feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fixes for RSA TSIP RSA Sign/Verify. Tested on RX72N EnvisionKit. Added THREADX threading support.

Browse Source 
```
Start wolf tsip crypt Test

 simple crypt test by using TSIP
 sha_test() passed
 sha256_test() passed
 tsip_aes_cbc_test()  passed
 tsip_aes256_test()  passed
 tsip_rsa_test(2048) passed
 tsip_rsa_SignVerify_test(2048) passed

End wolf tsip crypt Test
```
This commit is contained in:
David Garske
2024-11-20 13:08:19 -08:00
parent 42825e82d2
commit d109f38cbd
4 changed files with 39 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
View File

@ -523,7 +523,7 @@ static void tskAes256_Gcm_Test(void *pvParam)
#endif /* FREERTOS */ #endif /* FREERTOS */
#endif #endif
#if defined(WOLFSSL_AES_128) #if defined(WOLFSSL_AES_128) && defined(HAVE_AESGCM)
static int tsip_aesgcm128_test(int prnt, tsip_aes_key_index_t* aes128_key) static int tsip_aesgcm128_test(int prnt, tsip_aes_key_index_t* aes128_key)
{ {
@ -805,6 +805,7 @@ static int tsip_rsa_SignVerify_test(int prnt, int keySize)
const char inStr2[] = TEST_STRING2; const char inStr2[] = TEST_STRING2;
const word32 inLen = (word32)TEST_STRING_SZ; const word32 inLen = (word32)TEST_STRING_SZ;
const word32 outSz = RSA_TEST_BYTES; const word32 outSz = RSA_TEST_BYTES;
word32 signSz = 0;
byte *in = NULL; byte *in = NULL;
byte *in2 = NULL; byte *in2 = NULL;
byte *out= NULL; byte *out= NULL;
@ -848,15 +849,16 @@ static int tsip_rsa_SignVerify_test(int prnt, int keySize)
if (ret < 0) { if (ret < 0) {
goto out; goto out;
} }
signSz = ret;
/* this should fail */ /* this should fail */
ret = wc_RsaSSL_Verify(in2, inLen, out, keySize/8, key); ret = wc_RsaSSL_Verify(out, signSz, in2, inLen, key);
if (ret != SIG_VERIFY_E) { if (ret != SIG_VERIFY_E) {
ret = -1; ret = -1;
goto out; goto out;
} }
/* this should succeed */ /* this should succeed */
ret = wc_RsaSSL_Verify(in, inLen, out, keySize/8, key); ret = wc_RsaSSL_Verify(out, signSz, in, inLen, key);
if (ret < 0) { if (ret < 0) {
ret = -1; ret = -1;
goto out; goto out;
@ -1223,6 +1225,7 @@ int tsip_crypt_test(void)
} }
#ifdef HAVE_AESGCM
if (ret == 0) { if (ret == 0) {
ret = tsip_aesgcm128_test(1, &g_user_aes128_key_index1); ret = tsip_aesgcm128_test(1, &g_user_aes128_key_index1);
@ -1234,8 +1237,10 @@ int tsip_crypt_test(void)
ret = tsip_aesgcm256_test(1, &g_user_aes256_key_index1); ret = tsip_aesgcm256_test(1, &g_user_aes256_key_index1);
} }
#if defined(WOLFSSL_KEY_GEN) && \ #endif
defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
#if defined(WOLFSSL_KEY_GEN) && \
defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
if (ret == 0) { if (ret == 0) {
Clr_CallbackCtx(&userContext); Clr_CallbackCtx(&userContext);
@ -1248,20 +1253,21 @@ int tsip_crypt_test(void)
#if RSA_MIN_SIZE <= 1024 #if RSA_MIN_SIZE <= 1024
if (ret == 0) { if (ret == 0) {
userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA1024; userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA1024;
printf(" tsip_rsa_test(1024)"); printf(" tsip_rsa_test(1024)");
ret = tsip_rsa_test(1, 1024); ret = tsip_rsa_test(1, 1024);
RESULT_STR(ret) RESULT_STR(ret)
} }
#endif #endif
if (ret == 0) { if (ret == 0) {
userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA2048; userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA2048;
printf(" tsip_rsa_test(2048)"); printf(" tsip_rsa_test(2048)");
ret = tsip_rsa_test(1, 2048); ret = tsip_rsa_test(1, 2048);
RESULT_STR(ret) RESULT_STR(ret)
} }
#if RSA_MIN_SIZE <= 1024
if (ret == 0) { if (ret == 0) {
printf(" tsip_rsa_SignVerify_test(1024)"); printf(" tsip_rsa_SignVerify_test(1024)");
@ -1274,6 +1280,7 @@ int tsip_crypt_test(void)
} }
Clr_CallbackCtx(&userContext); Clr_CallbackCtx(&userContext);
#endif
if (ret == 0) { if (ret == 0) {
printf(" tsip_rsa_SignVerify_test(2048)"); printf(" tsip_rsa_SignVerify_test(2048)");
@ -1287,12 +1294,11 @@ int tsip_crypt_test(void)
} }
Clr_CallbackCtx(&userContext); Clr_CallbackCtx(&userContext);
#endif #endif /* WOLFSSL_KEY_GEN && WOLFSSL_RENESAS_TSIP_CRYPTONLY */
} }
else else {
ret = -1; ret = -1;
}
return ret; return ret;
} }

10
wolfcrypt/src/port/Renesas/renesas_common.c
View File

@ -279,6 +279,16 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
} }
#endif #endif
} }
if (info->pk.type == WC_PK_TYPE_RSA_GET_SIZE) {
if (cbInfo->wrappedKeyType == TSIP_KEY_TYPE_RSA2048) {
*info->pk.rsa_get_size.keySize = 256;
ret = 0;
}
else if (cbInfo->wrappedKeyType == TSIP_KEY_TYPE_RSA1024) {
*info->pk.rsa_get_size.keySize = 128;
ret = 0;
}
}
#endif /* !NO_RSA */ #endif /* !NO_RSA */
#if defined(HAVE_ECC) #if defined(HAVE_ECC)
#if defined(WOLFSSL_RENESAS_TSIP_TLS) #if defined(WOLFSSL_RENESAS_TSIP_TLS)

16
wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c
View File

@ -234,7 +234,7 @@ int wc_tsip_RsaFunction(wc_CryptoInfo* info, TsipUserCtx* tuc)
plain.pdata = (uint8_t*)info->pk.rsa.in; plain.pdata = (uint8_t*)info->pk.rsa.in;
plain.data_length = info->pk.rsa.inLen; plain.data_length = info->pk.rsa.inLen;
cipher.pdata = (uint8_t*)info->pk.rsa.out; cipher.pdata = (uint8_t*)info->pk.rsa.out;
cipher.data_length = info->pk.rsa.outLen; cipher.data_length = *(info->pk.rsa.outLen);
if (keySize == TSIP_KEY_TYPE_RSA1024) { if (keySize == TSIP_KEY_TYPE_RSA1024) {
ret = R_TSIP_RsaesPkcs1024Encrypt(&plain, &cipher, ret = R_TSIP_RsaesPkcs1024Encrypt(&plain, &cipher,
@ -250,13 +250,13 @@ int wc_tsip_RsaFunction(wc_CryptoInfo* info, TsipUserCtx* tuc)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
if (ret == 0) { if (ret == 0) {
info->pk.rsa.outLen = cipher.data_length; *(info->pk.rsa.outLen) = cipher.data_length;
} }
} }
else if (type == RSA_PRIVATE_DECRYPT || type == RSA_PRIVATE_ENCRYPT) else if (type == RSA_PRIVATE_DECRYPT || type == RSA_PRIVATE_ENCRYPT)
{ {
plain.pdata = (uint8_t*)info->pk.rsa.out; plain.pdata = (uint8_t*)info->pk.rsa.out;
plain.data_length = info->pk.rsa.outLen; plain.data_length = *(info->pk.rsa.outLen);
cipher.pdata = (uint8_t*)info->pk.rsa.in; cipher.pdata = (uint8_t*)info->pk.rsa.in;
cipher.data_length = info->pk.rsa.inLen; cipher.data_length = info->pk.rsa.inLen;
@ -274,7 +274,7 @@ int wc_tsip_RsaFunction(wc_CryptoInfo* info, TsipUserCtx* tuc)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
if (ret == 0) { if (ret == 0) {
info->pk.rsa.outLen = plain.data_length; *(info->pk.rsa.outLen) = plain.data_length;
} }
} }
tsip_hw_unlock(); tsip_hw_unlock();
@ -314,13 +314,13 @@ int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
} }
if (tsip_RsakeyImport(tuc) == 0) { if (tsip_RsakeyImport(tuc) == 0) {
hashData.pdata = (uint8_t*)info->pk.rsa.in; hashData.pdata = (uint8_t*)info->pk.rsa.out;
hashData.data_length = info->pk.rsa.inLen; hashData.data_length = *(info->pk.rsa.outLen);
hashData.data_type = hashData.data_type =
tuc->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */ tuc->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
sigData.pdata = (uint8_t*)info->pk.rsa.out; sigData.pdata = (uint8_t*)info->pk.rsa.in;
sigData.data_length = info->pk.rsa.outLen; sigData.data_length = info->pk.rsa.inLen;
if ((ret = tsip_hw_lock()) == 0) { if ((ret = tsip_hw_lock()) == 0) {
switch (tuc->wrappedKeyType) { switch (tuc->wrappedKeyType) {

4
wolfssl/wolfcrypt/types.h
View File

@ -1497,6 +1497,10 @@ typedef struct w64wrapper {
#if !defined(__MINGW32__) #if !defined(__MINGW32__)
#define WOLFSSL_THREAD_NO_JOIN __cdecl #define WOLFSSL_THREAD_NO_JOIN __cdecl
#endif #endif
#elif defined(THREADX)
typedef unsigned int THREAD_RETURN;
typedef TX_THREAD THREAD_TYPE;
#define WOLFSSL_THREAD
#else #else
typedef unsigned int THREAD_RETURN; typedef unsigned int THREAD_RETURN;
typedef size_t THREAD_TYPE; typedef size_t THREAD_TYPE;