 0edab12a2..8b0d77482 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -139,6 +139,10 @@ ASN Options: #include #endif +#ifdef WOLFSSL_RENESAS_SCEPROTECT + #include +#endif + #ifndef NO_RSA #include #if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_CRYPTOCELL) @@ -199,6 +203,7 @@ int tsip_tls_CertVerify(const byte *cert, word32 certSz, byte *tsip_encRsaKeyIdx); #endif + /* Calculates the minimum number of bytes required to encode the value. * * @param [in] value Value to be encoded. @@ -7647,7 +7652,7 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz, #ifndef NO_RSA #ifndef HAVE_USER_RSA -#ifdef WOLFSSL_RENESAS_TSIP +#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT) /* This function is to retrieve key position information in a cert.* * The information will be used to call TSIP TLS-linked API for * * certificate verification. */ @@ -9586,9 +9591,9 @@ void FreeDecodedCert(DecodedCert* cert) if (cert->subjectName != NULL) wolfSSL_X509_NAME_free((WOLFSSL_X509_NAME*)cert->subjectName); #endif /* WOLFSSL_X509_NAME_AVAILABLE */ -#ifdef WOLFSSL_RENESAS_TSIP_TLS - if (cert->tsip_encRsaKeyIdx != NULL) - XFREE(cert->tsip_encRsaKeyIdx, cert->heap, DYNAMIC_TYPE_RSA); +#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) + if (cert->sce_tsip_encRsaKeyIdx != NULL) + XFREE(cert->sce_tsip_encRsaKeyIdx, cert->heap, DYNAMIC_TYPE_RSA); #endif #ifndef NO_CERTS FreeSignatureCtx(&cert->sigCtx); @@ -9709,8 +9714,9 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx, if (GetSequence(source, srcIdx, &length, pubIdx + pubLen) < 0) return ASN_PARSE_E; -#if defined(WOLFSSL_RENESAS_TSIP) - cert->sigCtx.pubkey_n_start = cert->sigCtx.pubkey_e_start = pubIdx; +#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT) + cert->sigCtx.CertAtt.pubkey_n_start = + cert->sigCtx.CertAtt.pubkey_e_start = pubIdx; #endif cert->pubKeySize = pubLen; cert->publicKey = source + pubIdx; @@ -9735,10 +9741,10 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx, * SEQUENCE. */ GetASN_GetConstRef(&dataASN[0], &cert->publicKey, &cert->pubKeySize); - #if defined(WOLFSSL_RENESAS_TSIP) + #if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT) /* Start of SEQUENCE. */ - cert->sigCtx.pubkey_n_start = cert->sigCtx.pubkey_e_start = - dataASN[1].offset; + cert->sigCtx.CertAtt.pubkey_n_start = + cert->sigCtx.CertAtt.pubkey_e_start = dataASN[1].offset; #endif #ifdef HAVE_OCSP /* Calculate the hash of the public key for OCSP. */ @@ -9806,13 +9812,25 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx, maxIdx) < 0) return ASN_PARSE_E; - if (CheckCurve(cert->pkCurveOID) < 0) + if ((ret = CheckCurve(cert->pkCurveOID)) < 0) return ECC_CURVE_OID_E; - + + #if defined(WOLFSSL_RENESAS_SCEPROTECT) + cert->sigCtx.CertAtt.curve_id = ret; + #endif /* key header */ ret = CheckBitString(source, srcIdx, &length, maxIdx, 1, NULL); if (ret != 0) return ret; + #if defined(WOLFSSL_RENESAS_SCEPROTECT) + cert->sigCtx.CertAtt.pubkey_n_start = + cert->sigCtx.CertAtt.pubkey_e_start = (*srcIdx + 1); + cert->sigCtx.CertAtt.pubkey_n_len = ((length - 1) >> 1); + cert->sigCtx.CertAtt.pubkey_e_start += + cert->sigCtx.CertAtt.pubkey_n_len; + cert->sigCtx.CertAtt.pubkey_e_len = + cert->sigCtx.CertAtt.pubkey_n_len; + #endif #ifdef HAVE_OCSP ret = CalcHashId(source + *srcIdx, length, cert->subjectKeyHash); if (ret != 0) @@ -13072,9 +13090,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, const byte* sig, word32 sigSz, word32 sigOID, byte* rsaKeyIdx) { int ret = 0; -#ifndef WOLFSSL_RENESAS_TSIP_TLS - (void)rsaKeyIdx; -#endif + if (sigCtx == NULL || buf == NULL || bufSz == 0 || key == NULL || keySz == 0 || sig == NULL || sigSz == 0) { return BAD_FUNC_ARG; @@ -13087,6 +13103,21 @@ static int ConfirmSignature(SignatureCtx* sigCtx, WOLFSSL_ENTER("ConfirmSignature"); +#if !defined(WOLFSSL_RENESAS_TSIP_TLS) && !defined(WOLFSSL_RENESAS_SCEPROTECT) + (void)rsaKeyIdx; +#else + CertAttribute* certatt = NULL; + + #if !defined(NO_RSA) || defined(HAVE_ECC) + certatt = (CertAttribute*)&sigCtx->CertAtt; + #endif + if(certatt) { + certatt->keyIndex = rsaKeyIdx; + certatt->cert = buf; + certatt->certSz = bufSz; + } +#endif + #ifndef NO_ASN_CRYPT switch (sigCtx->state) { case SIG_STATE_BEGIN: @@ -13413,29 +13444,34 @@ static int ConfirmSignature(SignatureCtx* sigCtx, #ifndef NO_RSA case RSAk: { - #ifdef HAVE_PK_CALLBACKS + #if defined(HAVE_PK_CALLBACKS) && \ + !defined(WOLFSSL_RENESAS_TSIP_TLS) if (sigCtx->pkCbRsa) { ret = sigCtx->pkCbRsa( sigCtx->sigCpy, sigSz, &sigCtx->out, key, keySz, sigCtx->pkCtxRsa); } + #if !defined(WOLFSSL_RENESAS_SCEPROTECT) else + #else + if (!sigCtx->pkCbRsa || ret == CRYPTOCB_UNAVAILABLE) + #endif /* WOLFSSL_RENESAS_SCEPROTECT */ #endif /* HAVE_PK_CALLBACKS */ { #ifdef WOLFSSL_RENESAS_TSIP_TLS if (rsaKeyIdx != NULL) { ret = tsip_tls_CertVerify(buf, bufSz, sigCtx->sigCpy, - sigSz, - sigCtx->pubkey_n_start - sigCtx->certBegin, - sigCtx->pubkey_n_len - 1, - sigCtx->pubkey_e_start - sigCtx->certBegin, - sigCtx->pubkey_e_len - 1, - rsaKeyIdx); + sigSz, + sigCtx->.CertAtt.pubkey_n_start - sigCtx->certBegin, + sigCtx->.CertAtt.pubkey_n_len - 1, + sigCtx->.CertAtt.pubkey_e_start - sigCtx->certBegin, + sigCtx->.CertAtt.pubkey_e_len - 1, + rsaKeyIdx); if (ret == 0){ - sigCtx->verifyByTSIP = 1; + sigCtx->verifyByTSIP_SCE = 1; ret = 0; } else { WOLFSSL_MSG("RSA Verify by tsip didn't match"); @@ -13460,7 +13496,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, #if defined(HAVE_ECC) case ECDSAk: { - #ifdef HAVE_PK_CALLBACKS + #if defined(HAVE_PK_CALLBACKS) if (sigCtx->pkCbEcc) { ret = sigCtx->pkCbEcc( sig, sigSz, @@ -13468,7 +13504,11 @@ static int ConfirmSignature(SignatureCtx* sigCtx, key, keySz, &sigCtx->verify, sigCtx->pkCtxEcc); } + #if !defined(WOLFSSL_RENESAS_SCEPROTECT) else + #else + if (!sigCtx->pkCbEcc || ret == CRYPTOCB_UNAVAILABLE) + #endif /* WOLFSSL_RENESAS_SCEPROTECT */ #endif /* HAVE_PK_CALLBACKS */ { ret = wc_ecc_verify_hash(sig, sigSz, sigCtx->digest, @@ -13532,8 +13572,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx, case RSAk: { int encodedSigSz, verifySz; - #ifdef WOLFSSL_RENESAS_TSIP - if (sigCtx->verifyByTSIP == 1) break; + #if defined(WOLFSSL_RENESAS_TSIP) || \ + defined(WOLFSSL_RENESAS_SCEPROTECT) + if (sigCtx->CertAtt.verifyByTSIP_SCE == 1) break; #endif #ifdef WOLFSSL_SMALL_STACK byte* encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, @@ -17791,10 +17832,10 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) int len = 0; #endif #endif -#if defined(WOLFSSL_RENESAS_TSIP) +#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT) int idx = 0; #endif - byte* tsip_encRsaKeyIdx; + byte* sce_tsip_encRsaKeyIdx; if (cert == NULL) { return BAD_FUNC_ARG; @@ -18149,52 +18190,56 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) } #endif /* HAVE_OCSP */ } -#if defined(WOLFSSL_RENESAS_TSIP) +#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT) /* prepare for TSIP TLS cert verification API use */ if (cert->keyOID == RSAk) { /* to call TSIP API, it needs keys position info in bytes */ if ((ret = RsaPublicKeyDecodeRawIndex(cert->publicKey, (word32*)&idx, cert->pubKeySize, - &cert->sigCtx.pubkey_n_start, - &cert->sigCtx.pubkey_n_len, - &cert->sigCtx.pubkey_e_start, - &cert->sigCtx.pubkey_e_len)) != 0) { + &cert->sigCtx.CertAtt.pubkey_n_start, + &cert->sigCtx.CertAtt.pubkey_n_len, + &cert->sigCtx.CertAtt.pubkey_e_start, + &cert->sigCtx.CertAtt.pubkey_e_len)) != 0) { WOLFSSL_MSG("Decoding index from cert failed."); return ret; } - cert->sigCtx.certBegin = cert->certBegin; + cert->sigCtx.CertAtt.certBegin = cert->certBegin; + } else if (cert->keyOID == ECDSAk) { + cert->sigCtx.CertAtt.certBegin = cert->certBegin; } /* check if we can use TSIP for cert verification */ /* if the ca is verified as tsip root ca. */ /* TSIP can only handle 2048 bits(256 byte) key. */ - if (cert->ca && tsip_checkCA(cert->ca->cm_idx) != 0 && - cert->sigCtx.pubkey_n_len == 256) { + if (cert->ca && Renesas_cmn_checkCA(cert->ca->cm_idx) != 0 && + (cert->sigCtx.CertAtt.pubkey_n_len == 256 || + cert->sigCtx.CertAtt.curve_id == ECC_SECP256R1)) { /* assign memory to encrypted tsip Rsa key index */ - if (!cert->tsip_encRsaKeyIdx) - cert->tsip_encRsaKeyIdx = + if (!cert->sce_tsip_encRsaKeyIdx) + cert->sce_tsip_encRsaKeyIdx = (byte*)XMALLOC(TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY, cert->heap, DYNAMIC_TYPE_RSA); - if (cert->tsip_encRsaKeyIdx == NULL) + if (cert->sce_tsip_encRsaKeyIdx == NULL) return MEMORY_E; } else { if (cert->ca) { /* TSIP isn't usable */ - if (tsip_checkCA(cert->ca->cm_idx) == 0) - WOLFSSL_MSG("TSIP isn't usable because the ca isn't verified " + if (Renesas_cmn_checkCA(cert->ca->cm_idx) == 0) + WOLFSSL_MSG("SCE-TSIP isn't usable because the ca isn't verified " "by TSIP."); - else if (cert->sigCtx.pubkey_n_len != 256) - WOLFSSL_MSG("TSIP isn't usable because the ca isn't signed by " + else if (cert->sigCtx.CertAtt.pubkey_n_len != 256) + WOLFSSL_MSG("SCE-TSIP isn't usable because the ca isn't signed by " "RSA 2048."); else - WOLFSSL_MSG("TSIP isn't usable"); + WOLFSSL_MSG("SCE-TSIP isn't usable"); } - cert->tsip_encRsaKeyIdx = NULL; + cert->sce_tsip_encRsaKeyIdx = NULL; } - - tsip_encRsaKeyIdx = cert->tsip_encRsaKeyIdx; + + sce_tsip_encRsaKeyIdx = cert->sce_tsip_encRsaKeyIdx; + #else - tsip_encRsaKeyIdx = NULL; + sce_tsip_encRsaKeyIdx = NULL; #endif if (verify != NO_VERIFY && type != CA_TYPE && type != TRUSTED_PEER_TYPE) { @@ -18208,7 +18253,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) cert->ca->publicKey, cert->ca->pubKeySize, cert->ca->keyOID, cert->signature, cert->sigLength, cert->signatureOID, - tsip_encRsaKeyIdx)) != 0) { + sce_tsip_encRsaKeyIdx)) != 0) { if (ret != WC_PENDING_E) { WOLFSSL_MSG("Confirm signature failed"); } diff --git a/wolfcrypt/src/error.c b/wolfcrypt/src/error.c index 9d685f811..717ee8559 100644 --- a/wolfcrypt/src/error.c +++ b/wolfcrypt/src/error.c @@ -554,6 +554,8 @@ const char* wc_GetErrorString(int error) case FIPS_PRIVATE_KEY_LOCKED_E: return "Cannot export private key, locked"; + case PROTOCOLCB_UNAVAILABLE: + return "Protocol callback unavailable"; default: return "unknown error number"; diff --git a/wolfcrypt/src/include.am b/wolfcrypt/src/include.am index e1ab3e348..5324cf370 100644 --- a/wolfcrypt/src/include.am +++ b/wolfcrypt/src/include.am @@ -115,6 +115,10 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \ wolfcrypt/src/port/Renesas/renesas_tsip_aes.c \ wolfcrypt/src/port/Renesas/renesas_tsip_sha.c \ wolfcrypt/src/port/Renesas/renesas_tsip_util.c \ + wolfcrypt/src/port/Renesas/renesas_sce_util.c \ + wolfcrypt/src/port/Renesas/renesas_sce_aes.c \ + wolfcrypt/src/port/Renesas/renesas_sce_sha.c \ + wolfcrypt/src/port/Renesas/renesas_common.c \ wolfcrypt/src/port/Renesas/README.md \ wolfcrypt/src/port/cypress/psoc6_crypto.c diff --git a/wolfcrypt/src/port/Renesas/renesas_common.c b/wolfcrypt/src/port/Renesas/renesas_common.c new file mode 100644 index 000000000..e856af20b --- /dev/null +++ b/wolfcrypt/src/port/Renesas/renesas_common.c @@ -0,0 +1,824 @@ +/* renesas_common.c + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#include + +#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS) + +#if defined(WOLFSSL_RENESAS_SCEPROTECT) + #include +#elif defined(WOLFSSL_RENESAS_TSIP_TLS) + #include +#endif + +#include +#include +#include +#include +#include +#include +#include + +extern uint32_t g_CAscm_Idx = (uint32_t)-1; /* index of CM table */ +static int devId = 7890; /* dev Id for Crypt Callback */ + +#ifdef WOLF_CRYPTO_CB + +#include + +/* Renesas Security Library Common Callback + * For Crypto Call back + * + * devIdArg device Id + * info pointer to wc_CryptInfo + * ctx Crypto Callback context + * return 0 on success, otherwise MEMORY_E or BAD_FUNC_ARG on failure + */ +static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) +{ + int ret = NOT_COMPILED_IN; /* return this to bypass HW and use SW */ + User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*) ctx; + + if (info == NULL || ctx == NULL) + return BAD_FUNC_ARG; + +#ifdef DEBUG_WOLFSSL + printf("CryptoDevCb: Algo Type %d\n", info->algo_type); +#endif + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip aes api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + + if (info->algo_type == WC_ALGO_TYPE_CIPHER) { + + #if !defined(NO_AES) || !defined(NO_DES3) + #ifdef HAVE_AESGCM + if (info->cipher.type == WC_CIPHER_AES_GCM) { + + if (info->cipher.enc && + ( cbInfo->session_key_set == 1 || + (cbInfo->aes256_installedkey_set == 1 && + info->cipher.aesgcm_enc.aes->keylen == 32) || + (cbInfo->aes128_installedkey_set == 1 && + info->cipher.aesgcm_enc.aes->keylen == 16))) { + + if(cbInfo->aes256_installedkey_set == 1 && + info->cipher.aesgcm_enc.aes->keylen == 32) { + + XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key, + &cbInfo->sce_wrapped_key_aes256, + sizeof(sce_aes_wrapped_key_t)); + info->cipher.aesgcm_enc.aes->ctx.keySize = 32; + + } else if (cbInfo->aes128_installedkey_set == 1 && + info->cipher.aesgcm_enc.aes->keylen == 16) { + + XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key, + &cbInfo->sce_wrapped_key_aes128, + sizeof(sce_aes_wrapped_key_t)); + info->cipher.aesgcm_enc.aes->ctx.keySize = 16; + } + + ret = wc_sce_AesGcmEncrypt( + info->cipher.aesgcm_enc.aes, + (byte*)info->cipher.aesgcm_enc.out, + (byte*)info->cipher.aesgcm_enc.in, + info->cipher.aesgcm_enc.sz, + (byte*)info->cipher.aesgcm_enc.iv, + info->cipher.aesgcm_enc.ivSz, + (byte*)info->cipher.aesgcm_enc.authTag, + info->cipher.aesgcm_enc.authTagSz, + (byte*)info->cipher.aesgcm_enc.authIn, + info->cipher.aesgcm_enc.authInSz, + (void*)ctx); + + } else if (cbInfo->session_key_set == 1 || + (cbInfo->aes256_installedkey_set == 1 && + info->cipher.aesgcm_dec.aes->keylen == 32) || + (cbInfo->aes128_installedkey_set == 1 && + info->cipher.aesgcm_dec.aes->keylen == 16)) { + + if(cbInfo->aes256_installedkey_set == 1 && + info->cipher.aesgcm_dec.aes->keylen == 32) { + + XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key, + &cbInfo->sce_wrapped_key_aes256, + sizeof(sce_aes_wrapped_key_t)); + info->cipher.aesgcm_dec.aes->ctx.keySize = 32; + + } else if (cbInfo->aes128_installedkey_set == 1 && + info->cipher.aesgcm_dec.aes->keylen == 16) { + + XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key, + &cbInfo->sce_wrapped_key_aes128, + sizeof(sce_aes_wrapped_key_t)); + info->cipher.aesgcm_dec.aes->ctx.keySize = 16; + } + + ret = wc_sce_AesGcmDecrypt( + info->cipher.aesgcm_dec.aes, + (byte*)info->cipher.aesgcm_dec.out, + (byte*)info->cipher.aesgcm_dec.in, + info->cipher.aesgcm_dec.sz, + (byte*)info->cipher.aesgcm_dec.iv, + info->cipher.aesgcm_dec.ivSz, + (byte*)info->cipher.aesgcm_dec.authTag, + info->cipher.aesgcm_dec.authTagSz, + (byte*)info->cipher.aesgcm_dec.authIn, + info->cipher.aesgcm_dec.authInSz, + (void*)ctx); + } + } + #endif /* HAVE_AESGCM */ + #ifdef HAVE_AES_CBC + if ((info->cipher.type == WC_CIPHER_AES_CBC) && + (cbInfo->session_key_set == 1 || + (cbInfo->aes256_installedkey_set == 1 && + info->cipher.aescbc.aes->keylen == 32) || + (cbInfo->aes128_installedkey_set == 1 && + info->cipher.aescbc.aes->keylen == 16))) { + + if (info->cipher.enc) { + if(cbInfo->aes256_installedkey_set == 1 && + info->cipher.aescbc.aes->keylen == 32) { + XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key, + &cbInfo->sce_wrapped_key_aes256, + sizeof(sce_aes_wrapped_key_t)); + info->cipher.aescbc.aes->ctx.keySize = 32; + + } else if (cbInfo->aes128_installedkey_set == 1 && + info->cipher.aescbc.aes->keylen == 16) { + XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key, + &cbInfo->sce_wrapped_key_aes128, + sizeof(sce_aes_wrapped_key_t)); + info->cipher.aescbc.aes->ctx.keySize = 16; + } + + ret = wc_sce_AesCbcEncrypt( + info->cipher.aescbc.aes, + (byte*)info->cipher.aescbc.out, + (byte*)info->cipher.aescbc.in, + info->cipher.aescbc.sz); + } + else { + if(cbInfo->aes256_installedkey_set == 1 && + info->cipher.aescbc.aes->keylen == 32) { + XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key, + &cbInfo->sce_wrapped_key_aes256, + sizeof(sce_aes_wrapped_key_t)); + info->cipher.aescbc.aes->ctx.keySize = 32; + + } else if (cbInfo->aes128_installedkey_set == 1 && + info->cipher.aescbc.aes->keylen == 16) { + XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key, + &cbInfo->sce_wrapped_key_aes128, + sizeof(sce_aes_wrapped_key_t)); + info->cipher.aescbc.aes->ctx.keySize = 16; + } + + ret = wc_sce_AesCbcDecrypt( + info->cipher.aescbc.aes, + (byte*)info->cipher.aescbc.out, + (byte*)info->cipher.aescbc.in, + info->cipher.aescbc.sz); + } + } + #endif /* HAVE_AES_CBC */ + #endif /* !NO_AES || !NO_DES3 */ + #endif /* TSIP or SCE */ + } + + (void)devIdArg; + (void)ctx; + + return ret; +} + +/* Renesas Security Library Common Entry Point + * For usable method + * + * ssl : a pointer to WOLFSSL object + * session_key_generated : if session key has been generated + * return 1 for usable, 0 for unusable + */ +int Renesas_cmn_usable(const WOLFSSL* ssl, byte session_key_generated) +{ + int ret; + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + ret = wc_sce_usable(ssl, session_key_generated); + #endif + + return ret; +} + +/* Renesas Security Library Common Method + * Crypt Callback initialization + * + * ssl : a pointer to WOLFSSL object + * ctx : callback context + * return valid device Id on success, otherwise INVALID_DEVIID + */ +int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx) +{ + (void)ssl; + (void)ctx; + + #if defined(WOLFSSL_RENESAS_TSIP) + void* cbInfo = NULL;/* TODO cast tsip cb context */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx; + #endif + + if (wc_CryptoCb_RegisterDevice(devId, Renesas_cmn_CryptoDevCb, cbInfo) < 0) { + return INVALID_DEVID; + } + + if(ssl) + wolfSSL_SetDevId(ssl, devId); + + return devId; +} + +/* Renesas Security Library Common Method + * Clean up CryptCb + * + * id : a pointer to device id to unregister + * no return value + */ +void wc_CryptoCb_CleanupRenesasCmn(int* id) +{ + wc_CryptoCb_UnRegisterDevice(*id); + *id = INVALID_DEVID; +} + +#endif /* WOLF_CRYPTO_CB */ + +/* Renesas Security Library Common Method + * Check CA index if CA can be used for SCE/TSIP because + * the CA has been verified by SCE/TSIP + * + * cmdIdx : ca index + * return 1 can be used, otherwise 0 + */ +WOLFSSL_LOCAL byte Renesas_cmn_checkCA(word32 cmIdx) +{ + return (cmIdx == g_CAscm_Idx? 1:0); +} + +/* check if the root CA has been verified by TSIP/SCE, + * and it exists in the CM table. + */ +static byte sce_tsip_rootCAverified( ) +{ + return (g_CAscm_Idx != (uint32_t)-1 ? 1:0); +} +/* Renesas Security Library Common Callback + * Callback for Rsa verify + * + * ssl the WOLFSSL object + * sig Buffer holding signature + * sigSz Length of signature in bytes + * out Buffer to hold hash + * key Buffer to hold ecc key + * keySz Length of key in bytes + * return FSP_SUCCESS(0) on sucess, otherwise FSP/TSIP error code + */ +WOLFSSL_LOCAL int Renesas_cmn_RsaVerify(WOLFSSL* ssl, byte* sig, word32 sigSz, + byte** out, const byte* key, word32 keySz, void* ctx) +{ + int ret; + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO TSIP */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + ret = wc_SCE_RsaVerify(ssl, sig, sigSz, out,key, keySz, ctx); + + if (ret == 0 && ret != CRYPTOCB_UNAVAILABLE) { + /* Set Call back for SharedScret when being successful */ + wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, SCE_EccSharedSecret); + wolfSSL_SetEccSharedSecretCtx(ssl, ctx); + } else { + WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify"); + wolfSSL_CTX_SetEccSharedSecretCb(ctx, NULL); + wolfSSL_SetEccSharedSecretCtx(ssl, NULL); + } + #endif + + return ret; +} +/* Renesas Security Library Common Callback + * Callback for Ecc verify + * + * ssl the WOLFSSL object + * sig Buffer holding signature + * sigSz Length of signature in bytes + * hash Buffer to hold hash + * hashSz Length of hash + * key Buffer to hold ecc key + * keySz Length of key in bytes + * result a pointer to int indicates if the verify is ok + * return FSP_SUCCESS(0) on sucess, otherwise FSP/TSIP error code + */ +WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const uint8_t* sig, + uint32_t sigSz, const uint8_t* hash, uint32_t hashSz, + const uint8_t* key, uint32_t keySz, int* result, void* ctx) +{ + int ret; + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO TSIP */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + ret = wc_SCE_EccVerify(ssl, sig, sigSz, hash, hashSz, key, keySz, + result, ctx); + if (ret == 0 && *result == 1 && ret != CRYPTOCB_UNAVAILABLE) { + /* Set Call back for SharedScret when being successful */ + wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, SCE_EccSharedSecret); + wolfSSL_SetEccSharedSecretCtx(ssl, ctx); + } else { + WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify"); + wolfSSL_CTX_SetEccSharedSecretCb(ctx, NULL); + wolfSSL_SetEccSharedSecretCtx(ssl, NULL); + } + #endif + + return ret; +} +/* Renesas Security Library Common Entry Point + * For ROOT CA verifycation + * + * cert Buffer to hold cert + * cert_len Length of cert + * key_n_start Byte position of public key in cert + * key_n_len Length of public key in bytes + * key_e_start Byte position of public key exponent in cert + * key_e_len Length of public key exponent + * cm_row CA index + * return FSP_SUCCESS(0) on sucess, otherwise FSP/TSIP error code + */ +int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, word32 key_n_start, + word32 key_n_len, word32 key_e_start, word32 key_e_len, word32 cm_row) +{ + int ret; + + if (sce_tsip_rootCAverified() == 0) { + + #if defined(WOLFSSL_RENESAS_TSIP) + ret = tsip_tls_RootCertVerify(cert, cert_len, key_n_start, + key_n_len, key_e_start, key_e_len, cm_row); + + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + + ret = wc_sce_tls_RootCertVerify(cert, cert_len, key_n_start, + key_n_len, key_e_start, key_e_len, cm_row); + #endif + } else { + /* already verified. skipped */ + ret = 0; + } + return ret; +} + +/* Renesas Security Library Common Callback + * Callback for tls finished + * + * ssl the WOLFSSL object + * side CLIENT or SERVER + * handshake_hash hash while doing handshake + * hashes calculated data by SCE/TSIP pseduo random function + * return FSP_SUCCESS(0) on sucess, otherwise FSP/TSIP error code + */ +WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side, + const byte *handshake_hash, + byte *hashes, void* ctx) +{ + int ret = -1; + + (void)ctx; + + /* sanity check */ + if (ssl == NULL || ctx == NULL || side == NULL || handshake_hash == NULL || + hashes == NULL ) + return BAD_FUNC_ARG; + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + ret = wc_sce_generateVerifyData(ssl->arrays->sce_masterSecret, /* master secret */ + side, handshake_hash, hashes); + #endif + + return ret; +} + +/* Renesas Security Library Common Callback + * Callback for setting Encrypt Keys. + * Register callback for setting Encrypt Keys when keys are generated by SCE/TSIP + * + * ssl the WOLFSSL object + * ctx Callback context + * return 0 on sucess, -1 when keys are not generated by SCE/TSIP + */ +static int Renesas_cmn_EncryptKeys(WOLFSSL* ssl, void* ctx) +{ + int ret; + + /* sanity check */ + if (ssl == NULL || ctx == NULL) + return BAD_FUNC_ARG; + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx; + if (cbInfo->session_key_set == 1) { + ret = 0; + + wolfSSL_CTX_SetTlsFinishedCb(ssl->ctx, Renesas_cmn_TlsFinished); + wolfSSL_SetTlsFinishedCtx(ssl, cbInfo); + } else { + wolfSSL_CTX_SetTlsFinishedCb(ssl->ctx, NULL); + wolfSSL_SetTlsFinishedCtx(ssl, NULL); + ret = -1; + } + #endif + return ret; +} + +/* Renesas Security Library Common Callback + * Callback for Sesssion Key generation + * Register callback for Set Keys when keys are successfully + * generated by SCE/TSIP + * + * ssl the WOLFSSL object + * ctx Callback context + * return FSP_SUCCESS(0) on sucess, otherwise SCE/TSIP error code + */ +WOLFSSL_LOCAL int Renesas_cmn_generateSeesionKey(WOLFSSL* ssl, void* ctx) +{ + int ret = -1; + + (void)ctx; + + /* sanity check */ + if (ssl == NULL || ctx == NULL) + return BAD_FUNC_ARG; + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + ret = wc_sce_generateSeesionKey(ssl, ctx, devId); + if (ret == 0) { + wolfSSL_CTX_SetEncryptKeysCb(ssl->ctx, Renesas_cmn_EncryptKeys); + wolfSSL_SetEncryptKeysCtx(ssl, ctx); + } else { + wolfSSL_CTX_SetEncryptKeysCb(ssl->ctx, NULL); + wolfSSL_SetEncryptKeysCtx(ssl, NULL); + } + #endif + return ret; +} + +/* Renesas Security Library Common Callback + * Callback for Premaster Secret generation + * Register callback for Set Keys when keys are successfully + * generated by SCE/TSIP + * + * ssl the WOLFSSL object + * premaster Buffer to hold pre master + * preSz Length of pre-master + * ctx Callback context + * return FSP_SUCCESS(0) on sucess, + * otherwise PROTOCOLCB_UNAVAILABLE + * so that caller could continue to process if want + */ +WOLFSSL_LOCAL int Renesas_cmn_generatePremasterSecret(WOLFSSL* ssl, + byte *premaster, word32 preSz, void* ctx) +{ + int ret; + + (void) ctx; + (void) ssl; + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + if (Renesas_cmn_usable(ssl, 0)) { + ret = wc_sce_generatePremasterSecret(premaster, preSz); + ssl->arrays->preMasterSz = preSz; + } else + ret = PROTOCOLCB_UNAVAILABLE; + #endif + + return ret; +} + +/* Renesas Security Library Common Callback + * Callback for Master Secret generation + * Register callback for Session Key Generation when master secret is + * successfully generated by SCE/TSIP + * + * ssl the WOLFSSL object + * ctx Callback context + * return FSP_SUCCESS(0) on sucess, + * otherwise PROTOCOLCB_UNAVAILABLE + * so that caller could continue to process if want + */ +WOLFSSL_LOCAL int Renesas_cmn_genMasterSecret(struct WOLFSSL* ssl, void* ctx) +{ + int ret = WOLFSSL_NOT_IMPLEMENTED; + + (void) ret; + (void) ctx; + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + if (Renesas_cmn_usable(ssl, 0)) { + ret = wc_sce_generateMasterSecret( + ssl->options.cipherSuite0, + ssl->options.cipherSuite, + ssl->arrays->preMasterSecret, + ssl->arrays->clientRandom, + ssl->arrays->serverRandom, + ssl->arrays->sce_masterSecret); + if (ret == 0) { + wc_sce_storeKeyCtx(ssl, ctx); + /* set Session Key generation Callback for use */ + wolfSSL_CTX_SetGenSessionKeyCb(ssl->ctx, + Renesas_cmn_generateSeesionKey); + wolfSSL_SetGenSessionKeyCtx(ssl, ctx); + } else { + wolfSSL_CTX_SetGenSessionKeyCb(ssl->ctx, NULL); + wolfSSL_SetGenSessionKeyCtx(ssl, NULL); + } + } else + ret = PROTOCOLCB_UNAVAILABLE; + + #endif + return ret; +} + +/* Renesas Security Library Common Callback + * Callback for Rsa Encryption + * + * ssl the WOLFSSL object + * in Buffer to hold plain text + * inSz Length of plain text + * out Buffer to hold cipher text + * outSz Length of cipher text buffer + * KeyDer Buffer holding Key in der format + * KeySz Length of Key Der + * ctx Callback context + * return FSP_SUCCESS(0) on sucess, + * otherwise CRYPTOCB_UNAVAILABLE + * so that caller could continue to process if want + */ +WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in, + unsigned int inSz, unsigned char* out, word32* outSz, + const unsigned char* keyDer, unsigned int keySz, void* ctx) +{ + int ret; + int EncSz; + + (void)ctx; + (void)in; + (void)inSz; + (void)keyDer; + (void)keySz; + (void)EncSz; + + /* sanity check */ + if (ssl == NULL || in == NULL || out == NULL || keyDer == NULL || + ctx == NULL) { + return BAD_FUNC_ARG; + } + + EncSz = wc_RsaEncryptSize(ssl->peerRsaKey); + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + if (wc_sce_usable(ssl, 0) && EncSz == 256) { + ret = wc_sce_generateEncryptPreMasterSecret(ssl, out, outSz); + } else { + if (EncSz != 256) + WOLFSSL_MSG("SCE cannot use" + "because Rsa Encrypt Size isn't 256 bytes(2048 bits)."); + + ret = CRYPTOCB_UNAVAILABLE; + } + #endif + return ret; +} + +/* Renesas Security Library Common Callback + * Callback for Verify hmac + * + * ssl the WOLFSSL object + * message Buffer to hold message + * inSz Length of message + * macSz Length of mac size + * content content of inner data + * ctx Callback context + * return FSP_SUCCESS(0) on sucess, + * otherwise PROTOCOLCB_UNAVAILABLE + * so that caller could continue to process if want + */ +WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message, + word32 messageSz, word32 macSz, word32 content, void* ctx) +{ + int ret; + (void)ctx; + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + if (wc_sce_usable(ssl, 1)) { + ret = wc_sce_Sha256VerifyHmac(ssl, message, messageSz, macSz, content); + } else + ret = PROTOCOLCB_UNAVAILABLE; + #endif + + return ret; +} + +/* Renesas Security Library Common Callback + * Callback for TLS hmac + * + * ssl the WOLFSSL object + * digest Buffer to hold digest by hmac + * in Buffer to hold in data + * sz Length of in data + * padSz Length of padding + * content content of inner data + * epocOrder + * return FSP_SUCCESS(0) on sucess, otherwise error code + */ +WOLFSSL_LOCAL int Renesas_cmn_TLS_hmac(WOLFSSL* ssl, byte* digest, + const byte* in, word32 sz, int padSz, int content, int verify, int epochOrder) +{ + int ret; + byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ]; + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + if (Renesas_cmn_usable(ssl, 1)) { + if (ssl->specs.hash_size == WC_SHA256_DIGEST_SIZE) { + wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify); + ret = wc_sce_Sha256GenerateHmac(ssl, myInner, WOLFSSL_TLS_HMAC_INNER_SZ, + in, sz, digest); + } + else + ret = TSIP_MAC_DIGSZ_E; + } else { + /* fall through to original TLS hmac method when SCE cannot be used */ + ret = TLS_hmac(ssl, digest, in, sz, padSz, content, verify, epochOrder); + } + + #endif + + return ret; +} + +/* Renesas Security Library Common Callback + * Callback for Signature PK Rsa verify + * + * sig Buffer holding signature + * sigSz Length of signature in bytes + * out Buffer to hold hash + * keyDer Buffer to hold rsa key + * keySz Length of key in bytes + * ctx Callback context + * return FSP_SUCCESS(0) on sucess, + * otherwise CRYPTOCB_UNAVAILABLE + * so that caller could continue to process if want + */ +WOLFSSL_LOCAL int Renesas_cmn_SigPkCbRsaVerify(unsigned char* sig, + unsigned int sigSz, unsigned char** out, const unsigned char* keyDer, + unsigned int keySz, void* ctx) +{ + int ret; + CertAttribute* CertAtt; + + (void)out; + (void)keyDer; + (void)keySz; + + /* sanity check */ + if (sig == NULL || out == NULL || keyDer == NULL || ctx == NULL) + return BAD_FUNC_ARG; + + CertAtt = (CertAttribute*)ctx; + if (!CertAtt) { + return CRYPTOCB_UNAVAILABLE; + } + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + if (CertAtt->keyIndex != NULL) + { + ret = wc_sce_tls_CertVerify(CertAtt->cert, CertAtt->certSz, sig, sigSz, + CertAtt->pubkey_n_start - CertAtt->certBegin, + CertAtt->pubkey_n_len - 1, + CertAtt->pubkey_e_start - CertAtt->certBegin, + CertAtt->pubkey_e_len -1, + (uint8_t*)CertAtt->keyIndex); + if (ret == 0){ + CertAtt->verifyByTSIP_SCE = 1; + } else { + WOLFSSL_MSG("RSA Verify by SCE didn't match"); + ret = ASN_SIG_CONFIRM_E; + } + } else + ret = CRYPTOCB_UNAVAILABLE; + #endif + + return ret; +} + +/* Renesas Security Library Common Callback + * Callback for Signature PK Ecc verify + * + * sig Buffer holding signature + * sigSz Length of signature in bytes + * has Buffer to hold hash + * hashSz Length of hash + * keyDer Buffer to hold rsa key + * keySz Length of key in bytes + * result A pointer to int indicates a result + * ctx Callback context + * return FSP_SUCCESS(0) on sucess, + * otherwise CRYPTOCB_UNAVAILABLE + * so that caller could continue to process if want + */ +WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig, + unsigned int sigSz, const unsigned char* hash, unsigned int hashSz, + const unsigned char* keyDer, unsigned int keySz, + int* result, void* ctx) +{ + int ret; + CertAttribute* CertAtt; + + (void)result; + (void)keyDer; + (void)keySz; + (void)hash; + (void)hashSz; + /* sanity check */ + if (sig == NULL || keyDer == NULL || hash == NULL || ctx == NULL || + result == NULL) + return BAD_FUNC_ARG; + + + CertAtt = (CertAttribute*)ctx; + if (!CertAtt) { + return CRYPTOCB_UNAVAILABLE; + } + + #if defined(WOLFSSL_RENESAS_TSIP) + /* TODO call tsip api */ + #elif defined(WOLFSSL_RENESAS_SCEPROTECT) + if (CertAtt->keyIndex != NULL) + { + ret = wc_sce_tls_CertVerify(CertAtt->cert, CertAtt->certSz, sig, sigSz, + CertAtt->pubkey_n_start - CertAtt->certBegin, + CertAtt->pubkey_n_len - 1, + CertAtt->pubkey_e_start - CertAtt->certBegin, + CertAtt->pubkey_e_len -1, + (uint8_t*)CertAtt->keyIndex); + if (ret == 0) { + CertAtt->verifyByTSIP_SCE = 1; + *result = 1; + } else { + WOLFSSL_MSG("RSA Verify by SCE didn't match"); + ret = ASN_SIG_CONFIRM_E; + } + } else + ret = CRYPTOCB_UNAVAILABLE; + #endif + + return ret; +} + +#endif /* SCEPROTECT || TSIP */ diff --git a/wolfcrypt/src/port/Renesas/renesas_sce_aes.c b/wolfcrypt/src/port/Renesas/renesas_sce_aes.c new file mode 100644 index 000000000..1ae2641ec --- /dev/null +++ b/wolfcrypt/src/port/Renesas/renesas_sce_aes.c @@ -0,0 +1,531 @@ +/* renesas_sce_aes.c + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif +#include + +#ifndef NO_AES + +#if defined(WOLFSSL_RENESAS_SCEPROTECT) && \ + !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_AES) + +#include +#include +#include +#include +#include "wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h" + +#ifdef NO_INLINE + #include +#else + #define WOLFSSL_MISC_INCLUDED + #include +#endif + +struct Aes; + +#define SCE_AES_GCM_AUTH_TAG_SIZE 16 + +typedef fsp_err_t (*aesGcmEncInitFn) + (sce_gcm_handle_t*, sce_aes_wrapped_key_t*, uint8_t*, uint32_t); +typedef fsp_err_t (*aesGcmEncUpdateFn) + (sce_gcm_handle_t*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t); +typedef fsp_err_t (*aesGcmEncFinalFn) + (sce_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*); + +typedef fsp_err_t (*aesGcmDecInitFn) + (sce_gcm_handle_t*, sce_aes_wrapped_key_t*, uint8_t*, uint32_t); +typedef fsp_err_t (*aesGcmDecUpdateFn) + (sce_gcm_handle_t*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t); +typedef fsp_err_t (*aesGcmDecFinalFn) + (sce_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*, uint32_t); + +/* Perform Aes Gcm encryption by SCE + * + * aes The AES object. + * out Buffer to hold cipher text + * in Buffer to hold plaintext + * sz Length of cipher text/plaintext in bytes + * iv Buffer holding IV/nonce + * ivSz Length of IV/nonce in bytes + * authTag Buffer to hold authentication data + * authTagSz Length of authentication data in bytes + * ctx The callback context + * return FSP_SUCCESS(0) on Success, otherwise negative value + */ +WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out, + const byte* in, word32 sz, + byte* iv, word32 ivSz, + byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz, + void* ctx) +{ + int ret; + sce_gcm_handle_t _handle; + uint32_t dataLen = sz; + User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx; + + aesGcmEncInitFn initFn; + aesGcmEncUpdateFn updateFn; + aesGcmEncFinalFn finalFn; + + uint8_t* plainBuf = NULL; + uint8_t* cipherBuf = NULL; + uint8_t* aTagBuf = NULL; + uint8_t delta; + const uint8_t* iv_l = NULL; + uint32_t ivSz_l = 0; + + sce_hmac_sha_wrapped_key_t key_client_mac; + sce_hmac_sha_wrapped_key_t key_server_mac; + sce_aes_wrapped_key_t key_client_aes; + sce_aes_wrapped_key_t key_server_aes; + + /* sanity check */ + if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) { + return BAD_FUNC_ARG; + } + + if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) { + WOLFSSL_MSG("GcmEncrypt authTagSz too small error"); + return BAD_FUNC_ARG; + } + + if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) { + WOLFSSL_MSG("keySize is invalid, neither 16 or 32."); + return BAD_FUNC_ARG; + } + + if (aes->ctx.keySize == 16) { + initFn = R_SCE_AES128GCM_EncryptInit; + updateFn = R_SCE_AES128GCM_EncryptUpdate; + finalFn = R_SCE_AES128GCM_EncryptFinal; + } + else { + initFn = R_SCE_AES256GCM_EncryptInit; + updateFn = R_SCE_AES256GCM_EncryptUpdate; + finalFn = R_SCE_AES256GCM_EncryptFinal; + } + + + /* check if AES GCM can be used by SCE */ + if ((ret = wc_sce_hw_lock()) == 0) { + + /* allocate buffers for plaintaxt, ciphertext and authTag to make sure + * those buffers 32bit aligned as SCE requests. + */ + delta = sz % AES_BLOCK_SIZE; + plainBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES); + cipherBuf = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES); + aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap, + DYNAMIC_TYPE_AES); + + if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) { + WOLFSSL_MSG("wc_sce_AesGcmEncrypt: buffer allocation faild"); + ret = -1; + } + + if (ret == 0) { + XMEMCPY(plainBuf, in, sz); + XMEMSET((void*)cipherBuf, 0, sz + delta); + XMEMSET((void*)authTag, 0, authTagSz); + } + + if (ret == 0 && + info->session_key_set == 1) { + /* generate AES-GCM session key. The key stored in + * Aes.ctx.tsip_keyIdx is not used here. + */ + ret = R_SCE_TLS_SessionKeyGenerate( + info->sce_cipher, + (uint32_t*)info->sce_masterSecret, + (uint8_t*) info->sce_clientRandom, + (uint8_t*) info->sce_serverRandom, + &iv[AESGCM_IMP_IV_SZ], /* use exp_IV */ + &key_client_mac, + &key_server_mac, + &key_client_aes, + &key_server_aes, + NULL, NULL); + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed"); + ret = -1; + } + + } else if (info->aes256_installedkey_set == 1) { + XMEMCPY(&key_client_aes, &info->sce_wrapped_key_aes256, + sizeof(sce_aes_wrapped_key_t)); + iv_l = iv; + ivSz_l = ivSz; + } + + if (ret == 0) { + + /* since generated session key is coupled to iv, no need to pass + * them init func. + */ + ret = initFn(&_handle, &key_client_aes, (uint8_t*)iv_l, ivSz_l); + + if (ret == FSP_SUCCESS) { + ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn, + authInSz); + } + if (ret == FSP_SUCCESS) { + ret = updateFn(&_handle, plainBuf, cipherBuf, sz, NULL, 0UL); + } + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG("R_SCE_AesXXXGcmEncryptUpdate: failed"); + ret = -1; + } + + if (ret == FSP_SUCCESS) { + /* Once R_SCE_AesxxxGcmEncryptInit or R_SCE_AesxxxEncryptUpdate is + * called, R_SCE_AesxxxGcmEncryptFinal must be called regardless of + * the result of the previous call. Otherwise, SCE can not come out + * from its error state and all the trailing APIs will fail. + */ + dataLen = 0; + ret = finalFn(&_handle, + cipherBuf + (sz / AES_BLOCK_SIZE) * AES_BLOCK_SIZE, + &dataLen, + aTagBuf); + + if (ret == FSP_SUCCESS) { + /* copy encrypted data to out */ + XMEMCPY(out, cipherBuf, dataLen); + + /* copy auth tag to caller's buffer */ + XMEMCPY((void*)authTag, (void*)aTagBuf, + min(authTagSz, SCE_AES_GCM_AUTH_TAG_SIZE )); + + } + else { + WOLFSSL_MSG("R_SCE_AesxxxGcmEncryptFinal: failed"); + ret = -1; + } + } + } + + XFREE(plainBuf, aes->heap, DYNAMIC_TYPE_AES); + XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES); + XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES); + + wc_sce_hw_unlock(); + + } + + return ret; +} +/* Perform Aes Gcm decryption by SCE + * + * aes The AES object. + * out Buffer to hold plaintext + * in Buffer to hold cipher text + * sz Length of cipher text/plaintext in bytes + * iv Buffer holding IV/nonce + * ivSz Length of IV/nonce in bytes + * authTag Buffer to hold authntication data + * authTagSz Length of authentication data in bytes + * ctx The Callback context + * return FSP_SUCCESS(0) on Success, otherwise negative value + */ +WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out, + const byte* in, word32 sz, + const byte* iv, word32 ivSz, + const byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz, + void* ctx) +{ + int ret; + sce_gcm_handle_t _handle; + uint32_t dataLen = sz; + User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx; + + aesGcmDecInitFn initFn; + aesGcmDecUpdateFn updateFn; + aesGcmDecFinalFn finalFn; + + uint8_t* cipherBuf = NULL; + uint8_t* plainBuf = NULL; + uint8_t* aTagBuf = NULL; + uint8_t delta; + const uint8_t* iv_l = NULL; + uint32_t ivSz_l = 0; + + sce_hmac_sha_wrapped_key_t key_client_mac; + sce_hmac_sha_wrapped_key_t key_server_mac; + sce_aes_wrapped_key_t key_client_aes; + sce_aes_wrapped_key_t key_server_aes; + + /* sanity check */ + if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) { + return BAD_FUNC_ARG; + } + + if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) { + WOLFSSL_MSG("GcmEncrypt authTagSz too small error"); + return BAD_FUNC_ARG; + } + + if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) { + WOLFSSL_MSG("keySize is invalid, neither 16 or 32."); + return BAD_FUNC_ARG; + } + + if (aes->ctx.keySize == 16) { + initFn = R_SCE_AES128GCM_DecryptInit; + updateFn = R_SCE_AES128GCM_DecryptUpdate; + finalFn = R_SCE_AES128GCM_DecryptFinal; + } + else { + initFn = R_SCE_AES256GCM_DecryptInit; + updateFn = R_SCE_AES256GCM_DecryptUpdate; + finalFn = R_SCE_AES256GCM_DecryptFinal; + } + + + if ((ret = wc_sce_hw_lock()) == 0) { + /* allocate buffers for plain-taxt, cipher-text, authTag and AAD. + * TSIP requests those buffers 32bit aligned. + */ + delta = sz % AES_BLOCK_SIZE; + cipherBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES); + plainBuf = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES); + aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap, + DYNAMIC_TYPE_AES); + + if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) { + ret = -1; + } + + if (ret == 0) { + XMEMSET((void*)plainBuf, 0, sz); + XMEMCPY(cipherBuf, in, sz); + XMEMCPY(aTagBuf, authTag, authTagSz); + } + + if (ret == 0 && + info->session_key_set == 1) { + /* generate AES-GCM session key. The key stored in + * Aes.ctx.tsip_keyIdx is not used here. + */ + ret = R_SCE_TLS_SessionKeyGenerate( + info->sce_cipher, + (uint32_t*)info->sce_masterSecret, + (uint8_t*) info->sce_clientRandom, + (uint8_t*) info->sce_serverRandom, + (uint8_t*)&iv[AESGCM_IMP_IV_SZ], /* use exp_IV */ + &key_client_mac, + &key_server_mac, + &key_client_aes, + &key_server_aes, + NULL, NULL); + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed"); + ret = -1; + } + } else if (info->aes256_installedkey_set == 1) { + XMEMCPY(&key_server_aes, &info->sce_wrapped_key_aes256, + sizeof(sce_aes_wrapped_key_t)); + iv_l = iv; + ivSz_l = ivSz; + } + + if (ret == 0) { + /* since key_index has iv and ivSz in it, no need to pass them init + * func. Pass NULL and 0 as 3rd and 4th parameter respectively. + */ + ret = initFn(&_handle, &key_server_aes, (uint8_t*)iv_l, ivSz_l); + + + if (ret == FSP_SUCCESS) { + /* pass only AAD and it's size before passing cipher text */ + ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn, + authInSz); + } + if (ret == FSP_SUCCESS) { + ret = updateFn(&_handle, cipherBuf, plainBuf, sz, NULL, 0UL); + } + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG("R_SCE_AesXXXGcmDecryptUpdate: failed in decrypt"); + ret = -1; + } + + if (ret == FSP_SUCCESS) { + dataLen = 0; + ret = finalFn(&_handle, + plainBuf + (sz / AES_BLOCK_SIZE) * AES_BLOCK_SIZE, + &dataLen, + aTagBuf, + min(16, authTagSz)); + + if (ret == FSP_SUCCESS) { + /* copy plain data to out */ + XMEMCPY(out, plainBuf, dataLen); + } + else { + WOLFSSL_MSG("R_SCE_AesXXXGcmDecryptFinal: failed"); + ret = -1; + } + } + } + + XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES); + XFREE(plainBuf, aes->heap, DYNAMIC_TYPE_AES); + XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES); + + wc_sce_hw_unlock(); + } + + return ret; +} +/* Perform Aes Cbc encryption by SCE + * + * aes The AES object. + * out Buffer to hold cipher text + * in Buffer to hold plain text + * sz Length of cipher text/plaintext in bytes + * return FSP_SUCCESS(0) on Success, otherwise negative value + */ +WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out, + const byte* in, word32 sz) +{ + sce_aes_handle_t _handle; + word32 ret; + word32 blocks = (sz / AES_BLOCK_SIZE); + uint32_t dataLength; + byte *iv; + + if ((in == NULL) || (out == NULL) || (aes == NULL)) + return BAD_FUNC_ARG; + + /* while doing TLS handshake, SCE driver keeps true-key and iv * + * on the device. iv is dummy */ + iv = (uint8_t*)aes->reg; + + if((ret = wc_sce_hw_lock()) != 0){ + WOLFSSL_MSG("Failed to lock"); + return ret; + } + + if (aes->ctx.keySize == 16) { + ret = R_SCE_AES128CBC_EncryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv); + } else if (aes->ctx.keySize == 32) { + ret = R_SCE_AES256CBC_EncryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv); + } else { + WOLFSSL_MSG("invalid key Size for SCE. Key size is neither 16 or 32."); + wc_sce_hw_unlock(); + return -1; + } + + while (ret == FSP_SUCCESS && blocks--) { + + if (aes->ctx.keySize == 16) + ret = R_SCE_AES128CBC_EncryptUpdate(&_handle, (uint8_t*)in, + (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE); + else + ret = R_SCE_AES256CBC_EncryptUpdate(&_handle, (uint8_t*)in, + (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE); + + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + } + + if (ret == FSP_SUCCESS) { + if (aes->ctx.keySize == 16) { + ret = R_SCE_AES128CBC_EncryptFinal(&_handle, out, &dataLength); + } else { + ret = R_SCE_AES256CBC_EncryptFinal(&_handle, out, &dataLength); + } + } else { + WOLFSSL_MSG("SCE AES CBC encryption failed"); + ret = -1; + } + + wc_sce_hw_unlock(); + return ret; +} +/* Perform Aes Cbc decryption by SCE + * + * aes The AES object. + * out Buffer to hold plain text + * in Buffer to hold cipher text + * sz Length of cipher text/plaintext in bytes + * return FSP_SUCCESS(0) on Success, otherwise negative value + */ +WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz) +{ + sce_aes_handle_t _handle; + word32 ret; + word32 blocks = (sz / AES_BLOCK_SIZE); + uint32_t dataLength; + byte *iv; + + if ((in == NULL) || (out == NULL) || (aes == NULL)) + return BAD_FUNC_ARG; + + iv = (uint8_t*)aes->reg; + + if((ret = wc_sce_hw_lock()) != 0){ + WOLFSSL_MSG("Failed to lock"); + return ret; + } + + if (aes->ctx.keySize == 16) { + ret = R_SCE_AES128CBC_DecryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv); + } else if (aes->ctx.keySize == 32) { + ret = R_SCE_AES256CBC_DecryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv); + } else { + wc_sce_hw_unlock(); + return -1; + } + + while (ret == FSP_SUCCESS && blocks--) { + + if (aes->ctx.keySize == 16) + ret = R_SCE_AES128CBC_DecryptUpdate(&_handle, (uint8_t*)in, + (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE); + else + ret = R_SCE_AES256CBC_DecryptUpdate(&_handle, (uint8_t*)in, + (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE); + + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + } + + if (ret == FSP_SUCCESS) { + if (aes->ctx.keySize == 16) + ret = R_SCE_AES128CBC_DecryptFinal(&_handle, out, &dataLength); + else + ret = R_SCE_AES256CBC_DecryptFinal(&_handle, out, &dataLength); + } else { + WOLFSSL_MSG("SCE AES CBC decryption failed"); + ret = -1; + } + + wc_sce_hw_unlock(); + return ret; +} + +#endif /* WOLFSSL_RENESAS_TSIP_CRYPT */ +#endif /* NO_AES */ diff --git a/wolfcrypt/src/port/Renesas/renesas_sce_sha.c b/wolfcrypt/src/port/Renesas/renesas_sce_sha.c new file mode 100644 index 000000000..a705e81eb --- /dev/null +++ b/wolfcrypt/src/port/Renesas/renesas_sce_sha.c @@ -0,0 +1,263 @@ +/* renesas_sce_sha.c + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +#include +#include + +#ifdef HAVE_CONFIG_H + #include +#endif +#include + +#if !defined(NO_SHA256) + +#include + +#if defined(WOLFSSL_RENESAS_SCEPROTECT) + +#include +#include + +/* Free up allocation for msg + * + * hash The SCE Hash object. + * no return value + */ +static void SCEHashFree(wolfssl_SCE_Hash* hash) +{ + if (hash == NULL) + return; + + if (hash->msg != NULL) { + XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER); + hash->msg = NULL; + } +} +/* Initialize Hash object + * + * hash The SCE Hash object. + * heap Buffer to hold heap if available + * devId device Id + * return 0 on success, BAD_FUNC_ARG when has is NULL + */ +static int SCEHashInit(wolfssl_SCE_Hash* hash, void* heap, int devId, + word32 sha_type) +{ + if (hash == NULL) { + return BAD_FUNC_ARG; + } + + (void)devId; + XMEMSET(hash, 0, sizeof(wolfssl_SCE_Hash)); + + hash->heap = heap; + hash->len = 0; + hash->used = 0; + hash->msg = NULL; + hash->sha_type = sha_type; + + return 0; +} + +/* Add data to msg(work buffer) for final hash operation + * + * hash The SCE Hash object. + * data Buffer to hold plain text for hash + * sz Length of data + * return 0 on success, otherwise MEMORY_E or BAD_FUNC_ARG on failure + */ +static int SCEHashUpdate(wolfssl_SCE_Hash* hash, const byte* data, word32 sz) +{ + if (hash == NULL || (sz > 0 && data == NULL)) { + return BAD_FUNC_ARG; + } + + if (hash->len < hash->used + sz) { + if (hash->msg == NULL) { + hash->msg = (byte*)XMALLOC(hash->used + sz, hash->heap, + DYNAMIC_TYPE_TMP_BUFFER); + } else { +#ifdef FREERTOS + byte* pt = (byte*)XMALLOC(hash->used + sz, hash->heap, + DYNAMIC_TYPE_TMP_BUFFER); + if (pt == NULL) { + return MEMORY_E; + } + XMEMCPY(pt, hash->msg, hash->used); + XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER); + hash->msg = NULL; + hash->msg = pt; +#else + byte* pt = (byte*)XREALLOC(hash->msg, hash->used + sz, hash->heap, + DYNAMIC_TYPE_TMP_BUFFER); + if (pt == NULL) { + return MEMORY_E; + } + hash->msg = pt; +#endif + } + if (hash->msg == NULL) { + return MEMORY_E; + } + hash->len = hash->used + sz; + } + XMEMCPY(hash->msg + hash->used, data , sz); + hash->used += sz; + + return 0; +} + +/* Perform hash operation using accumulated msg + * + * hash The SCE Hash object. + * out Buffer to hold hashed text + * outSz Length of out + * return FSP_SUCCESS(0) on success, + * otherwise BAD_FUNC_ARG or FSP Error code on failure + */ +static int SCEHashFinal(wolfssl_SCE_Hash* hash, byte* out, word32 outSz) +{ + int ret; + void* heap; + sce_sha_md5_handle_t handle; + uint32_t sz; + + fsp_err_t (*Init)(sce_sha_md5_handle_t*); + fsp_err_t (*Update)(sce_sha_md5_handle_t*, uint8_t*, uint32_t); + fsp_err_t (*Final )(sce_sha_md5_handle_t*, uint8_t*, uint32_t*); + + if (hash == NULL || out == NULL) { + return BAD_FUNC_ARG; + } + + if (hash->sha_type == SCE_SHA256) { + Init = R_SCE_SHA256_Init; + Update = R_SCE_SHA256_Update; + Final = R_SCE_SHA256_Final; + } else + return BAD_FUNC_ARG; + + heap = hash->heap; + + wc_sce_hw_lock(); + + if (Init(&handle) == FSP_SUCCESS) { + ret = Update(&handle, (uint8_t*)hash->msg, hash->used); + if (ret == FSP_SUCCESS) { + ret = Final(&handle, out, (uint32_t*)&sz); + if (ret != FSP_SUCCESS || sz != outSz) { + return ret; + } + } + } + wc_sce_hw_unlock(); + + SCEHashFree(hash); + return SCEHashInit(hash, heap, 0, hash->sha_type); +} +/* Hash operation to message and return a result */ +static int SCEHashGet(wolfssl_SCE_Hash* hash, byte* out, word32 outSz) +{ + int ret; + sce_sha_md5_handle_t handle; + uint32_t sz; + + fsp_err_t (*Init)(sce_sha_md5_handle_t*); + fsp_err_t (*Update)(sce_sha_md5_handle_t*, uint8_t*, uint32_t); + fsp_err_t (*Final )(sce_sha_md5_handle_t*, uint8_t*, uint32_t*); + + if (hash == NULL || out == NULL) { + return BAD_FUNC_ARG; + } + + if (hash->sha_type == SCE_SHA256) { + Init = R_SCE_SHA256_Init; + Update = R_SCE_SHA256_Update; + Final = R_SCE_SHA256_Final; + } else + return BAD_FUNC_ARG; + + wc_sce_hw_lock(); + + if (Init(&handle) == FSP_SUCCESS) { + ret = Update(&handle, (uint8_t*)hash->msg, hash->used); + if (ret == FSP_SUCCESS) { + ret = Final(&handle, out, &sz); + if (ret != FSP_SUCCESS || sz != outSz) { + return ret; + } + } + } + + wc_sce_hw_unlock(); + + return 0; +} +/* copy hash result from src to dst */ +static int SCEHashCopy(wolfssl_SCE_Hash* src, wolfssl_SCE_Hash* dst) +{ + if (src == NULL || dst == NULL) { + return BAD_FUNC_ARG; + } + + XMEMCPY(dst, src, sizeof(wolfssl_SCE_Hash)); + + if (src->len > 0 && src->msg != NULL) { + dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER); + if (dst->msg == NULL) { + return MEMORY_E; + } + XMEMCPY(dst->msg, src->msg, src->len); + } + + return 0; +} + +#if !defined(NO_SHA256) +#include + +/* wrapper for wc_InitSha256_ex */ +int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId) +{ + return SCEHashInit(sha, heap, devId, SCE_SHA256); +} +/* wrapper for wc_Sha256Update */ +int wc_Sha256Update(wc_Sha256* sha, const byte* in, word32 sz) +{ + return SCEHashUpdate(sha, in, sz); +} +/* wrapper for wc_Sha256Final */ +int wc_Sha256Final(wc_Sha256* sha, byte* hash) +{ + return SCEHashFinal(sha, hash, WC_SHA256_DIGEST_SIZE); +} +/* wrapper for wc_Sha256GetHash */ +int wc_Sha256GetHash(wc_Sha256* sha, byte* hash) +{ + return SCEHashGet(sha, hash, WC_SHA256_DIGEST_SIZE); +} +/* wrapper for wc_Sha256Copy */ +int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst) +{ + return SCEHashCopy(src, dst); +} +#endif /* !NO_SHA256 */ +#endif /* WOLFSSL_RENESAS_SCEPROTECT */ +#endif /* #if !defined(NO_SHA) || !defined(NO_SHA256) */ diff --git a/wolfcrypt/src/port/Renesas/renesas_sce_util.c b/wolfcrypt/src/port/Renesas/renesas_sce_util.c new file mode 100644 index 000000000..f494924a2 --- /dev/null +++ b/wolfcrypt/src/port/Renesas/renesas_sce_util.c @@ -0,0 +1,1112 @@ +/* renesas_sce_util.c + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +#include + +#if defined(WOLFSSL_RENESAS_SCEPROTECT) + +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include + +#if defined(DEBUG_PK_CB) + #define WOLFSSL_PKMSG(_f_, ...) printf(_f_, ##__VA_ARGS__) +#else + #define WOLFSSL_PKMSG(_f_, ...) +#endif + +#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC) +WOLFSSL_GLOBAL SCE_PKCbInfo gSCE_PKCbInfo; +#endif + +/* expect to have these variables defined at user application */ +extern sce_instance_ctrl_t sce_ctrl; +extern sce_cfg_t sce_cfg; + +static const byte* ca_cert_sig; +static sce_key_data g_user_key_info; + +static uint32_t g_encrypted_publicCA_key[HW_SCE_SINST_WORD_SIZE]; +uint32_t g_CAscm_Idx; /* index of CM table */ +wolfSSL_Mutex sce_mutex; +static int sce_CryptHwMutexInit_ = 0; +static uint32_t sce_sess_idx = 0; + +/* Mutex Init */ +static int sce_CryptHwMutexInit(wolfSSL_Mutex* mutex) +{ + return wc_InitMutex(mutex); +} +/* Mutex Lock */ +static int sce_CryptHwMutexLock(wolfSSL_Mutex* mutex) +{ + return wc_LockMutex(mutex); +} +/* Mutex Unlock */ +static int sce_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) +{ + return wc_UnLockMutex(mutex); +} + +/* +* lock hw engine +* this should be called before using engine. +*/ +WOLFSSL_LOCAL int wc_sce_hw_lock() +{ + int ret = 0; + + if(sce_CryptHwMutexInit_ == 0){ + + ret = sce_CryptHwMutexInit(&sce_mutex); + + if(ret == 0) { + sce_CryptHwMutexInit_ = 1; + } else { + WOLFSSL_MSG(" mutex initialization failed."); + return -1; + } + } + if(sce_CryptHwMutexLock(&sce_mutex) != 0) { + /* this should not happens */ + return -1; + } + + return ret; +} + +/* +* release hw engine +*/ +WOLFSSL_LOCAL void wc_sce_hw_unlock( void ) +{ + sce_CryptHwMutexUnLock(&sce_mutex); +} + +/* Open sce driver for use */ +WOLFSSL_LOCAL int wc_sce_Open() +{ + WOLFSSL_ENTER("wc_sce_Open"); + int ret; + if ((ret = wc_sce_hw_lock()) == 0) { + + ret = R_SCE_Open(&sce_ctrl, &sce_cfg); + + if( ret != FSP_SUCCESS ) { + WOLFSSL_MSG("RENESAS SCE Open failed"); + } + if( ret == FSP_SUCCESS && g_user_key_info.encrypted_user_tls_key ){ + + ret = R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall( + g_user_key_info.encrypted_provisioning_key, + g_user_key_info.iv, + g_user_key_info.encrypted_user_tls_key, + &g_user_key_info.user_rsa2048_tls_wrappedkey); /* OUT */ + + /* init vars */ + g_CAscm_Idx = (uint32_t)-1; + + } else { + WOLFSSL_MSG("Failed to lock sce hw \n"); + } + + } + + /* unlock hw */ + wc_sce_hw_unlock(); + + WOLFSSL_LEAVE("wc_sce_Open", ret); + return ret; +} + +/* close SCE driver */ +WOLFSSL_LOCAL void wc_sce_Close() +{ + WOLFSSL_ENTER("sce Close"); + int ret; + + if ((ret = wc_sce_hw_lock()) == 0) { + /* close SCE */ + ret = R_SCE_Close(&sce_ctrl); + + /* unlock hw */ + wc_sce_hw_unlock(); + if( ret != FSP_SUCCESS ) { + WOLFSSL_MSG("RENESAS SCE Close failed"); + } + } else { + WOLFSSL_MSG("Failed to unlock sce hw \n"); + } +} + +#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC) +/* Verify Server Key Exchange while doing ECDH key exchange */ +static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig, + uint32_t sigSz, void* ctx) +{ + int ret = WOLFSSL_FAILURE; + User_SCEPKCbInfo* cbInfo; + byte qx[MAX_ECC_BYTES], qy[MAX_ECC_BYTES]; + byte *peerkey = NULL; + + word32 qxLen = sizeof(qx), qyLen = sizeof(qy); + (void) sigSz; + + /* sanity check */ + if (ssl == NULL || sig == NULL || ctx == NULL) + return ret; + + cbInfo = (User_SCEPKCbInfo*)ctx; + + /* export public peer public key */ + ret = wc_ecc_export_public_raw(ssl->peerEccKey, qx, &qxLen, qy, &qyLen); + WOLFSSL_PKMSG("qxLen %d qyLen %d\n", qxLen, qyLen); + if (ret != 0){ + WOLFSSL_MSG("failed to export peer ecc key"); + return ret; + } + /* make peer ecc key data for SCE */ + /* 0padding(24bit) || 04(8bit) || Qx(256bit) || Qy(256bit) */ + peerkey = (byte*)XMALLOC((3 + 1 + qxLen + qyLen), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (peerkey == NULL) { + WOLFSSL_MSG("failed to malloc ecc key"); + return WOLFSSL_FAILURE; + } + + XMEMSET(peerkey, 0, (3 + 1 + qxLen + qyLen)); + peerkey[3] = ECC_POINT_UNCOMP; + XMEMCPY(&peerkey[4], qx, qxLen); + XMEMCPY(&peerkey[4+qxLen], qy, qyLen); + + /* 0 : RSA 2048bit, 1 : Reserved, 2 : ECDSA P-256 */ + ret = R_SCE_TLS_ServerKeyExchangeVerify( + type, + (uint8_t*) ssl->arrays->clientRandom, + (uint8_t*) ssl->arrays->serverRandom, + (uint8_t*) peerkey, + (uint8_t*) sig, + (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex, + (uint32_t*)cbInfo->encrypted_ephemeral_ecdh_public_key); + + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify"); + cbInfo->pk_key_set = 0; + } else { + ret = WOLFSSL_SUCCESS; + cbInfo->pk_key_set = 1; + } + + XFREE(peerkey, 0, DYNAMIC_TYPE_TMP_BUFFER); + return ret; +} +/* Callback for Rsa Verify */ +WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz, + uint8_t** out, const byte* key, uint32_t keySz, void* ctx) +{ + int ret = WOLFSSL_FAILURE; + (void) out; + (void) key; + (void) keySz; + + WOLFSSL_PKMSG("SCE RSA Verify: sigSz %d, keySz %d\n", sigSz, keySz); + + if (wc_sce_usable(ssl, 0)) + ret = SCE_ServerKeyExVerify(0, ssl, sig, sigSz, ctx); + else + ret = CRYPTOCB_UNAVAILABLE; + + if (ret == WOLFSSL_SUCCESS) + ret = 0; /* 0 for success */ + + WOLFSSL_PKMSG("SCE RSA Verify: ret %d\n", ret); + + return ret; +} +/* Callback for Ecc Verify */ +WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig, + uint32_t sigSz, const uint8_t* hash, uint32_t hashSz, + const uint8_t* key, uint32_t keySz, int* result, void* ctx) +{ + int ret = WOLFSSL_FAILURE; + uint8_t *sigforSCE; + uint8_t *pSig; + const byte rs_size = HW_SCE_ECDSA_DATA_BYTE_SIZE/2; + byte offset = 0x3; + (void) sigSz; + (void) hash; + (void) hashSz; + (void) key; + (void) keySz; + + sigforSCE = NULL; + pSig = NULL; + + WOLFSSL_PKMSG("SCE ECC Verify: ssl->options.serverState = %d sigSz %d, hashSz %d, keySz %d\n", + ssl->options.serverState, sigSz, hashSz, keySz); + + if (!wc_sce_usable(ssl, 0)) { + WOLFSSL_PKMSG("Cannot handle cipher suite by SCE"); + return CRYPTOCB_UNAVAILABLE; + } + + if ((sigforSCE = (uint8_t*)XMALLOC(HW_SCE_ECDSA_DATA_BYTE_SIZE, NULL, + DYNAMIC_TYPE_TEMP)) == NULL){ + WOLFSSL_MSG("failed to malloc memory"); + return MEMORY_E; + } + /* initialization */ + XMEMCPY(sigforSCE, 0, HW_SCE_ECDSA_DATA_BYTE_SIZE); + + /* r */ + if (sig[offset] == 0x20) { + XMEMCPY(sigforSCE, &sig[offset+1], rs_size); + + offset = 0x25; + /* s */ + if (sig[offset] == 0x20) { + XMEMCPY(&sigforSCE[rs_size], &sig[offset+1], rs_size); + } else { + XMEMCPY(&sigforSCE[rs_size], &sig[offset+2], rs_size); + } + } else { + XMEMCPY(sigforSCE, &sig[offset+2], rs_size); + + offset = 0x26; + /* s */ + if (sig[offset] == rs_size) { + XMEMCPY(&sigforSCE[rs_size], &sig[offset+1], rs_size); + } else { + XMEMCPY(&sigforSCE[rs_size], &sig[offset+2], rs_size); + } + } + + pSig = sigforSCE; + + ret = SCE_ServerKeyExVerify(2, ssl, pSig, 64, ctx); + + if (ret == WOLFSSL_SUCCESS) { + *result = 1; + ret = 0; /* for success */ + } else + *result = 0; + + WOLFSSL_PKMSG("SCE ECC Verify: ret %d, result %d\n", ret, *result); + + return ret; +} +/* Callback for ECC shared secret */ +WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey, + uint8_t* pubKeyDer, unsigned int* pubKeySz, + uint8_t* out, unsigned int* outlen, int side, void* ctx) +{ + int ret; + (void) otherKey; + (void) side; + + User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx; + + (void)ssl; + (void)cbInfo; + + /* sanity check */ + if (ssl == NULL || pubKeyDer == NULL || pubKeySz == NULL || + out == NULL || outlen == NULL || ctx == NULL) + return WOLFSSL_FAILURE; + + WOLFSSL_PKMSG("PK ECC PMS: Side %s, Peer Curve %d\n", + side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id); + + if (cbInfo->pk_key_set == 1) { + /* Generate ECC PUblic key pair */ + ret = R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate( + &cbInfo->ecc_p256_wrapped_key, + (uint8_t*)&cbInfo->ecc_ecdh_public_key/* Qx 32 bytes and Qy 32 bytes*/ ); + if (ret != FSP_SUCCESS) { + WOLFSSL_PKMSG("Failed secp256r1_EphemeralWrappedKeyPairGenerate %d\n", ret); + return ret; + } + + /* copy generated ecdh public key inot buffer */ + pubKeyDer[0] = ECC_POINT_UNCOMP; + *pubKeySz = 1 + sizeof(cbInfo->ecc_ecdh_public_key); + XMEMCPY(&pubKeyDer[1], &cbInfo->ecc_ecdh_public_key, + sizeof(cbInfo->ecc_ecdh_public_key)); + + /* Generate Premaster Secret */ + ret = R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1( + (uint32_t*)&cbInfo->encrypted_ephemeral_ecdh_public_key, + &cbInfo->ecc_p256_wrapped_key, + (uint32_t*)out/* pre-master secret 64 bytes */); + if (ret != FSP_SUCCESS) { + WOLFSSL_PKMSG("Failed PreMasterSecretGenerateForECC_secp256r1 %d\n", ret); + return ret; + } else { + /* set master secret generation callback for use */ + wolfSSL_CTX_SetGenMasterSecretCb(ssl->ctx, Renesas_cmn_genMasterSecret); + wolfSSL_SetGenMasterSecretCtx(ssl, cbInfo); + + } + *outlen = 64; + WOLFSSL_PKMSG("PK ECC PMS: ret %d, PubKeySz %d, OutLen %d\n", ret, *pubKeySz, *outlen); + } + + return ret; +} +#endif +/* Return tls cipher suite enumuration that is supported by SCE library */ +static uint32_t GetSceCipherSuite( + uint8_t cipherSuiteFirst, + uint8_t cipherSuite) +{ + WOLFSSL_ENTER("GetSceCipherSuite"); + uint32_t sceCipher; + + if(cipherSuiteFirst == CIPHER_BYTE ) + { + switch(cipherSuite){ + case TLS_RSA_WITH_AES_128_CBC_SHA256: + sceCipher = SCE_TLS_RSA_WITH_AES_128_CBC_SHA256; + break; + + case TLS_RSA_WITH_AES_256_CBC_SHA256: + sceCipher = SCE_TLS_RSA_WITH_AES_256_CBC_SHA256; + break; + + default: + sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE; + break; + } + WOLFSSL_MSG( "<< GetSceCipherSuite"); + return sceCipher; + } + else if( cipherSuiteFirst == ECC_BYTE ) + { + sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE; + /* comment out until implementation completes */ + switch(cipherSuite){ + + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + sceCipher = SCE_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256; + break; + + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + sceCipher = SCE_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256; + break; + + case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + sceCipher = SCE_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256; + break; + + case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + sceCipher = SCE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256; + break; + + default: + sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE; + break; + } + } + else{ + sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE; + } + + WOLFSSL_MSG( "<< GetSceCipherSuite" ); + + return sceCipher; +} +/* check if sce tls functions can be used for the cipher */ +/* */ +/* ssl : a pointer to WOLFSSL object */ +/* session_key_generated : if session key has been generated */ +/* return 1 for usable, 0 for unusable */ +WOLFSSL_LOCAL int wc_sce_usable(const struct WOLFSSL *ssl, + uint8_t session_key_generated) +{ + WOLFSSL_ENTER("sce_usable"); + byte Scecipher; + byte side; + const Ciphers *enc; + const Ciphers *dec; + + /* sanity check */ + if (ssl == NULL) + return BAD_FUNC_ARG; + + /* when rsa key index == NULL, SCE isn't used for cert verification. */ + /* in the case, we cannot use TSIP. */ + if (!ssl->peerSceTsipEncRsaKeyIndex) + return 0; + + /* when enabled Extended Master Secret, we cannot use SCE. */ + if (ssl->options.haveEMS) + return 0; + + /* when session_key_generated is set as 1, expects to be created */ + /* session key already. */ + if (session_key_generated) { + enc = &ssl->encrypt; + dec = &ssl->decrypt; + if (enc == NULL || dec == NULL) { + /* something wrong */ + return 0; + } + if (enc->aes == NULL || dec->aes == NULL) { + return 0; + } + if (enc->aes->ctx.setup == 0) { + /* session key for SCE is not created */ + return 0; + } + } + /* retrieve cipher suite if SCE supports */ + Scecipher = GetSceCipherSuite(ssl->options.cipherSuite0, + ssl->options.cipherSuite); + side = ssl->options.side; + + if (Scecipher != WOLFSSL_SCE_ILLEGAL_CIPHERSUITE && side == WOLFSSL_CLIENT_END) + return 1; + else + return 0; +} + +/* Generate Hmac by sha256*/ +WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const struct WOLFSSL *ssl,const uint8_t* myInner, + uint32_t innerSz,const uint8_t* in, uint32_t sz, byte* digest) +{ + WOLFSSL_ENTER("sce_Sha256HmacGenerate"); + + sce_hmac_sha_handle_t _handle; + sce_hmac_sha_wrapped_key_t wrapped_key; + int ret; + + if ((ssl == NULL) || (myInner == NULL) || (in == NULL) || + (digest == NULL)) + return BAD_FUNC_ARG; + + wrapped_key = ssl->keys.sce_client_write_MAC_secret; + + if ((ret = wc_sce_hw_lock()) != 0) { + WOLFSSL_MSG("hw lock failed\n"); + return ret; + } + + ret = R_SCE_SHA256HMAC_GenerateInit( + &_handle, + &wrapped_key); + + if (ret == FSP_SUCCESS) + ret = R_SCE_SHA256HMAC_GenerateUpdate( + &_handle, + (uint8_t*)myInner, + innerSz); + + if (ret == FSP_SUCCESS) + ret = R_SCE_SHA256HMAC_GenerateUpdate( + &_handle, + (uint8_t*)in, + sz); + + if (ret == FSP_SUCCESS) + ret = R_SCE_SHA256HMAC_GenerateFinal( + &_handle, + digest); + + if (ret != FSP_SUCCESS) + ret = WOLFSSL_FAILURE; + + /* unlock hw */ + wc_sce_hw_unlock(); + WOLFSSL_LEAVE("sce_Sha256HmacGenerate", ret); + return ret; +} + +/* Verify hmac */ +WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(const struct WOLFSSL *ssl, + const uint8_t* message, uint32_t messageSz, + uint32_t macSz, uint32_t content) +{ + WOLFSSL_ENTER("sce_Sha256HmacVerify"); + + sce_hmac_sha_handle_t _handle; + sce_hmac_sha_wrapped_key_t wrapped_key; + byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ]; + int ret; + + if ((ssl == NULL) || (message == NULL)) + return BAD_FUNC_ARG; + + wrapped_key = ssl->keys.sce_server_write_MAC_secret; + + if ((ret = wc_sce_hw_lock()) != 0) { + WOLFSSL_MSG("hw lock failed\n"); + return ret; + } + + wolfSSL_SetTlsHmacInner((struct WOLFSSL*)ssl, myInner, + messageSz, content, 1); + + ret = R_SCE_SHA256HMAC_VerifyInit( + &_handle, + &wrapped_key); + + if (ret == FSP_SUCCESS) + ret = R_SCE_SHA256HMAC_VerifyUpdate( + &_handle, + (uint8_t*)myInner, + WOLFSSL_TLS_HMAC_INNER_SZ); + + if (ret == FSP_SUCCESS) + ret = R_SCE_SHA256HMAC_VerifyUpdate( + &_handle, + (uint8_t*)message, + (uint32_t)messageSz); + + if (ret == FSP_SUCCESS) + ret = R_SCE_SHA256HMAC_VerifyFinal( + &_handle, + (uint8_t*)(message+messageSz), + (uint32_t)macSz); + + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG("SCE Mac verification failed"); + } + + /* unlock hw */ + wc_sce_hw_unlock(); + WOLFSSL_LEAVE("sce_Sha256HmacVerify", ret); + return ret; +} + +/* generate Verify Data based on master secret */ +WOLFSSL_LOCAL int wc_sce_generateVerifyData(const uint8_t *ms, /* master secret */ + const uint8_t *side, const uint8_t *handshake_hash, + uint8_t *hashes /* out */) +{ + WOLFSSL_ENTER("sce_generateVerifyData"); + int ret ; + uint32_t l_side = SCE_TLS_GENERATE_CLIENT_VERIFY; + + if ((ms == NULL) || (side == NULL) || (handshake_hash == NULL) || + (hashes == NULL)) + return BAD_FUNC_ARG; + + if (XSTRNCMP((const char*)side, (const char*)tls_server, FINISHED_LABEL_SZ) + == 0) + { + l_side = SCE_TLS_GENERATE_SERVER_VERIFY; + } + + if ((ret = wc_sce_hw_lock()) == 0) { + ret = R_SCE_TLS_VerifyDataGenerate(l_side, (uint32_t*)ms, + (uint8_t*)handshake_hash, hashes/* out */); + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG("R_SCE_TLS_VerifyDataGenerate failed\n"); + } + } + /* unlock hw */ + wc_sce_hw_unlock(); + WOLFSSL_LEAVE("sce_generateVerifyData", ret); + return ret; +} + +/* generate keys for TLS communication */ +WOLFSSL_LOCAL int wc_sce_generateSeesionKey(struct WOLFSSL *ssl, + User_SCEPKCbInfo* cbInfo, int devId) +{ + WOLFSSL_MSG("sce_generateSeesionKey()"); + int ret; + Ciphers *enc; + Ciphers *dec; + sce_hmac_sha_wrapped_key_t key_client_mac; + sce_hmac_sha_wrapped_key_t key_server_mac; + sce_aes_wrapped_key_t key_client_aes; + sce_aes_wrapped_key_t key_server_aes; + uint32_t sceCS = GetSceCipherSuite(ssl->options.cipherSuite0, + ssl->options.cipherSuite); + + if (ssl== NULL || cbInfo == NULL) + return BAD_FUNC_ARG; + + + if ((ret = wc_sce_hw_lock()) == 0) { + if (sceCS == TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 || + sceCS == TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) + { + WOLFSSL_MSG("Session key for AES-GCM generation skipped."); + + wolfSSL_KeepArrays(ssl); + ret = FSP_SUCCESS; + + } else { + ret = R_SCE_TLS_SessionKeyGenerate( + GetSceCipherSuite( + ssl->options.cipherSuite0, + ssl->options.cipherSuite), + (uint32_t*)ssl->arrays->sce_masterSecret, + (uint8_t*) ssl->arrays->clientRandom, + (uint8_t*) ssl->arrays->serverRandom, + NULL, + &key_client_mac, + &key_server_mac, + &key_client_aes, + &key_server_aes, + NULL, NULL); + } + + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed\n"); + } else { + /* succeeded creating session keys */ + /* alloc aes instance for both enc and dec */ + enc = &ssl->encrypt; + dec = &ssl->decrypt; + + if (enc) { + if (enc->aes == NULL) { + enc->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap, + DYNAMIC_TYPE_CIPHER); + if (enc->aes == NULL) + return MEMORY_E; + } + + XMEMSET(enc->aes, 0, sizeof(Aes)); + } + if (dec) { + if (dec->aes == NULL) { + dec->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap, + DYNAMIC_TYPE_CIPHER); + if (dec->aes == NULL) { + if (enc) { + XFREE(enc->aes, NULL, DYNAMIC_TYPE_CIPHER); + } + return MEMORY_E; + } + } + + XMEMSET(dec->aes, 0, sizeof(Aes)); + } + /* copy key index into aes */ + if (ssl->options.side == PROVISION_CLIENT) { + XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_client_aes, + sizeof(key_client_aes)); + XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_server_aes, + sizeof(key_server_aes)); + } else { + XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_server_aes, + sizeof(key_server_aes)); + XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_client_aes, + sizeof(key_client_aes)); + } + /* copy mac key index into keys */ + ssl->keys.sce_client_write_MAC_secret = key_client_mac; + ssl->keys.sce_server_write_MAC_secret = key_server_mac; + + /* set up key size and marked ready */ + if (enc){ + enc->aes->ctx.keySize = ssl->specs.key_size; + enc->aes->ctx.setup = 1; + /* ready for use */ + enc->setup = 1; + } + /* set up key size and marked ready */ + if (dec) { + dec->aes->ctx.keySize = ssl->specs.key_size; + dec->aes->ctx.setup = 1; + /* ready for use */ + dec->setup = 1; + } + + if (cbInfo->sce_cipher == SCE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 || + cbInfo->sce_cipher == SCE_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) { + enc->aes->nonceSz = AEAD_MAX_IMP_SZ; + dec->aes->nonceSz = AEAD_MAX_IMP_SZ; + } + enc->aes->devId = devId; + dec->aes->devId = devId; + + /* marked as session key is set */ + cbInfo->session_key_set = 1; + } + /* unlock hw */ + wc_sce_hw_unlock(); + } else + WOLFSSL_LEAVE("hw lock failed\n", ret); + + WOLFSSL_LEAVE("sce_generateSeesionKey", ret); + return ret; +} + +/* generate master secret based on pre-master which is generated by SCE */ +WOLFSSL_LOCAL int wc_sce_generateMasterSecret( + uint8_t cipherSuiteFirst, + uint8_t cipherSuite, + const uint8_t *pr, /* pre-master */ + const uint8_t *cr, /* client random */ + const uint8_t *sr, /* server random */ + uint8_t *ms) +{ + WOLFSSL_ENTER("sce_generateMasterSecretEx"); + int ret; + + if ((pr == NULL) || (cr == NULL) || (sr == NULL) || + (ms == NULL)) + return BAD_FUNC_ARG; + + uint32_t sceCS = GetSceCipherSuite(cipherSuiteFirst, cipherSuite); + if( sceCS == 0xffffffff) + return BAD_FUNC_ARG; + + if ((ret = wc_sce_hw_lock()) == 0) { + ret = R_SCE_TLS_MasterSecretGenerate( + sceCS, + (uint32_t*)pr, + (uint8_t*)cr, (uint8_t*)sr, (uint32_t*)ms); + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG("R_SCE_TLS_MasterSecretGenerate failed\n"); + } + /* unlock hw */ + wc_sce_hw_unlock(); + } else { + WOLFSSL_MSG(" hw lock failed "); + } + WOLFSSL_LEAVE("sce_generateMasterSecret", ret); + return ret; +} + +/* generate pre-Master secrete by SCE */ +WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(uint8_t *premaster, + uint32_t preSz) +{ + WOLFSSL_ENTER("sce_generatePremasterSecret"); + int ret; + + if (premaster == NULL) + return BAD_FUNC_ARG; + + if ((ret = wc_sce_hw_lock()) == 0 && preSz >= + (SCE_TLS_MASTER_SECRET_WORD_SIZE*4)) { + /* generate pre-master, 80 bytes */ + ret = R_SCE_TLS_PreMasterSecretGenerateForRSA2048((uint32_t*)premaster); + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG(" R_SCE_TLS_GeneratePreMasterSecret failed\n"); + } + /* unlock hw */ + wc_sce_hw_unlock(); + } else { + WOLFSSL_MSG(" hw lock failed or preSz is smaller than 80"); + } + + WOLFSSL_LEAVE("sce_generatePremasterSecret", ret); + return ret; +} + + +/* +* generate encrypted pre-Master secrete by SCE +*/ +WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret( + WOLFSSL* ssl, + uint8_t* out, + uint32_t* outSz) +{ + WOLFSSL_MSG("sce_generateEncryptPreMasterSecret"); + int ret; + + if ((ssl == NULL) || (out == NULL) || (outSz == NULL)) + return BAD_FUNC_ARG; + + if ((ret = wc_sce_hw_lock()) == 0) { + if (*outSz >= 256) + ret = R_SCE_TLS_PreMasterSecretEncryptWithRSA2048( + (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex, + (uint32_t*)ssl->arrays->preMasterSecret, + (uint8_t*)out); + else + ret = -1; + + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG("R_SCE_TLS_PreMasterSecretEncryptWithRSA2048 failed\n"); + } else { + *outSz = 256; /* SCE can only handles 2048 RSA */ + /* set GenMaster Callback for Master secret generation */ + void* ctx = wolfSSL_GetRsaVerifyCtx(ssl); + wolfSSL_CTX_SetGenMasterSecretCb(ssl->ctx, + Renesas_cmn_genMasterSecret); + wolfSSL_SetGenMasterSecretCtx(ssl, ctx); + } + wc_sce_hw_unlock(); + + } else { + WOLFSSL_MSG(" hw lock failed "); + } + WOLFSSL_LEAVE("sce_generateEncryptPreMasterSecret", ret); + return ret; +} + + +/* Certificate verification by SCE */ +WOLFSSL_LOCAL int wc_sce_tls_CertVerify( + const uint8_t* cert, uint32_t certSz, + const uint8_t* signature, uint32_t sigSz, + uint32_t key_n_start,uint32_t key_n_len, + uint32_t key_e_start,uint32_t key_e_len, + uint8_t* sce_encPublickey) +{ + WOLFSSL_ENTER("sce_tls_CertVerify"); + int ret; + uint8_t *sigforSCE; + uint8_t *pSig; + const byte rs_size = 0x20; + byte offset = 0x3; + (void)sigSz; + + sigforSCE = NULL; + pSig = NULL; + + if (cert == NULL) + return BAD_FUNC_ARG; + + if (!signature) { + WOLFSSL_MSG(" signature for ca verification is not set\n"); + return -1; + } + if (!sce_encPublickey) { + WOLFSSL_MSG(" sce_encPublickey is NULL.\n"); + return -1; + } + + if (g_user_key_info.encrypted_user_tls_key_type == + SCE_TLS_PUBLIC_KEY_TYPE_ECDSA_P256/*ECDSA*/) { + + if ((sigforSCE = (uint8_t*)XMALLOC(HW_SCE_ECDSA_DATA_BYTE_SIZE, NULL, + DYNAMIC_TYPE_TEMP)) == NULL){ + WOLFSSL_MSG("failed to malloc memory"); + return MEMORY_E; + } + /* initialization */ + XMEMCPY(sigforSCE, 0, HW_SCE_ECDSA_DATA_BYTE_SIZE); + + if (signature[offset] == 0x20) { + XMEMCPY(sigforSCE, &signature[offset+1], rs_size); + + offset = 0x25; + if (signature[offset] == 0x20) { + XMEMCPY(&sigforSCE[rs_size], &signature[offset+1], rs_size); + } else { + XMEMCPY(&sigforSCE[rs_size], &signature[offset+2], rs_size); + } + } else { + XMEMCPY(sigforSCE, &signature[offset+2], rs_size); + offset = 0x26; + + if (signature[offset] == rs_size) { + XMEMCPY(&sigforSCE[rs_size], &signature[offset+1], rs_size); + } else { + XMEMCPY(&sigforSCE[rs_size], &signature[offset+2], rs_size); + } + } + pSig = sigforSCE; + } else { + pSig = (uint8_t*)signature; + } + + + if ((ret = wc_sce_hw_lock()) == 0) { + ret = R_SCE_TLS_CertificateVerify( + g_user_key_info.encrypted_user_tls_key_type, + (uint32_t*)g_encrypted_publicCA_key,/* encrypted public key */ + (uint8_t*)cert, /* certificate der */ + certSz, /* length of der */ + (uint8_t*)pSig, /* sign data by RSA PSS */ + key_n_start, /* start position of public key n in bytes */ + (key_n_start + key_n_len), /* length of the public key n */ + key_e_start, /* start pos, key e in bytes */ + (key_e_start + key_e_len), /* length of the public key e */ + (uint32_t*)sce_encPublickey /* returned encrypted key */ + ); + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG(" R_TSIP_TlsCertificateVerification() failed"); + } + if (sigforSCE) { + XFREE(sigforSCE, NULL, DYNAMIC_TYPE_TEMP); + } + wc_sce_hw_unlock(); + } else { + WOLFSSL_MSG(" hw lock failed "); + } + WOLFSSL_LEAVE("sce_tls_CertVerify", ret); + return ret; +} + +/* Root Certificate verification */ +WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify( + const uint8_t* cert, uint32_t cert_len, + uint32_t key_n_start, uint32_t key_n_len, + uint32_t key_e_start, uint32_t key_e_len, + uint32_t cm_row) +{ + int ret; + /* call to generate encrypted public key for certificate verification */ + uint8_t *signature = (uint8_t*)ca_cert_sig; + + WOLFSSL_ENTER("wc_sce_tls_RootCertVerify"); + + if (cert == NULL) + return BAD_FUNC_ARG; + + if (!signature) { + WOLFSSL_MSG(" signature for ca verification is not set\n"); + return -1; + } + + if ((ret = wc_sce_hw_lock()) == 0) { + ret = R_SCE_TLS_RootCertificateVerify( + g_user_key_info.encrypted_user_tls_key_type, + (uint8_t*)cert, /* CA cert */ + (uint32_t)cert_len, /* length of CA cert */ + key_n_start, /* Byte position of public key */ + (key_n_start + key_n_len), + key_e_start, + (key_e_start + key_e_len), + (uint8_t*)ca_cert_sig, /* RSA 2048 PSS with SHA256 */ + g_encrypted_publicCA_key); /* RSA-2048 public key 560 bytes */ + /* ECDSA 96 bytes */ + if (ret != FSP_SUCCESS) { + WOLFSSL_MSG(" R_SCE_TLS_RootCertificateVerify() failed"); + } else { + g_CAscm_Idx = cm_row; + } + wc_sce_hw_unlock(); + } else { + WOLFSSL_MSG(" hw lock failed "); + } + WOLFSSL_LEAVE("wc_sce_tls_RootCertVerify", ret); + return ret; +} + +/* store elements for session key generation into ssl->keys. + * return 0 on success, negative value on failure + */ +WOLFSSL_LOCAL int wc_sce_storeKeyCtx(struct WOLFSSL* ssl, User_SCEPKCbInfo* info) +{ + int ret = 0; + + WOLFSSL_MSG(">> sce_storeKeyCtx"); + + if (ssl == NULL || info == NULL) + ret = BAD_FUNC_ARG; + + if (ret == 0) { + XMEMCPY(info->sce_masterSecret, ssl->arrays->sce_masterSecret, + SCE_TLS_MASTERSECRET_SIZE); + XMEMCPY(info->sce_clientRandom, ssl->arrays->clientRandom, 32); + XMEMCPY(info->sce_serverRandom, ssl->arrays->serverRandom, 32); + + info->sce_cipher = GetSceCipherSuite(ssl->options.cipherSuite0, + ssl->options.cipherSuite); + } + + return ret; +} + +/* to inform ca certificate sign */ +/* signature format expects RSA 2048 PSS with SHA256 */ +WOLFSSL_API void wc_sce_inform_cert_sign(const uint8_t *sign) +{ + if(sign) + ca_cert_sig = sign; +} + +/* let wolfSSL know user key information using TLS operation by SCE */ +WOLFSSL_API void wc_sce_inform_user_keys( + uint8_t* encrypted_provisioning_key, + uint8_t* iv, + uint8_t* encrypted_user_tls_key, + uint32_t encrypted_user_tls_key_type) +{ + WOLFSSL_ENTER("sce_inform_user_keys"); + g_user_key_info.encrypted_provisioning_key = NULL; + g_user_key_info.iv = NULL; + g_user_key_info.encrypted_user_tls_key = NULL; + + if ( encrypted_provisioning_key ) { + g_user_key_info.encrypted_provisioning_key = encrypted_provisioning_key; + } + if ( iv ) { + g_user_key_info.iv = iv; + } + if ( encrypted_user_tls_key ) { + g_user_key_info.encrypted_user_tls_key = encrypted_user_tls_key; + } + + g_user_key_info.encrypted_user_tls_key_type = encrypted_user_tls_key_type; + + /* set callback for ECC */ + WOLFSSL_MSG("sce_inform_user_keys_ex"); +} + + +/* Set callbacks needed for sce TLS api handling */ +WOLFSSL_API void wc_sce_set_callbacks(WOLFSSL_CTX* ctx) +{ + wolfSSL_CTX_SetEccVerifyCb(ctx, Renesas_cmn_EccVerify); + wolfSSL_CTX_SetRsaVerifyCb(ctx, Renesas_cmn_RsaVerify); + wolfSSL_CTX_SetGenPreMasterCb(ctx, Renesas_cmn_generatePremasterSecret); + wolfSSL_CTX_SetRsaEncCb(ctx, Renesas_cmn_RsaEnc); + wolfSSL_CTX_SetVerifyMacCb(ctx, Renesas_cmn_VerifyHmac); + + wolfSSL_CTX_SetEccSharedSecretCb(ctx, NULL); +} +/* Set callback contexts needed for sce TLS api handling */ +WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx) +{ + if (sce_sess_idx > MAX_SCE_CBINDEX) { + WOLFSSL_MSG("exceeds maximum session index"); + return -1; + } + gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx] = (User_SCEPKCbInfo*)user_ctx; + gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->pk_key_set = 0; + gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->session_key_set = 0; + + wolfSSL_SetEccVerifyCtx(ssl, user_ctx); + wolfSSL_SetRsaEncCtx(ssl, user_ctx); + wolfSSL_SetRsaVerifyCtx(ssl, user_ctx); + wolfSSL_SetGenPreMasterCtx(ssl, user_ctx); + wolfSSL_SetEccSharedSecretCtx(ssl, NULL); + wolfSSL_SetVerifyMacCtx(ssl, user_ctx); + + /* set up crypt callback */ + wc_CryptoCb_CryptInitRenesasCmn(ssl, user_ctx); + + gSCE_PKCbInfo.num_session = ++sce_sess_idx; + + return 0; +} + +#endif /* WOLFSSL_RENESAS_SCEPROTECT */ diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c index dbb50e8ba..fe5f8c90c 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c @@ -218,7 +218,7 @@ int tsip_useable(const struct WOLFSSL *ssl) /* when rsa key index == NULL, tsip isn't used for cert verification. */ /* in the case, we cannot use TSIP. */ - if (!ssl->peerTsipEncRsaKeyIndex) + if (!ssl->peerSceTsipEncRsaKeyIndex) return 0; /* when enabled Extended Master Secret, we cannot use TSIP. */ @@ -242,19 +242,7 @@ int tsip_useable(const struct WOLFSSL *ssl) return 0; } -/* check if the g_alreadyVerified CA's key can be used for * - * peer's certification */ -byte tsip_checkCA(word32 cmIdx) -{ - return (cmIdx == g_CAscm_Idx? 1:0); -} -/* check if the root CA has been verified by TSIP, * - * and it exists in the CM table. */ -byte tsip_rootCAverified( ) -{ - return (g_CAscm_Idx != (uint32_t)-1 ? 1:0); -} /* open TSIP driver for use */ int tsip_Open() @@ -820,14 +808,14 @@ int tsip_generateEncryptPreMasterSecret( #if (WOLFSSL_RENESAS_TSIP_VER>=109) ret = R_TSIP_TlsEncryptPreMasterSecretWithRsa2048PublicKey( - (uint32_t*)ssl->peerTsipEncRsaKeyIndex, + (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex, (uint32_t*)&ssl->arrays->preMasterSecret[VERSION_SZ], (uint8_t*)out); #elif (WOLFSSL_RENESAS_TSIP_VER>=106) ret = R_TSIP_TlsEncryptPreMasterSecret( - (uint32_t*)ssl->peerTsipEncRsaKeyIndex, + (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex, (uint32_t*)&ssl->arrays->preMasterSecret[VERSION_SZ], (uint8_t*)out); diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 253528b98..9d465159f 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -2488,7 +2488,32 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) } return ret; } +#elif defined(WOLFSSL_RENESAS_SCEPROTECT) + #include "r_sce.h" + + int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int ret; + word32 buffer[4]; + while (sz > 0) { + word32 len = sizeof(buffer); + + if (sz < len) { + len = sz; + } + /* return 4 words random number*/ + ret = R_SCE_RandomNumberGenerate(buffer); + if(ret == FSP_SUCCESS) { + XMEMCPY(output, &buffer, len); + output += len; + sz -= len; + } else + return ret; + } + return ret; + } + #elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_TRNG) #include "hal_data.h" diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index 60684f59d..c8350eec4 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -182,7 +182,9 @@ where 0 <= L < 2^64. (!defined(WOLFSSL_ESP32WROOM32_CRYPT) || defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)) && \ (!defined(WOLFSSL_RENESAS_TSIP_CRYPT) || defined(NO_WOLFSSL_RENESAS_TSIP_HASH)) && \ !defined(WOLFSSL_PSOC6_CRYPTO) && !defined(WOLFSSL_IMXRT_DCP) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \ - !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_SE050_HASH) + !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_SE050_HASH) && \ + (!defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) + static int InitSha256(wc_Sha256* sha256) @@ -743,6 +745,11 @@ static int InitSha256(wc_Sha256* sha256) /* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */ +#elif defined(WOLFSSL_RENESAS_SCEPROTECT) && \ + !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH) + + /* implemented in wolfcrypt/src/port/Renesas/renesas_sce_sha.c */ + #elif defined(WOLFSSL_PSOC6_CRYPTO) /* implemented in wolfcrypt/src/port/cypress/psoc6_crypto.c */ @@ -1640,7 +1647,10 @@ void wc_Sha256Free(wc_Sha256* sha256) #if (defined(WOLFSSL_AFALG_HASH) && defined(WOLFSSL_AFALG_HASH_KEEP)) || \ (defined(WOLFSSL_DEVCRYPTO_HASH) && defined(WOLFSSL_DEVCRYPTO_HASH_KEEP)) || \ (defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \ - !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) + !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) && \ + (defined(WOLFSSL_RENESAS_SCEPROTECT) && \ + !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) + if (sha256->msg != NULL) { XFREE(sha256->msg, sha256->heap, DYNAMIC_TYPE_TMP_BUFFER); sha256->msg = NULL; @@ -1739,6 +1749,12 @@ void wc_Sha256Free(wc_Sha256* sha256) !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) /* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */ + +#elif defined(WOLFSSL_RENESAS_SCEPROTECT) && \ + !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH) + + /* implemented in wolfcrypt/src/port/Renesas/renesas_sce_sha.c */ + #elif defined(WOLFSSL_PSOC6_CRYPTO) /* implemented in wolfcrypt/src/port/cypress/psoc6_crypto.c */ #elif defined(WOLFSSL_IMXRT_DCP) diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index 30de50f63..597b03e26 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -57,6 +57,9 @@ #if defined(WOLFSSL_RENESAS_TSIP) #include #endif +#if defined(WOLFSSL_RENESAS_SCE) + #include +#endif #if defined(WOLFSSL_STSAFEA100) #include #endif @@ -153,7 +156,17 @@ int wolfCrypt_Init(void) return ret; } #endif - + + #if defined(WOLFSSL_RENESAS_SCEPROTECT) + ret = wc_sce_Open( ); + if( ret != FSP_SUCCESS ) { + WOLFSSL_MSG("RENESAS SCE Open failed"); + /* not return 1 since WOLFSSL_SUCCESS=1*/ + ret = -1;/* FATAL ERROR */ + return ret; + } + #endif + #if defined(WOLFSSL_TRACK_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY) ret = InitMemoryTracker(); if (ret != 0) { @@ -353,9 +366,16 @@ int wolfCrypt_Cleanup(void) #ifdef WOLFSSL_ASYNC_CRYPT wolfAsync_HardwareStop(); #endif + + #ifdef WOLFSSL_RENESAS_SCEPROTECT + wc_sce_Close(); + #else + #ifdef WOLFSSL_SCE + WOLFSSL_SCE_GSCE_HANDLE.p_api->close(WOLFSSL_SCE_GSCE_HANDLE.p_ctrl); #endif + #endif #if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) || \ defined(WOLFSSL_IMX6_CAAM_BLOB) wc_caamFree(); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 6ce47db75..dab209a3b 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -1226,7 +1226,7 @@ initDefaultName(); test_pass("OPENSSL (EVP Sign/Verify) passed!\n"); #endif - + #ifdef HAVE_ECC PRIVATE_KEY_UNLOCK(); if ( (ret = ecc_test()) != 0) @@ -2316,7 +2316,7 @@ WOLFSSL_TEST_SUBROUTINE int sha_test(void) /* BEGIN LARGE HASH TEST */ { byte large_input[1024]; -#ifdef WOLFSSL_RENESAS_TSIP +#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT) const char* large_digest = "\x1d\x6a\x5a\xf6\xe5\x7c\x86\xce\x7f\x7c\xaf\xd5\xdb\x08\xcd\x59" "\x15\x8c\x6d\xb6"; @@ -2328,7 +2328,7 @@ WOLFSSL_TEST_SUBROUTINE int sha_test(void) for (i = 0; i < (int)sizeof(large_input); i++) { large_input[i] = (byte)(i & 0xFF); } -#ifdef WOLFSSL_RENESAS_TSIP +#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT) times = 20; #else times = 100; @@ -2706,7 +2706,7 @@ WOLFSSL_TEST_SUBROUTINE int sha256_test(void) /* BEGIN LARGE HASH TEST */ { byte large_input[1024]; -#ifdef WOLFSSL_RENESAS_TSIP_CRYPT +#if defined(WOLFSSL_RENESAS_TSIP_CRYPT) || defined(WOLFSSL_RENESAS_SCEPROTECT) const char* large_digest = "\xa4\x75\x9e\x7a\xa2\x03\x38\x32\x88\x66\xa2\xea\x17\xea\xf8\xc7" "\xfe\x4e\xc6\xbb\xe3\xbb\x71\xce\xe7\xdf\x7c\x04\x61\xb3\xc2\x2f"; @@ -2718,7 +2718,7 @@ WOLFSSL_TEST_SUBROUTINE int sha256_test(void) for (i = 0; i < (int)sizeof(large_input); i++) { large_input[i] = (byte)(i & 0xFF); } -#ifdef WOLFSSL_RENESAS_TSIP +#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT) times = 20; #else times = 100; @@ -22723,7 +22723,7 @@ static int ecc_exp_imp_test(ecc_key* key) #endif byte priv[32]; word32 privLen; - byte pub[65]; + byte pub[65*2]; word32 pubLen, pubLenX, pubLenY; const char qx[] = "7a4e287890a1a47ad3457e52f2f76a83" "ce46cbc947616d0cbaa82323818a793d"; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 15929010c..4ba923e39 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2256,6 +2256,11 @@ typedef struct Keys { tsip_hmac_sha_key_index_t tsip_server_write_MAC_secret; #endif +#ifdef WOLFSSL_RENESAS_SCEPROTECT + + sce_hmac_sha_wrapped_key_t sce_client_write_MAC_secret; + sce_hmac_sha_wrapped_key_t sce_server_write_MAC_secret; +#endif } Keys; @@ -3052,6 +3057,12 @@ struct WOLFSSL_CTX { CallbackRsaEnc RsaEncCb; /* User Rsa Public Encrypt handler */ CallbackRsaDec RsaDecCb; /* User Rsa Private Decrypt handler */ #endif /* NO_RSA */ + CallbackGenPreMaster GenPreMasterCb; /* Use generate pre-master handler */ + CallbackGenMasterSecret GenMasterCb; /* Use generate master secret handler */ + CallbackGenSessionKey GenSessionKeyCb; /* Use generate session key handler */ + CallbackEncryptKeys EncryptKeysCb;/* Use setting encrypt keys handler */ + CallbackTlsFinished TlsFinishedCb; /* Use Tls finished handler */ + CallbackVerifyMac VerifyMacCb; /* Use Verify mac handler */ #endif /* HAVE_PK_CALLBACKS */ #ifdef HAVE_WOLF_EVENT WOLF_EVENT_QUEUE event_queue; @@ -3756,6 +3767,9 @@ typedef struct Arrays { !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION) byte tsip_masterSecret[TSIP_TLS_MASTERSECRET_SIZE]; #endif +#if defined(WOLFSSL_RENESAS_SCEPROTECT) + byte sce_masterSecret[SCE_TLS_MASTERSECRET_SIZE]; +#endif #ifdef WOLFSSL_DTLS byte cookie[MAX_COOKIE_LEN]; byte cookieSz; @@ -4242,8 +4256,8 @@ struct WOLFSSL { #endif /* OPENSSL_EXTRA */ #ifndef NO_RSA RsaKey* peerRsaKey; -#ifdef WOLFSSL_RENESAS_TSIP_TLS - byte *peerTsipEncRsaKeyIndex; +#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) + byte* peerSceTsipEncRsaKeyIndex; #endif byte peerRsaKeyPresent; #endif @@ -4469,6 +4483,12 @@ struct WOLFSSL { void* RsaEncCtx; /* Rsa Public Encrypt Callback Context */ void* RsaDecCtx; /* Rsa Private Decrypt Callback Context */ #endif /* NO_RSA */ + void* GenPreMasterCtx; /* Generate Premaster Callback Context */ + void* GenMasterCtx; /* Generate Master Callback Context */ + void* GenSessionKeyCtx; /* Generate Sesssion Key Callback Context */ + void* EncryptKeysCtx; /* Set Encrypt keys Callback Context */ + void* TlsFinishedCtx; /* Generate Tls Finished Callback Context */ + void* VerifyMacCtx; /* Verify mac Callback Context */ #endif /* HAVE_PK_CALLBACKS */ #ifdef HAVE_SECRET_CALLBACK SessionSecretCb sessionSecretCb; diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 7aa05b977..38c7ce1da 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -3208,6 +3208,49 @@ WOLFSSL_API void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX*, CallbackRsaDec); WOLFSSL_API void wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx); WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl); #endif + +/* Protocol Callback */ +typedef int (*CallbackGenMasterSecret)(WOLFSSL* ssl, void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetGenMasterSecretCb(WOLFSSL_CTX*, + CallbackGenMasterSecret); +WOLFSSL_API void wolfSSL_SetGenMasterSecretCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetGenMasterSecretCtx(WOLFSSL* ssl); + +typedef int (*CallbackGenPreMaster)(WOLFSSL* ssl, byte *premaster, + word32 preSz, void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetGenPreMasterCb(WOLFSSL_CTX*, + CallbackGenPreMaster); +WOLFSSL_API void wolfSSL_SetGenPreMasterCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetGenPreMasterCtx(WOLFSSL* ssl); + +typedef int (*CallbackGenSessionKey)(WOLFSSL* ssl, void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetGenSessionKeyCb(WOLFSSL_CTX*, + CallbackGenSessionKey); +WOLFSSL_API void wolfSSL_SetGenSessionKeyCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetGenSessionKeyCtx(WOLFSSL* ssl); + +typedef int (*CallbackEncryptKeys)(WOLFSSL* ssl, void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetEncryptKeysCb(WOLFSSL_CTX*, + CallbackEncryptKeys); +WOLFSSL_API void wolfSSL_SetEncryptKeysCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetEncryptKeysCtx(WOLFSSL* ssl); + +typedef int (*CallbackTlsFinished)(WOLFSSL* ssl, + const byte *side, + const byte *handshake_hash, + byte *hashes, void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetTlsFinishedCb(WOLFSSL_CTX*, CallbackTlsFinished); +WOLFSSL_API void wolfSSL_SetTlsFinishedCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetTlsFinishedCtx(WOLFSSL* ssl); + +#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) +typedef int (*CallbackVerifyMac)(WOLFSSL *ssl, const byte* message, + word32 messageSz, word32 macSz, word32 content, void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetVerifyMacCb(WOLFSSL_CTX*, CallbackVerifyMac); +WOLFSSL_API void wolfSSL_SetVerifyMacCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetVerifyMacCtx(WOLFSSL* ssl); +#endif + #endif /* HAVE_PK_CALLBACKS */ #ifndef NO_CERTS diff --git a/wolfssl/test.h b/wolfssl/test.h index 3b726afbb..8f11dbc9e 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -4606,6 +4606,118 @@ static WC_INLINE int myRsaDec(WOLFSSL* ssl, byte* in, word32 inSz, #endif /* NO_RSA */ +static WC_INLINE int myGenMaster(WOLFSSL* ssl, void* ctx) +{ + int ret; + PkCbInfo* cbInfo = (PkCbInfo*)ctx; + + (void)ssl; + (void)cbInfo; + + WOLFSSL_PKMSG("Gen Master"); + /* fall through to original routine */ + ret = PROTOCOLCB_UNAVAILABLE; + WOLFSSL_PKMSG("Gen Master: ret %d\n", ret); + + return ret; +} + +static WC_INLINE int myGenPreMaster(WOLFSSL* ssl, byte *premaster, + word32 preSz, void* ctx) +{ + int ret; + PkCbInfo* cbInfo = (PkCbInfo*)ctx; + + (void) ssl; + (void) cbInfo; + (void) premaster; + (void) preSz; + + WOLFSSL_PKMSG("Gen Pre-Master Cb"); + /* fall through to original routine */ + ret = PROTOCOLCB_UNAVAILABLE; + WOLFSSL_PKMSG("Gen Pre-Master Cb: ret %d\n", ret); + + return ret; +} + +static WC_INLINE int myGenSessionKey(WOLFSSL* ssl, void* ctx) +{ + int ret; + PkCbInfo* cbInfo = (PkCbInfo*)ctx; + + (void)ssl; + (void)cbInfo; + + WOLFSSL_PKMSG("Gen Master Cb"); + /* fall through to original routine */ + ret = PROTOCOLCB_UNAVAILABLE; + WOLFSSL_PKMSG("Gen Master Cb: ret %d\n", ret); + + return ret; +} + +static WC_INLINE int mySetEncryptKeys(WOLFSSL* ssl, void* ctx) +{ + int ret; + PkCbInfo* cbInfo = (PkCbInfo*)ctx; + + (void)ssl; + (void)cbInfo; + + WOLFSSL_PKMSG("Set Encrypt Keys Cb"); + /* fall through to original routine */ + ret = PROTOCOLCB_UNAVAILABLE; + WOLFSSL_PKMSG("Set Encrypt Keys Cb: ret %d\n", ret); + + return ret; +} + +#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) +static WC_INLINE int myVerifyMac(WOLFSSL *ssl, const byte* message, + word32 messageSz, word32 macSz, word32 content, void* ctx) +{ + int ret; + PkCbInfo* cbInfo = (PkCbInfo*)ctx; + + (void)ssl; + (void)message; + (void)messageSz; + (void)macSz; + (void)content; + (void)cbInfo; + + WOLFSSL_PKMSG("Verify Mac Cb"); + /* fall through to original routine */ + ret = PROTOCOLCB_UNAVAILABLE; + WOLFSSL_PKMSG("Verify Mac Cb: ret %d\n", ret); + + return ret; +} +#endif + +static WC_INLINE int myTlsFinished(WOLFSSL* ssl, + const byte *side, + const byte *handshake_hash, + byte *hashes, void* ctx) +{ + int ret; + PkCbInfo* cbInfo = (PkCbInfo*)ctx; + + (void)ssl; + (void)cbInfo; + (void)side; + (void)handshake_hash; + (void)hashes; + + WOLFSSL_PKMSG("Tls Finished Cb"); + /* fall through to original routine */ + ret = PROTOCOLCB_UNAVAILABLE; + WOLFSSL_PKMSG("Tls Finished Cb: ret %d\n", ret); + + return ret; +} + static WC_INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx) { (void)ctx; @@ -4655,6 +4767,19 @@ static WC_INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx) wolfSSL_CTX_SetRsaEncCb(ctx, myRsaEnc); wolfSSL_CTX_SetRsaDecCb(ctx, myRsaDec); #endif /* NO_RSA */ + + #ifndef NO_CERTS + wolfSSL_CTX_SetGenMasterSecretCb(ctx, myGenMaster); + wolfSSL_CTX_SetGenPreMasterCb(ctx, myGenPreMaster); + wolfSSL_CTX_SetGenSessionKeyCb(ctx, myGenSessionKey); + wolfSSL_CTX_SetEncryptKeysCb(ctx, mySetEncryptKeys); + + #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) + wolfSSL_CTX_SetVerifyMacCb(ctx, myVerifyMac); + #endif + + wolfSSL_CTX_SetTlsFinishedCb(ctx, myTlsFinished); + #endif /* NO_CERTS */ } static WC_INLINE void SetupPkCallbackContexts(WOLFSSL* ssl, void* myCtx) @@ -4694,6 +4819,19 @@ static WC_INLINE void SetupPkCallbackContexts(WOLFSSL* ssl, void* myCtx) wolfSSL_SetRsaEncCtx(ssl, myCtx); wolfSSL_SetRsaDecCtx(ssl, myCtx); #endif /* NO_RSA */ + + #ifndef NO_CERTS + wolfSSL_SetGenMasterSecretCtx(ssl, myCtx); + wolfSSL_SetGenPreMasterCtx(ssl, myCtx); + wolfSSL_SetGenSessionKeyCtx(ssl, myCtx); + wolfSSL_SetEncryptKeysCtx(ssl, myCtx); + + #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) + wolfSSL_SetVerifyMacCtx(ssl, myCtx); + #endif + + wolfSSL_SetTlsFinishedCtx(ssl, myCtx); + #endif } #endif /* HAVE_PK_CALLBACKS */ diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index 3ba981062..639e13157 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -262,6 +262,9 @@ struct Aes { defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT) TSIP_AES_CTX ctx; #endif +#if defined(WOLFSSL_RENESAS_SCEPROTECT) + SCE_AES_CTX ctx; +#endif #if defined(WOLFSSL_IMXRT_DCP) dcp_handle_t handle; #endif diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index f34ee8d82..06b2a4283 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -1213,6 +1213,22 @@ enum SignatureState { #endif #endif /* HAVE_PK_CALLBACKS */ +#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) ||\ + defined(HAVE_PK_CALLBACKS) +typedef struct tagCertAttribute { + byte verifyByTSIP_SCE; + word32 certBegin; + word32 pubkey_n_start; + word32 pubkey_n_len; + word32 pubkey_e_start; + word32 pubkey_e_len; + int curve_id; + const byte* cert; + word32 certSz; + const byte* keyIndex; + } CertAttribute; +#endif + struct SignatureCtx { void* heap; byte* digest; @@ -1268,13 +1284,9 @@ struct SignatureCtx { #endif #endif /* HAVE_PK_CALLBACKS */ #ifndef NO_RSA -#ifdef WOLFSSL_RENESAS_TSIP_TLS - byte verifyByTSIP; - word32 certBegin; - word32 pubkey_n_start; - word32 pubkey_n_len; - word32 pubkey_e_start; - word32 pubkey_e_len; +#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) ||\ + defined(HAVE_PK_CALLBACKS) + CertAttribute CertAtt; #endif #endif }; @@ -1552,10 +1564,10 @@ struct DecodedCert { #ifndef NO_CERTS SignatureCtx sigCtx; #endif -#ifdef WOLFSSL_RENESAS_TSIP - byte* tsip_encRsaKeyIdx; +#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT) + byte* sce_tsip_encRsaKeyIdx; #endif - + int badDate; int criticalExt; @@ -1643,7 +1655,7 @@ struct Signer { #ifdef WOLFSSL_SIGNER_DER_CERT DerBuffer* derCert; #endif -#ifdef WOLFSSL_RENESAS_TSIP_TLS +#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) word32 cm_idx; #endif Signer* next; diff --git a/wolfssl/wolfcrypt/error-crypt.h b/wolfssl/wolfcrypt/error-crypt.h index c22989b86..620259077 100644 --- a/wolfssl/wolfcrypt/error-crypt.h +++ b/wolfssl/wolfcrypt/error-crypt.h @@ -246,8 +246,9 @@ enum { DHE_PCT_E = -285, /* DHE Pairwise Consistency Test failure */ ECC_PCT_E = -286, /* ECDHE Pairwise Consistency Test failure */ FIPS_PRIVATE_KEY_LOCKED_E = -287, /* Cannot export private key. */ - - WC_LAST_E = -287, /* Update this to indicate last error */ + PROTOCOLCB_UNAVAILABLE = -288, /* Protocol callback unavailable */ + + WC_LAST_E = -288, /* Update this to indicate last error */ MIN_CODE_E = -300 /* errors -101 - -299 */ /* add new companion error id strings for any new error codes diff --git a/wolfssl/wolfcrypt/include.am b/wolfssl/wolfcrypt/include.am index b19b93fc1..7728fc35c 100644 --- a/wolfssl/wolfcrypt/include.am +++ b/wolfssl/wolfcrypt/include.am @@ -94,6 +94,9 @@ noinst_HEADERS+= \ wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h \ wolfssl/wolfcrypt/port/arm/cryptoCell.h \ wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h \ + wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h \ + wolfssl/wolfcrypt/port/Renesas/renesas_sync.h \ + wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h \ wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h if BUILD_CRYPTOAUTHLIB diff --git a/wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h b/wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h new file mode 100644 index 000000000..a05d62e5d --- /dev/null +++ b/wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h @@ -0,0 +1,214 @@ +/* renesas-sce-crypt.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +#ifndef __RENESAS_SCE_CRYPT_H__ +#define __RENESAS_SCE_CRYPT_H__ + +#include "r_sce.h" +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define SCE_SESSIONKEY_NONCE_SIZE 8 +#define WOLFSSL_SCE_ILLEGAL_CIPHERSUITE -1 + +#define MAX_SCE_CBINDEX 5 + +typedef struct tagUser_SCEPKCbInfo { + uint32_t user_key_id; + + /* out from R_SCE_TLS_ServerKeyExchangeVerify */ + uint32_t encrypted_ephemeral_ecdh_public_key[SCE_TLS_ENCRYPTED_ECCPUBKEY_SZ]; + /* out from R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate */ + sce_tls_p256_ecc_wrapped_key_t ecc_p256_wrapped_key; + uint8_t ecc_ecdh_public_key[HW_SCE_ECC_PUBLIC_KEY_BYTE_SIZE]; + + uint32_t sce_masterSecret[SCE_TLS_MASTERSECRET_SIZE/4]; + uint8_t sce_clientRandom[SCE_TLS_CLIENTRANDOM_SZ]; + uint8_t sce_serverRandom[SCE_TLS_SERVERRANDOM_SZ]; + uint8_t sce_cipher; + + /* installed key handling */ + sce_aes_wrapped_key_t sce_wrapped_key_aes256; + uint8_t aes256_installedkey_set:1; + sce_aes_wrapped_key_t sce_wrapped_key_aes128; + uint8_t aes128_installedkey_set:1; + + /* flag whether encrypted ec key is set */ + uint8_t pk_key_set:1; + uint8_t session_key_set:1; + +} User_SCEPKCbInfo; + +typedef struct tagSCE_PKCbInfo { + User_SCEPKCbInfo *user_PKCbInfo[MAX_SCE_CBINDEX]; + uint32_t num_session; +} SCE_PKCbInfo; + +typedef struct +{ + uint8_t *encrypted_provisioning_key; + uint8_t *iv; + uint8_t *encrypted_user_tls_key; + uint32_t encrypted_user_tls_key_type; + sce_tls_ca_certification_public_wrapped_key_t user_rsa2048_tls_wrappedkey; +} sce_key_data; + +struct WOLFSSL; +struct WOLFSSL_CTX; +struct ecc_key; + +WOLFSSL_LOCAL int wc_sce_Open(); +WOLFSSL_LOCAL void wc_sce_Close(); +WOLFSSL_LOCAL int wc_sce_hw_lock(); +WOLFSSL_LOCAL void wc_sce_hw_unlock( void ); +WOLFSSL_LOCAL int wc_sce_usable(const struct WOLFSSL *ssl, + uint8_t session_key_generated); + +typedef struct { + sce_aes_wrapped_key_t sce_wrapped_key; + word32 keySize; + byte setup; +} SCE_AES_CTX; + +struct Aes; +WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in, + word32 sz); +WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, + word32 sz); + +WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out, + const byte* in, word32 sz, + byte* iv, word32 ivSz, + byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz, + void* ctx); + +WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out, + const byte* in, word32 sz, + const byte* iv, word32 ivSz, + const byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz, + void* ctx); + +#if !defined(NO_SHA256) && !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH) + +typedef enum { + SCE_SHA256 = 1, +} SCE_SHA_TYPE; + +typedef struct { + byte* msg; + void* heap; + word32 used; + word32 len; + word32 sha_type; +#if defined(WOLF_CRYPTO_CB) + word32 flags; + int devId; +#endif +} wolfssl_SCE_Hash; + +/* RAW hash function APIs are not implemented with SCE */ +#undef WOLFSSL_NO_HASH_RAW +#define WOLFSSL_NO_HASH_RAW + +typedef wolfssl_SCE_Hash wc_Sha256; + +#endif /* NO_SHA */ + + +WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify( + const uint8_t* cert, uint32_t cert_len, + uint32_t key_n_start, uint32_t key_n_len, + uint32_t key_e_start, uint32_t key_e_len, + uint32_t cm_row); + +WOLFSSL_LOCAL int wc_sce_tls_CertVerify( + const uint8_t* cert, uint32_t certSz, + const uint8_t* signature, uint32_t sigSz, + uint32_t key_n_start, uint32_t key_n_len, + uint32_t key_e_start, uint32_t key_e_len, + uint8_t* sce_encRsaKeyIdx); + + +WOLFSSL_LOCAL int wc_sce_generatePremasterSecret( + uint8_t* premaster, + uint32_t preSz); + +WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret( + struct WOLFSSL* ssl, + uint8_t* out, + uint32_t* outSz); + +WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac( + const struct WOLFSSL *ssl, + const uint8_t* myInner, + uint32_t innerSz, + const uint8_t* in, + uint32_t sz, + uint8_t* digest); + +WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac( + const struct WOLFSSL *ssl, + const uint8_t* message, + uint32_t messageSz, + uint32_t macSz, + uint32_t content); + +WOLFSSL_LOCAL int wc_sce_storeKeyCtx(struct WOLFSSL* ssl, User_SCEPKCbInfo* info); +WOLFSSL_LOCAL int wc_sce_generateVerifyData(const uint8_t *ms, /* master secret */ + const uint8_t *side, const uint8_t *handshake_hash, + uint8_t *hashes /* out */); +WOLFSSL_LOCAL int wc_sce_generateSeesionKey(struct WOLFSSL *ssl, User_SCEPKCbInfo* cbInfo, + int devId); +WOLFSSL_LOCAL int wc_sce_generateMasterSecret( + uint8_t cipherSuiteFirst, + uint8_t cipherSuite, + const uint8_t *pr, /* pre-master */ + const uint8_t *cr, /* client random */ + const uint8_t *sr, /* server random */ + uint8_t *ms); + +WOLFSSL_LOCAL int wc_SCE_RsaVerify(struct WOLFSSL* ssl, byte* sig, uint32_t sigSz, + uint8_t** out, const byte* key, uint32_t keySz, void* ctx); +WOLFSSL_LOCAL int wc_SCE_EccVerify(struct WOLFSSL* ssl, const uint8_t* sig, uint32_t sigSz, + const uint8_t* hash, uint32_t hashSz, const uint8_t* key, uint32_t keySz, + int* result, void* ctx); +/* Callback for EccShareSecret */ +WOLFSSL_LOCAL int SCE_EccSharedSecret(struct WOLFSSL* ssl, struct ecc_key* otherKey, + uint8_t* pubKeyDer, unsigned int* pubKeySz, + uint8_t* out, unsigned int* outlen, int side, void* ctx); + +/* user API */ +WOLFSSL_API void wc_sce_inform_user_keys( + uint8_t* encrypted_provisioning_key, + uint8_t* iv, + uint8_t* encrypted_user_tls_key, + uint32_t encrypted_user_tls_key_type); + +WOLFSSL_API void wc_sce_set_callbacks(struct WOLFSSL_CTX* ctx); +WOLFSSL_API int wc_sce_set_callback_ctx(struct WOLFSSL* ssl, void* user_ctx); +WOLFSSL_API void wc_sce_inform_cert_sign(const uint8_t *sign); + +#endif /* __RENESAS_SCE_CRYPT_H__ */ diff --git a/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h b/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h new file mode 100755 index 000000000..c049c6345 --- /dev/null +++ b/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h @@ -0,0 +1,59 @@ +/* renesas_cmn.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +#ifndef __RENESAS_CMN_H__ +#define __RENESAS_CMN_H__ + +#include +#include + +/* Common Callbacks */ +WOLFSSL_LOCAL int Renesas_cmn_genMasterSecret(WOLFSSL* ssl, void* ctx); +WOLFSSL_LOCAL int Renesas_cmn_generatePremasterSecret(WOLFSSL* ssl, + byte *premaster, word32 preSz, void* ctx); +WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in, + unsigned int inSz, unsigned char* out, word32* outSz, + const unsigned char* keyDer, unsigned int keySz, void* ctx); +WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message, + word32 messageSz, word32 macSz, word32 content); +WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const uint8_t* sig, + uint32_t sigSz, const uint8_t* hash, uint32_t hashSz, + const uint8_t* key, uint32_t keySz, int* result, void* ctx); +WOLFSSL_LOCAL int Renesas_cmn_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz, + uint8_t** out, const byte* key, uint32_t keySz, void* ctx); +WOLFSSL_LOCAL int Renesas_cmn_TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, + word32 sz, int padSz, int content, int verify, int epochOrder); +WOLFSSL_LOCAL int Renesas_cmn_usable(const WOLFSSL *ssl, byte seskey_gennerated); +WOLFSSL_LOCAL int Renesas_cmn_SigPkCbRsaVerify(unsigned char* sig, unsigned int sigSz, + unsigned char** out, const unsigned char* keyDer, unsigned int keySz, + void* ctx); +WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig, unsigned int sigSz, + const unsigned char* hash, unsigned int hashSz, + const unsigned char* keyDer, unsigned int keySz, + int* result, void* ctx); + +/* Common Methods */ +int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx); +void wc_CryptoCb_CleanupRenesasCmn(int* id); +int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, + word32 key_n_start, word32 key_n_len, word32 key_e_start, + word32 key_e_len, word32 cm_row); +WOLFSSL_LOCAL byte Renesas_cmn_checkCA(word32 cmIdx); +#endif /* __RENESAS_CMN_H__ */ \ No newline at end of file diff --git a/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h b/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h new file mode 100644 index 000000000..c97718eaf --- /dev/null +++ b/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h @@ -0,0 +1,35 @@ +/* renesas_sync.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#ifndef _RENESAS_SYNC_H_ +#define _RENESAS_SYNC_H_ + +#ifdef HAVE_RENESAS_SYNC + +struct WOLFSSL; +struct User_SCEPKCbInfo; +extern User_SCEPKCbInfo guser_PKCbInfo; + +WOLFSSL_API int wc_CryptoCb_CryptInitRenesasCmn(struct WOLFSSL* ssl, void* ctx); +WOLFSSL_API void wc_CryptoCb_CleanupRenesasCmn(int* id); + +#endif /* HAVE_RENESAS_SYNC */ +#endif /* _RENESAS_SYNC_H_ */ diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 9693ff414..5c33f2c4c 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -212,6 +212,12 @@ /* Uncomment next line if using RENESAS RX64N */ /* #define WOLFSSL_RENESAS_RX65N */ +/* Uncomment next line if using RENESAS SCE Protected Mode */ +/* #define WOLFSSL_RENESAS_SCEPROTECT */ + +/* Uncomment next line if using RENESAS RA6M4 */ +/* #define WOLFSSL_RENESAS_RA6M4 */ + /* Uncomment next line if using Solaris OS*/ /* #define WOLFSSL_SOLARIS */ @@ -326,7 +332,22 @@ #endif #endif -#if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3) +#if defined(WOLFSSL_RENESAS_SCEPROTECT) + #define SCE_TLS_MASTERSECRET_SIZE 80 /* 20 words */ + #define TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE 64 + #define TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY 560 /* in bytes */ + #define SCE_TLS_CLIENTRANDOM_SZ 36 /* in bytes */ + #define SCE_TLS_SERVERRANDOM_SZ 36 /* in bytes */ + #define SCE_TLS_ENCRYPTED_ECCPUBKEY_SZ 96 /* in bytes */ + + #define WOLFSSL_RENESAS_SCEPROTECT_ECC + #if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC) + #define HAVE_PK_CALLBACKS + /* #define DEBUG_PK_CB */ + #endif +#endif +#if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3) ||\ + defined(WOLFSSL_RENESAS_RA6M4) /* settings in user_settings.h */ #endif diff --git a/wolfssl/wolfcrypt/sha256.h b/wolfssl/wolfcrypt/sha256.h index fed65f126..8e4447003 100644 --- a/wolfssl/wolfcrypt/sha256.h +++ b/wolfssl/wolfcrypt/sha256.h @@ -142,6 +142,9 @@ enum { #elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) #include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h" +#elif defined(WOLFSSL_RENESAS_SCEPROTECT) && \ + !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH) + #include "wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h" #else #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH) diff --git a/wolfssl/wolfio.h b/wolfssl/wolfio.h index 93d7d0371..421226685 100644 --- a/wolfssl/wolfio.h +++ b/wolfssl/wolfio.h @@ -168,7 +168,9 @@ #endif #endif - #if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3) /* Uses FREERTOS_TCP */ + #if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3) ||\ + defined(WOLFSSL_RENESAS_RA6M4) + /* Uses FREERTOS_TCP */ #include #endif