SiLabs: TRNG hardware acceleration

wolfcrypt/src/port/silabs/README.md

@@ -29,8 +29,12 @@ recommend defining `WOLFSSL_USER_SETTINGS` and adding your own
 
 ### Caveats
 
- * AES GCM tags of some lengths do not pass tests.
-
+ * AES GCM tags length >= 16 bytes
+ * By default random generator is seeded by the TRNG, but not used to
+   generate all random data. `WOLFSSL_SILABS_TRNG` can be set to
+   generate all random data with hardware TRNG, but requesting too
+   much data or too quickly may result in system reset and setting
+   `SESYSREQ`.
 
 ### Benchmarks
 

wolfcrypt/src/port/silabs/silabs_random.c

@@ -0,0 +1,48 @@
+/* silabs_random.c
+ *
+ * Copyright (C) 2006-2020 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generic SILABS Entropy random */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if defined(WOLFSSL_SILABS_SE_ACCEL)
+
+#include <sl_se_manager.h>
+#include <sl_se_manager_entropy.h>
+
+#include <wolfssl/wolfcrypt/port/silabs/silabs_random.h>
+
+int silabs_GenerateRand(byte* output, word32 sz)
+{
+    sl_se_command_context_t cmd_ctx = SL_SE_COMMAND_CONTEXT_INIT;
+    sl_status_t status = sl_se_init();
+
+    if (status == SL_STATUS_OK)
+        status = sl_se_get_random(&cmd_ctx, output,  sz);
+    
+    return (status != SL_STATUS_OK);
+}
+
+#endif /* WOLFSSL_SILABS_SE_ACCEL */

wolfcrypt/src/random.c

@@ -927,6 +927,10 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
         return wc_GenerateRand_IntelRD(NULL, output, sz);
 #endif
 
+#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_TRNG)
+    return silabs_GenerateRand(output, sz);
+#endif
+
 #if defined(WOLFSSL_ASYNC_CRYPT)
     if (rng->asyncDev.marker == WOLFSSL_ASYNC_MARKER_RNG) {
         /* these are blocking */
@@ -1908,6 +1912,13 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
         #define USE_TEST_GENSEED
     #endif /* FREESCALE_K70_RNGA */
 
+#elif defined(WOLFSSL_SILABS_SE_ACCEL)
+    int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+    {
+        (void)os;
+        return silabs_GenerateRand(output, sz);
+    }
+
 #elif defined(STM32_RNG)
      /* Generate a RNG seed using the hardware random number generator
       * on the STM32F2/F4/F7/L4. */

wolfssl/wolfcrypt/port/silabs/silabs_random.h

@@ -0,0 +1,35 @@
+/* silabs_random.h
+ *
+ * Copyright (C) 2006-2020 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#ifndef _SILABS_RANDOM_H_
+#define _SILABS_RANDOM_H_
+
+
+#if defined(WOLFSSL_SILABS_SE_ACCEL)
+
+#include <wolfssl/wolfcrypt/types.h>
+
+int silabs_GenerateRand(byte* output, word32 sz);
+
+#endif /* WOLFSSL_SILABS_SE_ACCEL */
+
+#endif /* _SILABS_RANDOM_H_ */

wolfssl/wolfcrypt/settings.h

@@ -1424,7 +1424,7 @@ extern void uITRON4_free(void *p) ;
     #define NO_WOLFSSL_DIR
     #define NO_WRITEV
 
-    #ifndef CUSTOM_RAND_GENERATE
+    #if ! defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(CUSTOM_RAND_GENERATE)
         #define CUSTOM_RAND_TYPE     RAND_NBR
         #define CUSTOM_RAND_GENERATE Math_Rand
     #endif