feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4523 from dgarske/nxp_se050_fixes

Browse Source 
Fixes for NXP SE050 ECC create and key store id
This commit is contained in:
Sean Parkinson
2021-11-09 08:56:03 +10:00
committed by GitHub
parent 5a4577eb6c 3941eea626
commit dd833807d8
12 changed files with 726 additions and 525 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
configure.ac
View File

@ -1451,6 +1451,9 @@ AC_ARG_WITH([se050],
# Requires AES direct
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_DIRECT"
# Does not support SHA2-512 224/256
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NOSHA512_224 -DWOLFSSL_NOSHA512_256"
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([yes])

10
wolfcrypt/src/aes.c
View File

@ -68,7 +68,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#ifdef WOLFSSL_IMXRT_DCP
#include <wolfssl/wolfcrypt/port/nxp/dcp_port.h>
#endif
#ifdef WOLFSSL_SE050
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
#include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
#endif
@ -867,7 +867,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#elif defined(WOLFSSL_DEVCRYPTO_AES)
/* implemented in wolfcrypt/src/port/devcrypto/devcrypto_aes.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
static int AES_ECB_encrypt(Aes* aes, const byte* inBlock, byte* outBlock,
int sz)
{
@ -2598,7 +2598,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
return wc_AesSetKey(aes, userKey, keylen, iv, dir);
}
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
int dir)
{
@ -3876,7 +3876,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
#elif defined(WOLFSSL_DEVCRYPTO_CBC)
/* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
return se050_aes_crypt(aes, in, out, sz, AES_ENCRYPTION,
@ -10363,7 +10363,7 @@ void wc_AesFree(Aes* aes)
}
#endif
#if defined(WOLFSSL_SE050)
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
se050_aes_free(aes);
#endif

122
wolfcrypt/src/ecc.c
View File

@ -1218,7 +1218,7 @@ static int wc_ecc_export_x963_compressed(ecc_key*, byte* out, word32* outLen);
#if (defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || !defined(WOLFSSL_SP_MATH)) && \
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_CRYPTOCELL)
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SE050)
static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a,
mp_int* prime, mp_int* order);
#endif
@ -4720,7 +4720,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
err = NOT_COMPILED_IN;
}
#elif defined(WOLFSSL_SE050)
err = se050_ecc_create_key(key, curve_id, keysize);
err = se050_ecc_create_key(key, key->dp->id, key->dp->size);
key->type = ECC_PRIVATEKEY;
#elif defined(WOLFSSL_CRYPTOCELL)
@ -5239,10 +5239,7 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen,
(void)rng;
#elif defined(WOLFSSL_SE050)
err = se050_ecc_sign_hash_ex(in, inlen, out, outlen, key);
if (err == 0)
err = DecodeECC_DSA_Sig(out, *outlen, r, s);
return err;
(void)rng;
#endif
/* Load R and S */
@ -7032,11 +7029,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
#elif defined(WOLFSSL_KCAPI_ECC)
byte sigRS[MAX_ECC_BYTES*2];
#elif defined(WOLFSSL_SE050)
#ifdef WOLFSSL_SMALL_STACK
byte* sigRS = NULL;
#else
byte sigRS[ECC_MAX_CRYPTO_HW_SIZE * 2];
#endif
byte sigRS[ECC_MAX_CRYPTO_HW_SIZE * 2];
#elif !defined(WOLFSSL_SP_MATH) || defined(FREESCALE_LTC_ECC)
int did_init = 0;
ecc_point *mG = NULL, *mQ = NULL;
@ -7098,17 +7091,24 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
}
#endif
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
/* Extract R and S */
err = mp_to_unsigned_bin(r, &sigRS[0]);
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \
defined(WOLFSSL_KCAPI_ECC) || defined(WOLFSSL_SE050)
/* Extract R and S with front zero padding (if required) */
XMEMSET(sigRS, 0, keySz * 2);
err = mp_to_unsigned_bin(r, sigRS +
(keySz - mp_unsigned_bin_size(r)));
if (err != MP_OKAY) {
return err;
}
err = mp_to_unsigned_bin(s, &sigRS[keySz]);
err = mp_to_unsigned_bin(s, sigRS + keySz +
(keySz - mp_unsigned_bin_size(s)));
if (err != MP_OKAY) {
return err;
}
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
err = atmel_ecc_verify(hash, sigRS, key->pubkey_raw, res);
if (err != 0) {
return err;
@ -7116,17 +7116,6 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
(void)hashlen;
#elif defined(WOLFSSL_CRYPTOCELL)
/* Extract R and S */
err = mp_to_unsigned_bin(r, &sigRS[0]);
if (err != MP_OKAY) {
return err;
}
err = mp_to_unsigned_bin(s, &sigRS[keySz]);
if (err != MP_OKAY) {
return err;
}
/* truncate if hash is longer than key size */
if (msgLenInBytes > keySz) {
msgLenInBytes = keySz;
@ -7153,69 +7142,18 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
/* valid signature if we get to this point */
*res = 1;
#elif defined(WOLFSSL_SILABS_SE_ACCEL)
/* Extract R and S */
err = mp_to_unsigned_bin(r, &sigRS[0]);
if (err != MP_OKAY) {
return err;
}
err = mp_to_unsigned_bin(s, &sigRS[keySz]);
if (err != MP_OKAY) {
return err;
}
err = silabs_ecc_verify_hash(&sigRS[0], keySz*2,
err = silabs_ecc_verify_hash(&sigRS[0], keySz * 2,
hash, hashlen,
res, key);
#elif defined(WOLFSSL_KCAPI_ECC)
/* Extract R and S */
err = mp_to_unsigned_bin(r, &sigRS[0]);
if (err != MP_OKAY) {
return err;
err = KcapiEcc_Verify(key, hash, hashlen, sigRS, keySz * 2);
if (err == 0) {
*res = 1;
}
err = mp_to_unsigned_bin(s, &sigRS[key->dp->size]);
if (err != MP_OKAY) {
return err;
}
err = KcapiEcc_Verify(key, hash, hashlen, sigRS, key->dp->size * 2);
#elif defined(WOLFSSL_SE050)
{
/* Used when following a hardware sign operation */
int rLeadingZero = mp_leading_bit(r);
int sLeadingZero = mp_leading_bit(s);
int rLen = mp_unsigned_bin_size(r);
int sLen = mp_unsigned_bin_size(s);
word32 signatureLen = rLeadingZero + sLeadingZero +
rLen + sLen + SIG_HEADER_SZ; /* see StoreECC_DSA_Sig */
err = se050_ecc_verify_hash_ex(hash, hashlen, sigRS, keySz * 2, key, res);
#endif
#ifdef WOLFSSL_SMALL_STACK
sigRS = (byte*)XMALLOC(signatureLen, NULL, DYNAMIC_TYPE_SIGNATURE);
if (sigRS == NULL) {
err = MEMORY_E;
}
#else
if (signatureLen > sizeof(sigRS)) {
err = BUFFER_E;
}
#endif
if (err == 0) {
err = StoreECC_DSA_Sig(sigRS, &signatureLen, r, s);
}
if (err == 0) {
err = se050_ecc_verify_hash_ex(hash, hashlen, sigRS,
signatureLen, key, res);
}
#ifdef WOLFSSL_SMALL_STACK
if (sigRS != NULL) {
XFREE(sigRS, NULL, DYNAMIC_TYPE_SIGNATURE);
sigRS = NULL;
}
#endif
if (err != 0)
return err;
}
#else
/* checking if private key with no public part */
if (key->type == ECC_PRIVATEKEY_ONLY) {
@ -8052,7 +7990,7 @@ int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen,
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_CRYPTOCELL)
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SE050)
/* is ecc point on curve described by dp ? */
int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime)
@ -8513,10 +8451,11 @@ int wc_ecc_get_generator(ecc_point* ecp, int curve_idx)
* checks on the bounds of the private key. */
static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
{
int err = MP_OKAY;
int err = MP_OKAY;
#ifndef WOLFSSL_SP_MATH
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL)
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
!defined(WOLFSSL_SE050)
mp_int* b = NULL;
#ifdef USE_ECC_B_PARAM
DECLARE_CURVE_SPECS(curve, 4);
@ -8527,7 +8466,7 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
DECLARE_CURVE_SPECS(curve, 3);
#endif /* USE_ECC_B_PARAM */
#endif /* !WOLFSSL_ATECC508A && !WOLFSSL_ATECC608A &&
!WOLFSSL_CRYPTOCELL && !WOLFSSL_SILABS_SE_ACCEL */
!WOLFSSL_CRYPTOCELL && !WOLFSSL_SILABS_SE_ACCEL && !WOLFSSL_SE050 */
#endif /* !WOLFSSL_SP_MATH */
ASSERT_SAVED_VECTOR_REGISTERS();
@ -8558,7 +8497,8 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
#ifndef WOLFSSL_SP_MATH
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL)
defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \
defined(WOLFSSL_SE050)
/* consider key check success on HW crypto
* ex: ATECC508/608A, CryptoCell and Silabs */
@ -8679,10 +8619,10 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
FREE_CURVE_SPECS();
#endif /* WOLFSSL_ATECC508A */
#else
err = WC_KEY_SIZE_E;
#endif /* !WOLFSSL_SP_MATH */
(void)partial;
(void)priv;
return WC_KEY_SIZE_E;
#endif /* !WOLFSSL_SP_MATH */
return err;
}
@ -8987,7 +8927,7 @@ int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen,
}
}
else
#endif
#endif
{
err = wc_export_int(&key->k, d, dLen, keySz, encType);
if (err != MP_OKAY)

5
wolfcrypt/src/port/nxp/README.md
View File

@ -42,7 +42,10 @@ make
``
Where `PATH` is the directory location of `simw-top`.
Example: `./configure --enable-debug --disable-shared --with-se050=/home/pi/simw-top CFLAGS="-DWOLFSSL_SE050_INIT"`
Example: `./configure --with-se050=/home/pi/simw-top CFLAGS="-DWOLFSSL_SE050_INIT"`
To enable AES Cipher support use `WOLFSSL_SE050_CRYPT`
To enable SHA-1 and SHA-2 support use `WOLFSSL_SE050_HASH`
## Building Examples

960
wolfcrypt/src/port/nxp/se050_port.c
View File

File diff suppressed because it is too large Load Diff

4
wolfcrypt/src/sha.c
View File

@ -336,7 +336,7 @@
#elif defined(WOLFSSL_SILABS_SE_ACCEL)
/* implemented in wolfcrypt/src/port/silabs/silabs_hash.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
@ -846,7 +846,7 @@ void wc_ShaFree(wc_Sha* sha)
#ifdef WOLFSSL_PIC32MZ_HASH
wc_ShaPic32Free(sha);
#endif
#ifdef WOLFSSL_SE050
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
se050_hash_free(&sha->se050Ctx);
#endif
#if (defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \

6
wolfcrypt/src/sha256.c
View File

@ -184,7 +184,7 @@ where 0 <= L < 2^64.
(!defined(WOLFSSL_ESP32WROOM32_CRYPT) || defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)) && \
(!defined(WOLFSSL_RENESAS_TSIP_CRYPT) || defined(NO_WOLFSSL_RENESAS_TSIP_HASH)) && \
!defined(WOLFSSL_PSOC6_CRYPTO) && !defined(WOLFSSL_IMXRT_DCP) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
!defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_SE050)
!defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_SE050_HASH)
static int InitSha256(wc_Sha256* sha256)
@ -585,7 +585,7 @@ static int InitSha256(wc_Sha256* sha256)
!defined(WOLFSSL_QNX_CAAM)
/* functions defined in wolfcrypt/src/port/caam/caam_sha256.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId)
@ -1411,7 +1411,7 @@ static int InitSha256(wc_Sha256* sha256)
return ret;
}
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
int wc_InitSha224_ex(wc_Sha224* sha224, void* heap, int devId)

20
wolfcrypt/src/sha512.c
View File

@ -49,7 +49,7 @@
#include <wolfssl/wolfcrypt/cryptocb.h>
#endif
#ifdef WOLFSSL_SE050
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
#endif
@ -203,7 +203,7 @@
#elif defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
int wc_InitSha512(wc_Sha512* sha512)
{
if (sha512 == NULL)
@ -952,7 +952,7 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#else
@ -1063,7 +1063,7 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#else
@ -1135,7 +1135,7 @@ int wc_Sha512Final(wc_Sha512* sha512, byte* hash)
#endif /* WOLFSSL_KCAPI_HASH */
#ifndef WOLFSSL_SE050
#if !defined(WOLFSSL_SE050) || !defined(WOLFSSL_SE050_HASH)
int wc_InitSha512(wc_Sha512* sha512)
{
return wc_InitSha512_ex(sha512, NULL, INVALID_DEVID);
@ -1217,7 +1217,7 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
}
#endif /* OPENSSL_EXTRA */
#endif /* WOLFSSL_SHA512 */
#endif /* !WOLFSSL_SE050 */
#endif /* !WOLFSSL_SE050 || !WOLFSSL_SE050_HASH */
/* -------------------------------------------------------------------------- */
@ -1228,7 +1228,7 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) && \
!defined(WOLFSSL_QNX_CAAM)
/* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
{
if (sha384 == NULL) {
@ -1566,7 +1566,7 @@ int wc_Sha512_224Update(wc_Sha512* sha, const byte* data, word32 len)
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#else
int wc_Sha512_224FinalRaw(wc_Sha512* sha, byte* hash)
@ -1585,7 +1585,7 @@ void wc_Sha512_224Free(wc_Sha512* sha)
}
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#else
@ -1630,7 +1630,7 @@ int wc_Sha512_256Update(wc_Sha512* sha, const byte* data, word32 len)
}
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#else
int wc_Sha512_256FinalRaw(wc_Sha512* sha, byte* hash)

82
wolfcrypt/test/test.c
View File

@ -22000,6 +22000,8 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &userA->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret == ECC_CURVE_OID_E)
goto done; /* catch case, where curve is not supported */
if (ret != 0)
ERROR_OUT(-9910, done);
TEST_SLEEP();
@ -22688,9 +22690,7 @@ static int ecc_sig_test(WC_RNG* rng, ecc_key* key)
}
#endif
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) && \
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_QNX_CAAM)
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)
static int ecc_exp_imp_test(ecc_key* key)
{
@ -22820,8 +22820,6 @@ done:
}
#endif /* HAVE_ECC_KEY_IMPORT && HAVE_ECC_KEY_EXPORT */
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_QNX_CAAM)
#if defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)
static int ecc_mulmod_test(ecc_key* key1)
{
@ -22933,7 +22931,6 @@ static int ecc_ssh_test(ecc_key* key, WC_RNG* rng)
return 0;
}
#endif /* HAVE_ECC_DHE && !WC_NO_RNG */
#endif
static int ecc_def_curve_test(WC_RNG *rng)
{
@ -22943,7 +22940,7 @@ static int ecc_def_curve_test(WC_RNG *rng)
#else
ecc_key key[1];
#endif
#ifdef WC_NO_RNG
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)
word32 idx = 0;
#endif
@ -22968,56 +22965,75 @@ static int ecc_def_curve_test(WC_RNG *rng)
#ifndef WC_NO_RNG
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, key);
#if defined(WOLFSSL_ASYNC_CRYPT)
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
#else
/* use test ECC key */
ret = wc_EccPrivateKeyDecode(ecc_key_der_256, &idx, key,
(word32)sizeof_ecc_key_der_256);
(void)rng;
#endif
#endif
if (ret != 0) {
ret = -10092;
goto done;
}
TEST_SLEEP();
#ifndef NO_SIG_WRAPPER
#ifndef NO_SIG_WRAPPER
ret = ecc_sig_test(rng, key);
if (ret < 0)
goto done;
#endif
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) && \
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_QNX_CAAM)
#endif
TEST_SLEEP();
#ifdef HAVE_ECC_DHE
ret = ecc_ssh_test(key, rng);
if (ret < 0)
goto done;
#endif
wc_ecc_free(key);
#else
(void)rng;
#endif /* !WC_NO_RNG */
#if (defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
(defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT))
/* Use test ECC key - ensure real private "d" exists */
#ifdef USE_CERT_BUFFERS_256
ret = wc_EccPrivateKeyDecode(ecc_key_der_256, &idx, key,
sizeof_ecc_key_der_256);
#else
{
XFILE file = XFOPEN("./certs/ecc-key.der", "rb");
byte der[128];
word32 derSz;
if (!file) {
ERROR_OUT(-10093, done);
}
derSz = (word32)XFREAD(der, 1, sizeof(der), file);
XFCLOSE(file);
ret = wc_EccPrivateKeyDecode(der, &idx, key, derSz);
}
#endif
if (ret != 0) {
goto done;
}
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)
ret = ecc_exp_imp_test(key);
if (ret < 0)
goto done;
#endif
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_QNX_CAAM)
#if defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)
ret = ecc_mulmod_test(key);
if (ret < 0)
goto done;
#endif
#if defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG)
ret = ecc_ssh_test(key, rng);
if (ret < 0)
goto done;
#endif
#endif /* WOLFSSL_ATECC508A */
done:
wc_ecc_free(key);
#ifdef WOLFSSL_SMALL_STACK
if (key != NULL) {
wc_ecc_free(key);
if (key != NULL) {
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
}
#else
wc_ecc_free(key);
#endif
return ret;
}
#endif /* !NO_ECC256 || HAVE_ALL_CURVES */

31
wolfssl/wolfcrypt/port/nxp/se050_port.h
View File

@ -54,30 +54,27 @@
/* Default key ID's */
#ifndef SE050_KEYID_AES
#define SE050_KEYID_AES 55
#ifndef SE050_KEYSTOREID_AES
#define SE050_KEYSTOREID_AES 55
#endif
#ifndef SE050_KEYID_ECC_SIGN
#define SE050_KEYID_ECC_SIGN 56
#ifndef SE050_KEYSTOREID_ED25519
#define SE050_KEYSTOREID_ED25519 58
#endif
#ifndef SE050_KEYID_ECC_VERIFY
#define SE050_KEYID_ECC_VERIFY 57
#ifndef SE050_KEYSTOREID_ECC
#define SE050_KEYSTOREID_ECC 60
#endif
#ifndef SE050_KEYID_ED25519
#define SE050_KEYID_ED25519 58
#endif
enum {
SSS_BLOCK_SIZE = 512
SSS_BLOCK_SIZE = 512,
SSS_MAX_ECC_BITS = 521
};
enum SE050KeyType {
SE050_KEYID_ANY,
SE050_ANY_KEY,
SE050_AES_KEY,
SE050_ECC_SIGN,
SE050_ECC_VERIFY,
SE050_ED25519,
SE050_ECC_KEY,
SE050_ED25519_KEY
};
@ -131,12 +128,12 @@ WOLFSSL_LOCAL int se050_ecc_sign_hash_ex(const byte* in, word32 inLen,
byte* out, word32 *outLen, struct ecc_key* key);
WOLFSSL_LOCAL int se050_ecc_verify_hash_ex(const byte* hash, word32 hashlen,
byte* signature, word32 signatureLen, struct ecc_key* key, int* res);
byte* sigRS, word32 sigRSLen, struct ecc_key* key, int* res);
WOLFSSL_LOCAL int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize);
WOLFSSL_LOCAL int se050_ecc_shared_secret(struct ecc_key* private_key,
struct ecc_key* public_key, byte* out, word32* outlen);
WOLFSSL_LOCAL int se050_ecc_free_key(struct ecc_key* key);
WOLFSSL_LOCAL void se050_ecc_free_key(struct ecc_key* key);
struct ed25519_key;
WOLFSSL_LOCAL int se050_ed25519_create_key(struct ed25519_key* key);

4
wolfssl/wolfcrypt/sha.h
View File

@ -110,7 +110,7 @@ enum {
#include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h"
#else
#if defined(WOLFSSL_SE050)
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#include "wolfssl/wolfcrypt/port/nxp/se050_port.h"
#endif
@ -118,7 +118,7 @@ enum {
struct wc_Sha {
#ifdef FREESCALE_LTC_SHA
ltc_hash_ctx_t ctx;
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
SE050_HASH_Context se050Ctx;
#elif defined(STM32_HASH)
STM32_HASH_Context stmCtx;

4
wolfssl/wolfcrypt/sha256.h
View File

@ -144,7 +144,7 @@ enum {
#include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h"
#else
#if defined(WOLFSSL_SE050)
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#include "wolfssl/wolfcrypt/port/nxp/se050_port.h"
#endif
@ -152,7 +152,7 @@ enum {
struct wc_Sha256 {
#ifdef FREESCALE_LTC_SHA
ltc_hash_ctx_t ctx;
#elif defined(WOLFSSL_SE050)
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
SE050_HASH_Context se050Ctx;
#elif defined(STM32_HASH_SHA2)
STM32_HASH_Context stmCtx;