feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

code review updates for ESP32 C3/C6/S2 HW Acceleration

Browse Source
This commit is contained in:
gojimmypi
2023-11-21 16:22:49 -08:00
parent 7e69030df1
commit 9227020f8e
7 changed files with 199 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
IDE/Espressif/ESP-IDF/README.md
View File

@@ -14,7 +14,6 @@ Including the following examples:
* Simple [TLS client](./examples/wolfssl_client/)/[server](./examples/wolfssl_server/) * Simple [TLS client](./examples/wolfssl_client/)/[server](./examples/wolfssl_server/)
* Cryptographic [test](./examples/wolfssl_test/) * Cryptographic [test](./examples/wolfssl_test/)
* Cryptographic [benchmark](./examples/wolfssl_benchmark/) * Cryptographic [benchmark](./examples/wolfssl_benchmark/)
* Bare-bones [template](./examples/template/)
The *user_settings.h* file enables some of the hardened settings. The *user_settings.h* file enables some of the hardened settings.

150
IDE/Espressif/ESP-IDF/user_settings.h
View File

@@ -83,7 +83,7 @@
#define WOLFSSL_AES_DIRECT #define WOLFSSL_AES_DIRECT
#endif #endif
/* when you want to use aes counter mode */ /* when you want to use AES counter mode */
/* #define WOLFSSL_AES_DIRECT */ /* #define WOLFSSL_AES_DIRECT */
/* #define WOLFSSL_AES_COUNTER */ /* #define WOLFSSL_AES_COUNTER */
@@ -102,10 +102,17 @@
/* Define USE_FAST_MATH and SMALL_STACK */ /* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE #define ESP32_USE_RSA_PRIMITIVE
/* threshold for performance adjustment for HW primitive use */ /* threshold for performance adjustment for HW primitive use */
/* NOTE HW unreliable for small values on older original ESP32!*/
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */ /* X bits of G^X mod P greater than */
#define EPS_RSA_EXPT_XBTIS 36 #undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */ /* X and Y of X * Y mod P greater than */
#define ESP_RSA_MULM_BITS 2000 #undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif #endif
/* debug options */ /* debug options */
@@ -123,46 +130,129 @@
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */ /* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00 #define ESP_RSA_TIMEOUT_CNT 0x249F00
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32) #if defined(CONFIG_IDF_TARGET_ESP32)
/* when you want not to use HW acceleration on ESP32 (below for S3, etc */ /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */ /* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
/* end CONFIG_IDF_TARGET_ESP32 */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2) #elif defined(CONFIG_IDF_TARGET_ESP32S2)
/* ESP32-S2 disabled by default; not implemented */ /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
#define NO_ESP32_CRYPT /* #define NO_ESP32_CRYPT */
#define NO_WOLFSSL_ESP32_CRYPT_HASH /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
#define NO_WOLFSSL_ESP32_CRYPT_AES /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3) #elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* when you want not to use HW acceleration on ESP32-S3 */ /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */ /* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */ /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3) #elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* ESP32-C3 disabled by default, not implemented */ /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH /* #define NO_ESP32_CRYPT */
#define NO_WOLFSSL_ESP32_CRYPT_AES /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6) #elif defined(CONFIG_IDF_TARGET_ESP32C6)
/* ESP32-C6 disabled by default, not implemented */ /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH /* #define NO_ESP32_CRYPT */
#define NO_WOLFSSL_ESP32_CRYPT_AES /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI /* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2) #elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* ESP32-H2 disabled by default, not implemented */ /* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT #define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH #define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES #define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#else #else
/* anything else unknown will have HW disabled by default */ /* Anything else encountered, disable HW accleration */
#define NO_ESP32_CRYPT #define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH #define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES #define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
#define CTX_CA_CERT_SIZE sizeof_root_sm2
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_CERT server_sm2
#define CTX_SERVER_CERT_SIZE sizeof_server_sm2
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_KEY server_sm2_priv
#define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif #endif

55
wolfcrypt/src/port/Espressif/README.md
View File

@@ -1,37 +1,66 @@
# ESP32 Port # ESP32 Port
Support for the ESP32-WROOM-32 on-board crypto hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod. Support for the ESP32 on-board cryptographic hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod.
* ESP32 - Supported
* ESP32S2 - Supported
* ESP32S3 - Supported
* ESP32C2 - Software only (contact support to request hardware acceleration)
* ESP32C3 - Supported
* ESP32C6 - Supported
* ESP32H2 - Software only (contact support to request hardware acceleration)
## ESP32 Acceleration ## ESP32 Acceleration
For detail about ESP32 HW Acceleration, you can find in [Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf) More details about ESP32 HW Accelerationcan be found in:
* [ESP32 Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf)
* [ESP32-S2 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-s2_technical_reference_manual_en.pdf)
* [ESP32-S3 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf)
* [ESP32-C2 (aka ESP8684 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp8684_technical_reference_manual_en.pdf)
* [ESP32-C3 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-c3_technical_reference_manual_en.pdf)
* [ESP32-C6 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-c6_technical_reference_manual_en.pdf)
* [ESP32-H2 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-h2_technical_reference_manual_en.pdf)
### Building ### Building
``` Simply run `ESP-IDF.py` in any of the [Espressif/ESP-IDF/Examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples).
git clone --recurse-submodules -j8 https://github.com/espressif/esp-idf master See the respective project README files. Examples are also available using wolfssl as a [Managed Component](https://components.espressif.com/components/wolfssl/wolfssl).
```
Hardware acceleration is enabled by default. Hardware acceleration is enabled by default. All settings should be adjusted in the respective project component
`user_settings.h` file. See the example in [template example](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h).
In particular, comment out the `NO_[feature_name]` macros to enable hardware encryption:
To disable portions of the hardware acceleration you can optionally define: /* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
To disable specific portions of the hardware acceleration you can optionally define:
```c ```c
/* Disabled SHA, AES and RSA acceleration */ /* Disable all SHA, AES and RSA acceleration */
#define NO_ESP32_CRYPT #define NO_ESP32_CRYPT
/* Disabled AES acceleration */
/* Disable only AES acceleration */
#define NO_WOLFSSL_ESP32_CRYPT_AES #define NO_WOLFSSL_ESP32_CRYPT_AES
/* Disabled SHA acceleration */
/* Disabled only SHA acceleration */
#define NO_WOLFSSL_ESP32_CRYPT_HASH #define NO_WOLFSSL_ESP32_CRYPT_HASH
/* Disabled RSA Primitive acceleration */
/* Disabled only RSA Primitive acceleration */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
``` ```
See the [wolfcrypt/port/Espressif/esp32-crypt.h](https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h)
for more details on fine tuning and debugging options.
### Coding ### Coding
In your application you must include `<wolfssl/wolfcrypt/settings.h>` before any other wolfSSL headers. In your application you must include `<wolfssl/wolfcrypt/settings.h>` before any other wolfSSL headers.
If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` and adding your own If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` (typically defined in the `CMakeLists.txt`)
`user_settings.h` file. You can find a good reference for this in `IDE/GCC-ARM/Header/user_settings.h`. and adding your own `user_settings.h` file. You can find a good reference in the [Espressif examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
as well as other examples such as [IDE/GCC-ARM/Header/user_settings.h](https://github.com/wolfSSL/wolfssl/blob/master/IDE/GCC-ARM/Header/user_settings.h).
To view disassembly, add `__attribute__((section(".iram1")))` decorator. Foe example: To view disassembly, add `__attribute__((section(".iram1")))` decorator. Foe example:

36
wolfcrypt/src/port/Espressif/esp32_sha.c
View File

@@ -95,7 +95,7 @@ static const char* TAG = "wolf_hw_sha";
static wolfSSL_Mutex sha_mutex = NULL; static wolfSSL_Mutex sha_mutex = NULL;
#endif #endif
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
#ifndef WOLFSSL_TEST_STRAY #ifndef WOLFSSL_TEST_STRAY
/* unless turned on, we won't be testing for strays */ /* unless turned on, we won't be testing for strays */
#define WOLFSSL_TEST_STRAY 0 #define WOLFSSL_TEST_STRAY 0
@@ -119,7 +119,7 @@ static const char* TAG = "wolf_hw_sha";
#if defined(ESP_MONITOR_HW_TASK_LOCK) #if defined(ESP_MONITOR_HW_TASK_LOCK)
static void * mutex_ctx_owner = 0; static void * mutex_ctx_owner = 0;
static TaskHandle_t mutex_ctx_task = 0; static TaskHandle_t mutex_ctx_task = 0;
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
static portMUX_TYPE sha_crit_sect = portMUX_INITIALIZER_UNLOCKED; static portMUX_TYPE sha_crit_sect = portMUX_INITIALIZER_UNLOCKED;
WC_ESP32SHA* stray_ctx; WC_ESP32SHA* stray_ctx;
/* each ctx keeps track of the intializer for HW. when debugging /* each ctx keeps track of the intializer for HW. when debugging
@@ -608,7 +608,7 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
int ret; int ret;
if (src->ctx.mode == ESP32_SHA_HW) { if (src->ctx.mode == ESP32_SHA_HW) {
/* Get a copy of the HW digest, but don't process it. */ /* Get a copy of the HW digest, but don't process it. */
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
{ {
ESP_LOGI(TAG, "esp_sha256_ctx_copy esp_sha512_digest_process"); ESP_LOGI(TAG, "esp_sha256_ctx_copy esp_sha512_digest_process");
} }
@@ -990,7 +990,7 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
int esp_sha_set_stray(WC_ESP32SHA* ctx) int esp_sha_set_stray(WC_ESP32SHA* ctx)
{ {
int ret = 0; int ret = 0;
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
stray_ctx = ctx; stray_ctx = ctx;
ret= (int)stray_ctx; ret= (int)stray_ctx;
#endif #endif
@@ -1000,13 +1000,13 @@ int esp_sha_set_stray(WC_ESP32SHA* ctx)
/* /*
** return HW lock owner, otherwise zero if not locked. ** return HW lock owner, otherwise zero if not locked.
** **
** When DEBUG_WOLFSSL_SHA_MUTEX is defined, additional ** When WOLFSSL_DEBUG_MUTEX is defined, additional
** debugging capabilities are available. ** debugging capabilities are available.
*/ */
int esp_sha_hw_islocked(WC_ESP32SHA* ctx) int esp_sha_hw_islocked(WC_ESP32SHA* ctx)
{ {
int ret = 0; int ret = 0;
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
taskENTER_CRITICAL(&sha_crit_sect); taskENTER_CRITICAL(&sha_crit_sect);
{ {
ret = (int)mutex_ctx_owner; ret = (int)mutex_ctx_owner;
@@ -1037,7 +1037,7 @@ int esp_sha_hw_islocked(WC_ESP32SHA* ctx)
#endif #endif
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
if (ret == 0) { if (ret == 0) {
ESP_LOGV(TAG, ">> NOT LOCKED esp_sha_hw_islocked"); ESP_LOGV(TAG, ">> NOT LOCKED esp_sha_hw_islocked");
} }
@@ -1072,7 +1072,7 @@ int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx)
ESP_LOGE(TAG, "ERROR: esp_sha_release_unfinished_lock for %x" ESP_LOGE(TAG, "ERROR: esp_sha_release_unfinished_lock for %x"
" but found %x", ret, (int)(ctx->initializer)); " but found %x", ret, (int)(ctx->initializer));
} }
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
ESP_LOGE(TAG, "\n>>>> esp_sha_release_unfinished_lock %x\n", ret); ESP_LOGE(TAG, "\n>>>> esp_sha_release_unfinished_lock %x\n", ret);
#endif #endif
/* unlock only if this ctx is the intializer of the lock */ /* unlock only if this ctx is the intializer of the lock */
@@ -1109,7 +1109,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
ESP_LOGI(TAG, "enter esp_sha_hw_lock for %x", (int)ctx->initializer); ESP_LOGI(TAG, "enter esp_sha_hw_lock for %x", (int)ctx->initializer);
#endif #endif
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
taskENTER_CRITICAL(&sha_crit_sect); taskENTER_CRITICAL(&sha_crit_sect);
{ {
/* let's keep track of how many times we call this */ /* let's keep track of how many times we call this */
@@ -1168,7 +1168,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
/* created, but not yet locked */ /* created, but not yet locked */
ret = esp_CryptHwMutexInit(&sha_mutex); ret = esp_CryptHwMutexInit(&sha_mutex);
if (ret == 0) { if (ret == 0) {
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
ESP_LOGI(TAG, "esp_CryptHwMutexInit sha_mutex init success."); ESP_LOGI(TAG, "esp_CryptHwMutexInit sha_mutex init success.");
mutex_ctx_owner = 0; mutex_ctx_owner = 0;
#endif #endif
@@ -1179,7 +1179,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
ESP_LOGI(TAG, "Revert to ctx->mode = ESP32_SHA_SW."); ESP_LOGI(TAG, "Revert to ctx->mode = ESP32_SHA_SW.");
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
ESP_LOGI(TAG, "Current mutext owner = %x", ESP_LOGI(TAG, "Current mutext owner = %x",
(int)esp_sha_mutex_ctx_owner()); (int)esp_sha_mutex_ctx_owner());
#endif #endif
@@ -1241,7 +1241,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
mutex_ctx_task = xTaskGetCurrentTaskHandle(); mutex_ctx_task = xTaskGetCurrentTaskHandle();
#endif #endif
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
if (esp_sha_call_count() == 8 && WOLFSSL_TEST_STRAY) { if (esp_sha_call_count() == 8 && WOLFSSL_TEST_STRAY) {
/* once we've locked 10 times here, /* once we've locked 10 times here,
* we'll force a fallback to SW until other thread unlocks */ * we'll force a fallback to SW until other thread unlocks */
@@ -1258,7 +1258,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
} }
taskEXIT_CRITICAL(&sha_crit_sect); taskEXIT_CRITICAL(&sha_crit_sect);
if (stray_ctx == NULL) { if (stray_ctx == NULL) {
ESP_LOGW(TAG, "DEBUG_WOLFSSL_SHA_MUTEX on, but stray_ctx " ESP_LOGW(TAG, "WOLFSSL_DEBUG_MUTEX on, but stray_ctx "
"is NULL; are you running the peek task to " "is NULL; are you running the peek task to "
"set the stay test?"); "set the stay test?");
} }
@@ -1267,7 +1267,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
ESP_LOGI(TAG, "%x", (int)&stray_ctx); ESP_LOGI(TAG, "%x", (int)&stray_ctx);
ESP_LOGW(TAG, ESP_LOGW(TAG,
"\n\nLocking with stray\n\n" "\n\nLocking with stray\n\n"
"DEBUG_WOLFSSL_SHA_MUTEX call count 8, " "WOLFSSL_DEBUG_MUTEX call count 8, "
"ctx->mode = ESP32_SHA_SW %x\n\n", "ctx->mode = ESP32_SHA_SW %x\n\n",
(int)mutex_ctx_owner); (int)mutex_ctx_owner);
ctx->task_owner = xTaskGetCurrentTaskHandle(); ctx->task_owner = xTaskGetCurrentTaskHandle();
@@ -1287,7 +1287,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
ESP_LOGI(TAG, "Hardware Mode Active, lock depth = %d, for %x", ESP_LOGI(TAG, "Hardware Mode Active, lock depth = %d, for %x",
ctx->lockDepth, (int)ctx->initializer); ctx->lockDepth, (int)ctx->initializer);
#endif #endif
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
taskENTER_CRITICAL(&sha_crit_sect); taskENTER_CRITICAL(&sha_crit_sect);
{ {
mutex_ctx_owner = (void*)ctx->initializer; mutex_ctx_owner = (void*)ctx->initializer;
@@ -1308,7 +1308,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
else { else {
/* We should have otherwise anticipated this; how did we get here? /* We should have otherwise anticipated this; how did we get here?
** This code should rarely, ideally never be reached. */ ** This code should rarely, ideally never be reached. */
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
ESP_LOGI(TAG, "\nHardware in use by %x; " ESP_LOGI(TAG, "\nHardware in use by %x; "
"Mode REVERT to ESP32_SHA_SW for %x\n", "Mode REVERT to ESP32_SHA_SW for %x\n",
(int)esp_sha_mutex_ctx_owner(), (int)esp_sha_mutex_ctx_owner(),
@@ -1418,7 +1418,7 @@ int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
#endif #endif
#endif #endif
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
taskENTER_CRITICAL(&sha_crit_sect); taskENTER_CRITICAL(&sha_crit_sect);
{ {
mutex_ctx_owner = 0; mutex_ctx_owner = 0;
@@ -1993,7 +1993,7 @@ int esp_sha256_process(struct wc_Sha256* sha, const byte* data)
WC_SHA256_BLOCK_SIZE); WC_SHA256_BLOCK_SIZE);
break; break;
#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 #if defined(WOLFSSL_SHA224) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224)
case SHA2_224: case SHA2_224:
#if defined(DEBUG_WOLFSSL_VERBOSE) #if defined(DEBUG_WOLFSSL_VERBOSE)
ESP_LOGV(TAG, " confirmed SHA224 type call match"); ESP_LOGV(TAG, " confirmed SHA224 type call match");

24
wolfcrypt/src/sha.c
View File

@@ -634,7 +634,7 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
if (sha->buffLen == WC_SHA_BLOCK_SIZE) { if (sha->buffLen == WC_SHA_BLOCK_SIZE) {
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_INIT) { if (sha->ctx.mode == ESP32_SHA_INIT) {
#if defined(DEBUG_WOLFSSL_SHA_MUTEX) #if defined(WOLFSSL_DEBUG_MUTEX)
{ {
ESP_LOGI(TAG, "wc_ShaUpdate try hardware"); ESP_LOGI(TAG, "wc_ShaUpdate try hardware");
} }
@@ -656,7 +656,7 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_SW) { if (sha->ctx.mode == ESP32_SHA_SW) {
#if defined(DEBUG_WOLFSSL_SHA_MUTEX) #if defined(WOLFSSL_DEBUG_MUTEX)
{ {
ESP_LOGI(TAG, "wc_ShaUpdate process software"); ESP_LOGI(TAG, "wc_ShaUpdate process software");
} }
@@ -664,7 +664,7 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
ret = XTRANSFORM(sha, (const byte*)local); ret = XTRANSFORM(sha, (const byte*)local);
} }
else { else {
#if defined(DEBUG_WOLFSSL_SHA_MUTEX) #if defined(WOLFSSL_DEBUG_MUTEX)
{ {
ESP_LOGI(TAG, "wc_ShaUpdate process hardware"); ESP_LOGI(TAG, "wc_ShaUpdate process hardware");
} }
@@ -905,18 +905,20 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
if (sha->ctx.mode == ESP32_SHA_HW) { if (sha->ctx.mode == ESP32_SHA_HW) {
/* TODO is this the proper way to reverse endianness for the 64bit Espressif value? #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
* see also ByteReverseWord64() */ {
#if defined(WOLFSSL_SUPER_VERBOSE_DEBUG) ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness.");
ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness."); }
#endif #endif
ByteReverseWords(&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* out */ ByteReverseWords(&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* out */
&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* in */ &sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* in */
2 * sizeof(word32) /* byte count to reverse */ 2 * sizeof(word32) /* byte count to reverse */
); );
#if defined(WOLFSSL_SUPER_VERBOSE_DEBUG) #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness."); {
#endif ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness.");
}
#endif
} /* end if (sha->ctx.mode == ESP32_SHA_HW) */ } /* end if (sha->ctx.mode == ESP32_SHA_HW) */
#endif #endif

56
wolfcrypt/src/sha256.c
View File

@@ -700,52 +700,6 @@ static int InitSha256(wc_Sha256* sha256)
/* HW may fail since there's only one, so we still need SW */ /* HW may fail since there's only one, so we still need SW */
#define NEED_SOFT_SHA256 #define NEED_SOFT_SHA256
/*
* we'll set the digest at the last minute,
* just before computing hash.
*
* Reminder that ESP32-C3 does NOT need initial digest.
*
* see page 337 of C3 spec: 16.4.1.3 Setting the Initial Hash Value
*
* "Before hash task begins for any secure hash algorithms, the initial
* Hash value H(0) must be set based on different algorithms. However,
* the SHA accelerator uses the initial Hash values (constant C) stored
* in the hardware for hash tasks"
*/
static int set_default_digest256(wc_Sha256* sha256)
{
return 0; /* TODO not used? */
int ret = 0;
#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
if (sha256->ctx.mode == ESP32_SHA_SW) {
ret = 1;
}
#endif
/* when not ESP32-C3, we'll need digest for SW or HW */
#if !defined(CONFIG_IDF_TARGET_ESP32C3) && \
!defined(CONFIG_IDF_TARGET_ESP32C6)
ret = 1;
#endif
#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
if ((ret == 1) && (sha256->ctx.isfirstblock == 1)) {
XMEMSET(sha256->digest, 0, sizeof(sha256->digest));
sha256->digest[0] = 0x6A09E667L;
sha256->digest[1] = 0xBB67AE85L;
sha256->digest[2] = 0x3C6EF372L;
sha256->digest[3] = 0xA54FF53AL;
sha256->digest[4] = 0x510E527FL;
sha256->digest[5] = 0x9B05688CL;
sha256->digest[6] = 0x1F83D9ABL;
sha256->digest[7] = 0x5BE0CD19L;
}
#endif
return ret;
}
/* /*
** An Espressif-specific InitSha256() ** An Espressif-specific InitSha256()
** **
@@ -759,9 +713,8 @@ static int InitSha256(wc_Sha256* sha256)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
/* we may or may not need initial digest. /* We may or may not need initial digest for HW.
* always needed for SW-only. * Always needed for SW-only. */
* See set_default_digest256() for HW/SW */
sha256->digest[0] = 0x6A09E667L; sha256->digest[0] = 0x6A09E667L;
sha256->digest[1] = 0xBB67AE85L; sha256->digest[1] = 0xBB67AE85L;
sha256->digest[2] = 0x3C6EF372L; sha256->digest[2] = 0x3C6EF372L;
@@ -1111,7 +1064,6 @@ static int InitSha256(wc_Sha256* sha256)
ESP_LOGV(TAG, "Sha256Update try hardware"); ESP_LOGV(TAG, "Sha256Update try hardware");
esp_sha_try_hw_lock(&sha256->ctx); esp_sha_try_hw_lock(&sha256->ctx);
} }
set_default_digest256(sha256);
#endif #endif
@@ -1138,7 +1090,7 @@ static int InitSha256(wc_Sha256* sha256)
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_SW) { if (sha256->ctx.mode == ESP32_SHA_SW) {
#if defined(DEBUG_WOLFSSL_SHA_MUTEX) #if defined(WOLFSSL_DEBUG_MUTEX)
{ {
ESP_LOGI(TAG, "Sha256Update process software"); ESP_LOGI(TAG, "Sha256Update process software");
} }
@@ -1152,7 +1104,7 @@ static int InitSha256(wc_Sha256* sha256)
ret = XTRANSFORM(sha256, (const byte*)local); ret = XTRANSFORM(sha256, (const byte*)local);
} }
else { else {
#if defined(DEBUG_WOLFSSL_SHA_MUTEX) #if defined(WOLFSSL_DEBUG_MUTEX)
{ {
ESP_LOGI(TAG, "Sha256Update process hardware"); ESP_LOGI(TAG, "Sha256Update process hardware");
} }

4
wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
View File

@@ -147,7 +147,7 @@ enum {
** Turns on development testing. Validates HW accelerated results to software ** Turns on development testing. Validates HW accelerated results to software
** - Automatically turns on WOLFSSL_HW_METRICS ** - Automatically turns on WOLFSSL_HW_METRICS
** **
** DEBUG_WOLFSSL_SHA_MUTEX ** WOLFSSL_DEBUG_MUTEX
** Turns on diagnostic messages for SHA mutex. Note that given verbosity, ** Turns on diagnostic messages for SHA mutex. Note that given verbosity,
** there may be TLS timing issues encountered. Use with caution. ** there may be TLS timing issues encountered. Use with caution.
** **
@@ -589,7 +589,7 @@ extern "C"
byte blockprocess); byte blockprocess);
WOLFSSL_LOCAL int esp_sha_process(struct wc_Sha* sha, const byte* data); WOLFSSL_LOCAL int esp_sha_process(struct wc_Sha* sha, const byte* data);
#ifdef DEBUG_WOLFSSL_SHA_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
/* testing HW release in task that did not lock */ /* testing HW release in task that did not lock */
extern WC_ESP32SHA* stray_ctx; extern WC_ESP32SHA* stray_ctx;
#endif #endif