From e862c85db454131e430c12ad23eefcc7b6c1cdd3 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 24 Apr 2024 18:32:48 -0500 Subject: [PATCH] fix formatting infractions in the ports (hard tabs, trailing whitespace, C++ comments, stray Unicode including numerous homoglyphs). --- wolfcrypt/src/port/Espressif/esp32_mp.c | 34 +-- wolfcrypt/src/port/Renesas/renesas_common.c | 2 +- .../src/port/Renesas/renesas_fspsm_aes.c | 40 +-- .../src/port/Renesas/renesas_fspsm_rsa.c | 76 ++--- .../src/port/Renesas/renesas_fspsm_sha.c | 26 +- .../src/port/Renesas/renesas_fspsm_util.c | 18 +- wolfcrypt/src/port/Renesas/renesas_tsip_aes.c | 14 +- wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c | 80 +++--- wolfcrypt/src/port/Renesas/renesas_tsip_sha.c | 22 +- .../src/port/Renesas/renesas_tsip_util.c | 262 +++++++++--------- wolfcrypt/src/port/af_alg/wc_afalg.c | 2 +- wolfcrypt/src/port/atmel/atmel.c | 16 +- wolfcrypt/src/port/caam/caam_driver.c | 2 +- wolfcrypt/src/port/caam/caam_qnx.c | 5 +- wolfcrypt/src/port/caam/wolfcaam_hash.c | 2 +- wolfcrypt/src/port/caam/wolfcaam_init.c | 2 +- wolfcrypt/src/port/cuda/aes-cuda.cu | 18 +- wolfcrypt/src/port/intel/quickassist_sync.c | 8 +- wolfcrypt/src/port/iotsafe/iotsafe.c | 10 +- wolfcrypt/src/port/maxim/maxq10xx.c | 2 +- wolfcrypt/src/port/nxp/ksdk_port.c | 32 +-- wolfcrypt/src/port/nxp/se050_port.c | 2 +- wolfcrypt/src/port/pic32/pic32mz-crypt.c | 2 +- wolfcrypt/src/port/st/stsafe.c | 2 +- wolfcrypt/src/port/ti/ti-hash.c | 4 +- wolfcrypt/src/port/xilinx/xil-aesgcm.c | 6 +- wolfcrypt/src/port/xilinx/xil-versal-glue.c | 2 +- .../wolfcrypt/port/Espressif/esp32-crypt.h | 6 +- .../port/Renesas/renesas-fspsm-crypt.h | 4 +- .../port/Renesas/renesas-tsip-crypt.h | 70 ++--- wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h | 12 +- .../port/Renesas/renesas_tsip_types.h | 4 +- wolfssl/wolfcrypt/port/caam/wolfcaam.h | 8 +- wolfssl/wolfcrypt/port/liboqs/liboqs.h | 2 +- wolfssl/wolfcrypt/port/nxp/ksdk_port.h | 74 ++--- 35 files changed, 437 insertions(+), 434 deletions(-) diff --git a/wolfcrypt/src/port/Espressif/esp32_mp.c b/wolfcrypt/src/port/Espressif/esp32_mp.c index 58925626b..64959a47f 100644 --- a/wolfcrypt/src/port/Espressif/esp32_mp.c +++ b/wolfcrypt/src/port/Espressif/esp32_mp.c @@ -23,15 +23,15 @@ * See ESP32 Technical Reference Manual - RSA Accelerator Chapter * * esp_mp_exptmod() Large Number Modular Exponentiation Z = X^Y mod M - * esp_mp_mulmod() Large Number Modular Multiplication Z = X × Y mod M - * esp_mp_mul() Large Number Multiplication Z = X × Y + * esp_mp_mulmod() Large Number Modular Multiplication Z = X * Y mod M + * esp_mp_mul() Large Number Multiplication Z = X * Y * * The ESP32 RSA Accelerator supports operand lengths of: - * N ∈ {512, 1024, 1536, 2048, 2560, 3072, 3584, 4096} bits. The bit length + * N in {512, 1024, 1536, 2048, 2560, 3072, 3584, 4096} bits. The bit length * of arguments Z, X, Y , M, and r can be any one from the N set, but all * numbers in a calculation must be of the same length. * - * The bit length of M′ is always 32. + * The bit length of M' is always 32. * * Also, beware: "we have uint32_t == unsigned long for both Xtensa and RISC-V" * see https://github.com/espressif/esp-idf/issues/9511#issuecomment-1207342464 @@ -1285,8 +1285,8 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z) Zs = Xs + Ys; /* RSA Accelerator only supports Large Number Multiplication - * with operand length N = 32 × x, - * where x ∈ {1, 2, 3, . . . , 64} */ + * with operand length N = 32 * x, + * where x in {1, 2, 3, . . . , 64} */ if (Xs > 64 || Ys > 64) { return MP_HW_FALLBACK; /* TODO add count metric on size fallback */ } @@ -1334,7 +1334,7 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z) /* Y (left-extend) * Accelerator supports large-number multiplication with only - * four operand lengths of N ∈ {512, 1024, 1536, 2048} */ + * four operand lengths of N in {512, 1024, 1536, 2048} */ left_pad_offset = maxWords_sz << 2; if (left_pad_offset <= 512 >> 3) { left_pad_offset = 512 >> 3; /* 64 bytes (16 words) */ @@ -1583,10 +1583,10 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z) * 0 => no interrupt; 1 => interrupt on completion. */ DPORT_REG_WRITE(RSA_INT_ENA_REG, 0); /* 2. Write number of words required for result. */ - /* see 21.3.3 Write (/N16 − 1) to the RSA_MODE_REG register */ + /* see 21.3.3 Write (/N16 - 1) to the RSA_MODE_REG register */ DPORT_REG_WRITE(RSA_MODE_REG, (hwWords_sz * 2 - 1)); - /* 3. Write Xi and Yi for ∈ {0, 1, . . . , n − 1} to memory blocks + /* 3. Write Xi and Yi for {0, 1, . . . , n - 1} to memory blocks * RSA_X_MEM and RSA_Z_MEM * Maximum is 64 words (64*8*4 = 2048 bits) */ esp_mpint_to_memblock(RSA_X_MEM, @@ -1796,7 +1796,7 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z) * * See 24.3.3 of the ESP32 Technical Reference Manual * - * Z = X × Y mod M */ + * Z = X * Y mod M */ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z) { struct esp_mp_helper mph[1]; /* we'll save some values in this mp helper */ @@ -1839,7 +1839,7 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z) /* do we have an even moduli? */ if ((M->dp[0] & 1) == 0) { #ifndef NO_ESP_MP_MUL_EVEN_ALT_CALC - /* Z = X × Y mod M in mixed HW & SW*/ + /* Z = X * Y mod M in mixed HW & SW*/ ret = esp_mp_mul(X, Y, tmpZ); /* HW X * Y */ if (ret == MP_OKAY) { /* z = tmpZ mod M, 0 <= Z < M */ @@ -1973,13 +1973,13 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z) * or until the RSA_INTR interrupt is generated. * (Or until the INTER interrupt is generated.) * 6. Write 1 to RSA_INTERRUPT_REG to clear the interrupt. - * 7. Write Yi (i ∈ [0, n) ∩ N) to RSA_X_MEM + * 7. Write Yi (i in [0, n) intersect N) to RSA_X_MEM * Users need to write to the memory block only according to the length * of the number. Data beyond this length is ignored. * 8. Write 1 to RSA_MULT_START_REG * 9. Wait for the second operation to be completed. * Poll INTERRUPT_REG until it reads 1. - * 10. Read the Zi (i ∈ [0, n) ∩ N) from RSA_Z_MEM + * 10. Read the Zi (i in [0, n) intersect N) from RSA_Z_MEM * 11. Write 1 to RSA_INTERUPT_REG to clear the interrupt. * * post: Release the HW engine @@ -2500,15 +2500,15 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z) * ESP32S3, Section 20.3.1, https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf * * The operation is based on Montgomery multiplication. Aside from the - * arguments X, Y , and M, two additional ones are needed —r and M′ + * arguments X, Y , and M, two additional ones are needed -r and M' .* These arguments are calculated in advance by software. .* -.* The RSA Accelerator supports operand lengths of N ∈ {512, 1024, 1536, 2048, -.* 2560, 3072, 3584, 4096} bits on the ESP32 and N ∈ [32, 4096] bits +.* The RSA Accelerator supports operand lengths of N in {512, 1024, 1536, 2048, +.* 2560, 3072, 3584, 4096} bits on the ESP32 and N in [32, 4096] bits * on the ESP32s3. .* The bit length of arguments Z, X, Y , M, and r can be any one from * the N set, but all numbers in a calculation must be of the same length. -.* The bit length of M′ is always 32. +.* The bit length of M' is always 32. .* * Z = (X ^ Y) mod M : Espressif generic notation * Y = (G ^ X) mod P : wolfSSL DH reference notation */ diff --git a/wolfcrypt/src/port/Renesas/renesas_common.c b/wolfcrypt/src/port/Renesas/renesas_common.c index 00deff3df..deff62529 100644 --- a/wolfcrypt/src/port/Renesas/renesas_common.c +++ b/wolfcrypt/src/port/Renesas/renesas_common.c @@ -59,7 +59,7 @@ static int gdevId = 7890; /* initial dev Id for Crypt Callback */ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) FSPSM_ST *gCbCtx[MAX_FSPSM_CBINDEX]; #elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \ - defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) + defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) #define FSPSM_ST TsipUserCtx; #define MAX_FSPSM_CBINDEX 5 TsipUserCtx *gCbCtx[MAX_FSPSM_CBINDEX]; diff --git a/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c b/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c index cb0535735..37a2bedea 100644 --- a/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c +++ b/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c @@ -72,7 +72,7 @@ typedef fsp_err_t (*aesGcmDecFinalFn) #if defined(WOLFSSL_RENESAS_RSIP) /* wrapper for Gcm encrypt init */ -static fsp_err_t _R_RSIP_AES_GCM_EncryptInit(FSPSM_AESGCM_HANDLE* h, +static fsp_err_t _R_RSIP_AES_GCM_EncryptInit(FSPSM_AESGCM_HANDLE* h, FSPSM_AES_PWKEY k, uint8_t* iv, uint32_t iv_l) { @@ -81,8 +81,8 @@ static fsp_err_t _R_RSIP_AES_GCM_EncryptInit(FSPSM_AESGCM_HANDLE* h, (uint8_t* const)iv, iv_l); } /* wrapper for Gcm encrypt update */ -static fsp_err_t _R_RSIP_AES_GCM_EncryptUpdate(FSPSM_AESGCM_HANDLE* h, - uint8_t* p_plain, uint8_t* p_cipher, uint32_t plain_length, +static fsp_err_t _R_RSIP_AES_GCM_EncryptUpdate(FSPSM_AESGCM_HANDLE* h, + uint8_t* p_plain, uint8_t* p_cipher, uint32_t plain_length, uint8_t* p_add, uint32_t add_len) { (void) h; @@ -93,8 +93,8 @@ static fsp_err_t _R_RSIP_AES_GCM_EncryptUpdate(FSPSM_AESGCM_HANDLE* h, (uint32_t const) add_len); } /* wrapper for Gcm encrypt final */ -static fsp_err_t _R_RSIP_AES_GCM_EncryptFinal(FSPSM_AESGCM_HANDLE* h, - uint8_t* p_cipher, uint32_t* c_len, +static fsp_err_t _R_RSIP_AES_GCM_EncryptFinal(FSPSM_AESGCM_HANDLE* h, + uint8_t* p_cipher, uint32_t* c_len, uint8_t* p_atag) { (void) h; @@ -103,7 +103,7 @@ static fsp_err_t _R_RSIP_AES_GCM_EncryptFinal(FSPSM_AESGCM_HANDLE* h, (uint8_t* const) p_atag); } /* wrapper for Gcm decrypt init */ -static fsp_err_t _R_RSIP_AES_GCM_DecryptInit(FSPSM_AESGCM_HANDLE* h, +static fsp_err_t _R_RSIP_AES_GCM_DecryptInit(FSPSM_AESGCM_HANDLE* h, FSPSM_AES_PWKEY k, uint8_t* iv, uint32_t iv_l) { (void) h; @@ -111,8 +111,8 @@ static fsp_err_t _R_RSIP_AES_GCM_DecryptInit(FSPSM_AESGCM_HANDLE* h, (uint8_t* const)iv, iv_l); } /* wrapper for Gcm decrypt update */ -static fsp_err_t _R_RSIP_AES_GCM_DecryptUpdate(FSPSM_AESGCM_HANDLE* h, - uint8_t* p_cipher, uint8_t* p_plain, uint32_t c_length, +static fsp_err_t _R_RSIP_AES_GCM_DecryptUpdate(FSPSM_AESGCM_HANDLE* h, + uint8_t* p_cipher, uint8_t* p_plain, uint32_t c_length, uint8_t* p_add, uint32_t add_len) { (void) h; @@ -123,8 +123,8 @@ static fsp_err_t _R_RSIP_AES_GCM_DecryptUpdate(FSPSM_AESGCM_HANDLE* h, (uint32_t const) add_len); } /* wrapper for Gcm decrypt final */ -static fsp_err_t _R_RSIP_AES_GCM_DecryptFinal(FSPSM_AESGCM_HANDLE* h, - uint8_t* p_plain, uint32_t* plain_len, +static fsp_err_t _R_RSIP_AES_GCM_DecryptFinal(FSPSM_AESGCM_HANDLE* h, + uint8_t* p_plain, uint32_t* plain_len, uint8_t* p_atag, uint32_t atag_len) { (void) h; @@ -241,7 +241,7 @@ WOLFSSL_LOCAL int wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out, FSPSM_AES_PWKEY key_client_aes = NULL; FSPSM_AES_PWKEY key_server_aes = NULL; (void) key_server_aes; - + /* sanity check */ if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) { return BAD_FUNC_ARG; @@ -282,7 +282,7 @@ WOLFSSL_LOCAL int wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out, aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap, DYNAMIC_TYPE_AES); - if ((sz > 0 && plainBuf == NULL) || + if ((sz > 0 && plainBuf == NULL) || ((sz + delta) > 0 && cipherBuf == NULL) || aTagBuf == NULL) { WOLFSSL_MSG("wc_fspsm_AesGcmEncrypt: buffer allocation failed"); ret = -1; @@ -293,7 +293,7 @@ WOLFSSL_LOCAL int wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out, XMEMSET((void*)cipherBuf, 0, sz + delta); XMEMSET((void*)authTag, 0, authTagSz); } - + #if defined(WOLFSSL_RENESAS_FSPSM_TLS) if (ret == 0 && info->keyflgs_tls.bits.session_key_set == 1) { @@ -310,7 +310,7 @@ WOLFSSL_LOCAL int wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out, XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES); return MEMORY_E; } - + ret = FSPSM_SESSIONKEY_GEN_FUNC( info->cipher, (uint32_t*)info->masterSecret, @@ -514,7 +514,7 @@ WOLFSSL_LOCAL int wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out, XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES); return MEMORY_E; } - + ret = FSPSM_SESSIONKEY_GEN_FUNC( info->cipher, (uint32_t*)info->masterSecret, @@ -547,7 +547,7 @@ WOLFSSL_LOCAL int wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out, ret = -1; } } - + if (ret == 0) { /* since key_index has iv and ivSz in it, no need to pass them init * func. Pass NULL and 0 as 3rd and 4th parameter respectively. @@ -769,7 +769,7 @@ WOLFSSL_LOCAL void wc_fspsm_Aesfree(Aes* aes) } #else if (aes->ctx.wrapped_key) { - /* aes ctx just points user created wrapped key + /* aes ctx just points user created wrapped key * in the case of CryptOnly Mode * therefore, it just sets pointing to NULL. * user key should be freed by owner(user) @@ -785,8 +785,8 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, { (void) userKey; (void) dir; - - if (aes == NULL || userKey == NULL || + + if (aes == NULL || userKey == NULL || !((keylen == 16) || (keylen == 32))) { return BAD_FUNC_ARG; } @@ -806,7 +806,7 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)userKey; aes->keylen = (int)keylen; aes->ctx.keySize = keylen; - + return wc_AesSetIV(aes, iv); } #endif diff --git a/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c b/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c index 5db4435d5..78b9381e2 100644 --- a/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c +++ b/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c @@ -40,7 +40,7 @@ extern FSPSM_INSTANCE gFSPSM_ctrl; #endif -/* Set Ctx pointer to NULL. +/* Set Ctx pointer to NULL. * A created wrapped key should be freed by user * * key RsaKey object @@ -122,23 +122,23 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out, struct WC_RNG* rng) { int ret; - + FSPSM_RSA_DATA plain; FSPSM_RSA_DATA cipher; - + int keySize; - + (void) key; (void) rng; - + /* sanity check */ if (in == NULL || out == NULL || ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){ return BAD_FUNC_ARG; } - + keySize = (int)key->ctx.keySz; - + if (keySize == 0) { WOLFSSL_MSG("keySize is invalid, neither 128 or 256 bytes, " "1024 or 2048 bits."); @@ -147,7 +147,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out, if ((ret = wc_fspsm_hw_lock()) == 0) { if (type == RSA_PUBLIC_ENCRYPT) { - + plain.pdata = (byte*)in; plain.data_length = inLen; cipher.pdata = out; @@ -169,7 +169,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out, plain.data_length = *outLen; cipher.pdata = (byte*)in; cipher.data_length = inLen; - + if (keySize == 1024) { ret = FSPSM_RSA1024_PKCSDEC_FUNC(&cipher, &plain, (FSPSM_RSA1024_WPI_KEY*) @@ -181,7 +181,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out, key->ctx.wrapped_pri2048_key, &outLen); } } - + wc_fspsm_hw_unlock(); } return ret; @@ -189,7 +189,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out, /* Perform Rsa sign by FSP SM * Assumes to be called by Crypt Callback - * + * * in Buffer to hold plaintext * inLen Length of plaintext in bytes * out Buffer to hold generated signature @@ -198,40 +198,40 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out, * ctx The callback context * return FSP_SUCCESS(0) on Success, otherwise negative value */ - + WOLFSSL_LOCAL int wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out, word32* outLen, struct RsaKey* key, void* ctx) { int ret; - + FSPSM_RSA_DATA message_hash; FSPSM_RSA_DATA signature; FSPSM_ST *info = (FSPSM_ST*)ctx; int keySize; - + /* sanity check */ if (in == NULL || out == NULL || (word32*)outLen <= 0 || info == NULL || ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){ return BAD_FUNC_ARG; } - + keySize = (int)key->ctx.keySz; - + message_hash.pdata = (byte *)in; message_hash.data_length = inLen; - message_hash.data_type = + message_hash.data_type = info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */ signature.pdata = out; signature.data_length = (word32*)outLen; - + #if defined(WOLFSSL_RENESAS_RSIP) - message_hash.hash_type = signature.hash_type = + message_hash.hash_type = signature.hash_type = info->hash_type; /* hash type */ #endif - + if ((ret = wc_fspsm_hw_lock()) == 0) { if (keySize == 1024) { - + ret = FSPSM_RSA1024_SIGN_FUNC(&message_hash, &signature, (FSPSM_RSA1024_WPI_KEY *) @@ -239,23 +239,23 @@ WOLFSSL_LOCAL int wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out, HW_SCE_RSA_HASH_SHA256); } else { - + ret = FSPSM_RSA2048_SIGN_FUNC(&message_hash, &signature, (FSPSM_RSA2048_WPI_KEY *) key->ctx.wrapped_pri2048_key, HW_SCE_RSA_HASH_SHA256); } - + wc_fspsm_hw_unlock(); } - + return ret; } /* Perform Rsa verify by FSP SM * Assumes to be called by Crypt Callback - * + * * in Buffer to hold plaintext * inLen Length of plaintext in bytes * out Buffer to hold generated signature @@ -264,40 +264,40 @@ WOLFSSL_LOCAL int wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out, * ctx The callback context * return FSP_SUCCESS(0) on Success, otherwise negative value */ - + WOLFSSL_LOCAL int wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out, word32* outLen,struct RsaKey* key, void* ctx) { int ret; - + FSPSM_RSA_DATA message_hash; FSPSM_RSA_DATA signature; FSPSM_ST *info = (FSPSM_ST*)ctx; int keySize; - + (void) key; - + /* sanity check */ if (in == NULL || out == NULL || (word32*)outLen <= 0 || info == NULL || ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){ return BAD_FUNC_ARG; } - + keySize = (int)key->ctx.keySz; - - + + message_hash.pdata =(byte*)in; message_hash.data_length = inLen; - message_hash.data_type = + message_hash.data_type = info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */ - + signature.pdata = out; signature.data_length = (word32*)outLen; #if defined(WOLFSSL_RENESAS_RSIP) - message_hash.hash_type = signature.hash_type = + message_hash.hash_type = signature.hash_type = info->hash_type; /* hash type */ #endif - + if ((ret = wc_fspsm_hw_lock()) == 0) { if (keySize == 1024) { ret = FSPSM_RSA1024_VRY_FUNC(&signature, @@ -307,7 +307,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out, HW_SCE_RSA_HASH_SHA256); } else { - ret = FSPSM_RSA2048_VRY_FUNC(&signature, + ret = FSPSM_RSA2048_VRY_FUNC(&signature, &message_hash, (FSPSM_RSA2048_WPB_KEY *) key->ctx.wrapped_pub2048_key, @@ -315,7 +315,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out, } wc_fspsm_hw_unlock(); } - + return ret; } diff --git a/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c b/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c index 52df6da3d..0d7676348 100644 --- a/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c +++ b/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c @@ -149,14 +149,14 @@ static int FSPSM_HashInit(wolfssl_FSPSM_Hash* hash, void* heap, int devId, XMEMSET(hash, 0, sizeof(wolfssl_FSPSM_Hash)); hash->sha_type = sha_type; hash->heap = heap; - + #if defined(WOLFSSL_RENESAS_SCEPROTECT) hash->len = 0; hash->used = 0; hash->msg = NULL; - + #elif defined(WOLFSSL_RENESAS_RSIP) - + switch(hash->sha_type) { case FSPSM_SHA1: Init = FSPSM_SHA1_Init; @@ -244,7 +244,7 @@ static int FSPSM_HashUpdate(wolfssl_FSPSM_Hash* hash, XMEMCPY(hash->msg + hash->used, data , sz); hash->used += sz; #elif defined(WOLFSSL_RENESAS_RSIP) - + switch(hash->sha_type) { case FSPSM_SHA1: Update = FSPSM_SHA1_Up; @@ -309,7 +309,7 @@ static int FSPSM_HashFinal(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz) Final = FSPSM_SHA256_Final; } else return BAD_FUNC_ARG; - + wc_fspsm_hw_lock(); if (Init(&handle) == FSP_SUCCESS) { @@ -328,7 +328,7 @@ static int FSPSM_HashFinal(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz) } } wc_fspsm_hw_unlock(); - + #elif defined(WOLFSSL_RENESAS_RSIP) switch(hash->sha_type) { case FSPSM_SHA1: @@ -355,7 +355,7 @@ static int FSPSM_HashFinal(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz) default: return BAD_FUNC_ARG; } - + wc_fspsm_hw_lock(); ret = Final(&hash->handle, out, (uint32_t*)&sz); if (ret != FSP_SUCCESS) { @@ -380,7 +380,7 @@ static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz) fsp_err_t (*Final )(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t*); uint32_t sz = 0; (void) outSz; - + #if defined(WOLFSSL_RENESAS_SCEPROTECT) FSPSM_SHA_HANDLE handle; fsp_err_t (*Init)(FSPSM_SHA_HANDLE*); @@ -401,7 +401,7 @@ static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz) Final = FSPSM_SHA256_Final; } else return BAD_FUNC_ARG; - + wc_fspsm_hw_lock(); if (Init(&handle) == FSP_SUCCESS) { ret = Update(&handle, (uint8_t*)hash->msg, hash->used); @@ -419,7 +419,7 @@ static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz) } } wc_fspsm_hw_unlock(); - + #elif defined(WOLFSSL_RENESAS_RSIP) switch(hash->sha_type) { case FSPSM_SHA1: @@ -446,8 +446,8 @@ static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz) default: return BAD_FUNC_ARG; } - - + + if(FSPSM_HashCopy(hash, &hashCopy) != 0) { WOLFSSL_MSG("ShaCopy operation failed"); WOLFSSL_ERROR(WC_HW_E); @@ -461,7 +461,7 @@ static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz) ret = WC_HW_E; } wc_fspsm_hw_unlock(); - + #endif return ret; diff --git a/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c b/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c index 1ecf750ea..ba217a739 100644 --- a/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c +++ b/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c @@ -135,7 +135,7 @@ WOLFSSL_LOCAL int wc_fspsm_Open() if (ret != FSP_SUCCESS) { WOLFSSL_MSG("RENESAS SCE Open failed"); } - + #if defined(WOLFSSL_RENESAS_FSPSM_TLS) if (ret == FSP_SUCCESS && g_user_key_info.encrypted_user_tls_key) { @@ -184,7 +184,7 @@ WOLFSSL_LOCAL void wc_fspsm_Close() } #define RANDGEN_WORDS 4 -WOLFSSL_LOCAL int wc_fspsm_GenerateRandBlock(byte* output, word32 sz) +WOLFSSL_LOCAL int wc_fspsm_GenerateRandBlock(byte* output, word32 sz) { /* Generate PRNG based on NIST SP800-90A AES CTR-DRBG */ int ret = 0; @@ -384,7 +384,7 @@ WOLFSSL_LOCAL int wc_fspsm_EccVerifyTLS(WOLFSSL* ssl, const uint8_t* sig, #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) - + /* Callback for ECC shared secret */ WOLFSSL_LOCAL int fspsm_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey, uint8_t* pubKeyDer, unsigned int* pubKeySz, @@ -723,7 +723,7 @@ WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl, Ciphers *dec; FSPSM_HMAC_WKEY key_client_mac; FSPSM_HMAC_WKEY key_server_mac; - + FSPSM_AES_PWKEY key_client_aes = NULL; FSPSM_AES_PWKEY key_server_aes = NULL; @@ -752,7 +752,7 @@ WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl, if (key_client_aes == NULL || key_server_aes == NULL) { return MEMORY_E; } - + ret = FSPSM_SESSIONKEY_GEN_FUNC( GetSceCipherSuite( ssl->options.cipherSuite0, @@ -802,7 +802,7 @@ WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl, return MEMORY_E; } XMEMSET(dec->aes, 0, sizeof(Aes)); - + dec->aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)XMALLOC (sizeof(FSPSM_AES_WKEY), aes->heap, DYNAMIC_TYPE_AE); @@ -853,15 +853,15 @@ WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl, /* marked as session key is set */ cbInfo->keyflgs_tls.bits.session_key_set = 1; } - + if (key_client_aes) XFREE(key_client_aes, aes->heap, DYNAMIC_TYPE_AES); if (key_server_aes) XFREE(key_server_aes, aes->heap, DYNAMIC_TYPE_AES); - + /* unlock hw */ wc_fspsm_hw_unlock(); - + } else { WOLFSSL_LEAVE("hw lock failed", ret); diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c index d4f474195..1d39e5a8e 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c @@ -86,9 +86,9 @@ typedef e_tsip_err_t (*Tls13AesDecFinalFn) /* encrypt plain data. - * + * * return cipher data size on success, negative value on failure. - * CRYPTOCB_UNAVAILABLE may be returned. + * CRYPTOCB_UNAVAILABLE may be returned. */ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt( struct WOLFSSL* ssl, @@ -166,7 +166,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt( cs, key, sz); - + if (err != TSIP_SUCCESS) { WOLFSSL_MSG("R_TSIP_Tls13DecryptUpdate error"); ret = WC_HW_E; @@ -236,7 +236,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt( /* decrypt encrypted handshake data for TLSv1.3 * AES-GCM or AES-CCM can be used * return 0 on success, otherwise on error. - */ + */ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt( struct WOLFSSL* ssl, byte* output, @@ -627,7 +627,7 @@ int wc_tsip_AesGcmEncrypt( uint8_t* aadBuf = NULL; const uint8_t* iv_l = NULL; uint32_t ivSz_l = 0; - + tsip_aes_key_index_t key_client_aes; TsipUserCtx *userCtx; @@ -722,10 +722,10 @@ int wc_tsip_AesGcmEncrypt( XMEMCPY(&key_client_aes, &userCtx->user_aes128_key_index, sizeof(tsip_aes_key_index_t)); } - + iv_l = iv; ivSz_l = ivSz; - + } if (ret == 0) { diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c b/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c index 1a77b4020..1da7869eb 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c @@ -18,7 +18,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ - + #include #if !defined(NO_RSA) && \ @@ -63,54 +63,54 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx) if (size == 1024) { tsip_pair1024_key = (tsip_rsa1024_key_pair_index_t*)XMALLOC( - sizeof(tsip_rsa1024_key_pair_index_t), NULL, + sizeof(tsip_rsa1024_key_pair_index_t), NULL, DYNAMIC_TYPE_RSA_BUFFER); if (tsip_pair1024_key == NULL) return MEMORY_E; - + ret = R_TSIP_GenerateRsa1024RandomKeyIndex(tsip_pair1024_key); } else if (size == 2048) { tsip_pair2048_key = (tsip_rsa2048_key_pair_index_t*)XMALLOC( - sizeof(tsip_rsa2048_key_pair_index_t), NULL, + sizeof(tsip_rsa2048_key_pair_index_t), NULL, DYNAMIC_TYPE_RSA_BUFFER); if (tsip_pair2048_key == NULL) return MEMORY_E; - + ret = R_TSIP_GenerateRsa2048RandomKeyIndex(tsip_pair2048_key); } else return CRYPTOCB_UNAVAILABLE; - + if (ret == TSIP_SUCCESS) { if (size == 1024) { if (info->rsa1024pri_keyIdx != NULL) { - XFREE(info->rsa1024pri_keyIdx, NULL, + XFREE(info->rsa1024pri_keyIdx, NULL, DYNAMIC_TYPE_RSA_BUFFER); } if (info->rsa1024pub_keyIdx != NULL) { - XFREE(info->rsa1024pub_keyIdx, NULL, + XFREE(info->rsa1024pub_keyIdx, NULL, DYNAMIC_TYPE_RSA_BUFFER); } - info->rsa1024pri_keyIdx = + info->rsa1024pri_keyIdx = (tsip_rsa1024_private_key_index_t*)XMALLOC( - sizeof(tsip_rsa1024_private_key_index_t), NULL, + sizeof(tsip_rsa1024_private_key_index_t), NULL, DYNAMIC_TYPE_RSA_BUFFER); - + if (info->rsa1024pri_keyIdx == NULL) { XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER); return MEMORY_E; } - + info->rsa1024pub_keyIdx = (tsip_rsa1024_public_key_index_t*)XMALLOC( - sizeof(tsip_rsa1024_public_key_index_t), NULL, + sizeof(tsip_rsa1024_public_key_index_t), NULL, DYNAMIC_TYPE_RSA_BUFFER); - + if (info->rsa1024pub_keyIdx == NULL) { XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER); - XFREE(info->rsa1024pri_keyIdx, 0, + XFREE(info->rsa1024pri_keyIdx, 0, DYNAMIC_TYPE_RSA_BUFFER); return MEMORY_E; } @@ -118,63 +118,63 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx) XMEMCPY(info->rsa1024pri_keyIdx, &tsip_pair1024_key->private, sizeof(tsip_rsa1024_private_key_index_t)); - XMEMCPY(info->rsa1024pub_keyIdx, + XMEMCPY(info->rsa1024pub_keyIdx, &tsip_pair1024_key->public, sizeof(tsip_rsa1024_public_key_index_t)); XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER); - + info->keyflgs_crypt.bits.rsapri1024_key_set = 1; info->keyflgs_crypt.bits.rsapub1024_key_set = 1; } else if (size == 2048) { if (info->rsa2048pri_keyIdx != NULL) { - XFREE(info->rsa2048pri_keyIdx, NULL, + XFREE(info->rsa2048pri_keyIdx, NULL, DYNAMIC_TYPE_RSA_BUFFER); } if (info->rsa2048pub_keyIdx != NULL) { - XFREE(info->rsa2048pub_keyIdx, NULL, + XFREE(info->rsa2048pub_keyIdx, NULL, DYNAMIC_TYPE_RSA_BUFFER); } - info->rsa2048pri_keyIdx = + info->rsa2048pri_keyIdx = (tsip_rsa2048_private_key_index_t*)XMALLOC( - sizeof(tsip_rsa2048_private_key_index_t), NULL, + sizeof(tsip_rsa2048_private_key_index_t), NULL, DYNAMIC_TYPE_RSA_BUFFER); - + if (info->rsa2048pri_keyIdx == NULL) { XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER); return MEMORY_E; } - + info->rsa2048pub_keyIdx = (tsip_rsa2048_public_key_index_t*)XMALLOC( - sizeof(tsip_rsa2048_public_key_index_t), NULL, + sizeof(tsip_rsa2048_public_key_index_t), NULL, DYNAMIC_TYPE_RSA_BUFFER); - + if (info->rsa2048pub_keyIdx == NULL) { XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER); - XFREE(info->rsa2048pri_keyIdx, 0, + XFREE(info->rsa2048pri_keyIdx, 0, DYNAMIC_TYPE_RSA_BUFFER); return MEMORY_E; } /* copy generated key pair and free malloced key */ - XMEMCPY(info->rsa2048pri_keyIdx, + XMEMCPY(info->rsa2048pri_keyIdx, &tsip_pair2048_key->private, sizeof(tsip_rsa2048_private_key_index_t)); - XMEMCPY(info->rsa2048pub_keyIdx, + XMEMCPY(info->rsa2048pub_keyIdx, &tsip_pair2048_key->public, sizeof(tsip_rsa2048_public_key_index_t)); XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER); - + info->keyflgs_crypt.bits.rsapri2048_key_set = 1; info->keyflgs_crypt.bits.rsapub2048_key_set = 1; - + } } else { WOLFSSL_MSG("Failed to generate key pair by TSIP"); return CRYPTOCB_UNAVAILABLE; } - + tsip_hw_unlock(); } @@ -184,7 +184,7 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx) /* Perform Rsa verify by TSIP * Assumes to be called by Crypt Callback - * + * * in Buffer to hold plaintext * inLen Length of plaintext in bytes * out Buffer to hold generated signature @@ -193,7 +193,7 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx) * ctx The callback context * return FSP_SUCCESS(0) on Success, otherwise negative value */ - + WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) { int ret = 0; @@ -201,13 +201,13 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) tsip_rsa_byte_data_t hashData, sigData; uint8_t tsip_hash_type; - - + + /* sanity check */ if (info == NULL || tuc == NULL){ return BAD_FUNC_ARG; } - + if (ret == 0) { if (tuc->sing_hash_type == md5_mac) tsip_hash_type = R_TSIP_RSA_HASH_MD5; @@ -218,7 +218,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) else ret = CRYPTOCB_UNAVAILABLE; } - + switch (tuc->wrappedKeyType) { case TSIP_KEY_TYPE_RSA1024: if (tuc->keyflgs_crypt.bits.rsapub1024_key_set != 1) @@ -226,7 +226,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType); WOLFSSL_MSG("tsip rsa private key 1024 not set"); - if (ret != 0) + if (ret != 0) ret = CRYPTOCB_UNAVAILABLE; } @@ -237,7 +237,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType); WOLFSSL_MSG("tsip rsa private key 1024 not set"); - if (ret != 0) + if (ret != 0) ret = CRYPTOCB_UNAVAILABLE; } break; @@ -294,7 +294,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) tsip_hw_unlock(); } } - + return ret; } #endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */ diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c b/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c index a1a02f3b4..38ddd7b3e 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c @@ -64,7 +64,7 @@ WOLFSSL_LOCAL int tsip_Tls13GetHmacMessages(struct WOLFSSL* ssl, byte* mac) ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) isTLS13 = 1; @@ -136,8 +136,8 @@ WOLFSSL_LOCAL int tsip_Tls13GetHmacMessages(struct WOLFSSL* ssl, byte* mac) -/* store handshake message for later hash or hmac operation. - * +/* store handshake message for later hash or hmac operation. + * */ WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data, int sz) @@ -154,7 +154,7 @@ WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data, ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) isTLS13 = 1; @@ -164,7 +164,7 @@ WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data, ret = CRYPTOCB_UNAVAILABLE; } } - /* should work until handshake is done */ + /* should work until handshake is done */ if (ret == 0) { if (ssl->options.handShakeDone) { WOLFSSL_MSG("handshake is done."); @@ -195,12 +195,12 @@ WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data, bag = &(tuc->messageBag); - if (bag->msgIdx +1 > MAX_MSGBAG_MESSAGES || + if (bag->msgIdx +1 > MAX_MSGBAG_MESSAGES || bag->buffIdx + sz > MSGBAG_SIZE) { WOLFSSL_MSG("Capacity over error in tsip_StoreMessage"); ret = MEMORY_E; } - + XMEMCPY(bag->buff + bag->buffIdx, data, sz); bag->msgTypes[bag->msgIdx++] = *data; /* store message type */ bag->buffIdx += sz; @@ -229,7 +229,7 @@ WOLFSSL_LOCAL int tsip_GetMessageSha256(struct WOLFSSL* ssl, byte* hash, ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) isTLS13 = 1; @@ -246,14 +246,14 @@ WOLFSSL_LOCAL int tsip_GetMessageSha256(struct WOLFSSL* ssl, byte* hash, } bag = &(tuc->messageBag); } - + if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { err = R_TSIP_Sha256Init(&handle); if (err == TSIP_SUCCESS) { - err = R_TSIP_Sha256Update(&handle, (uint8_t*)bag->buff, + err = R_TSIP_Sha256Update(&handle, (uint8_t*)bag->buff, bag->buffIdx); } if (err == TSIP_SUCCESS) { @@ -309,7 +309,7 @@ static int TSIPHashInit(wolfssl_TSIP_Hash* hash, void* heap, int devId, else { hash->heap = heap; } - + hash->len = 0; hash->used = 0; hash->msg = NULL; diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c index 8c98ffb78..842ffb2bd 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c @@ -239,7 +239,7 @@ WOLFSSL_API int tsip_use_PrivateKey_buffer_crypt(TsipUserCtx *uc, /* Obsolete function. Use tsip_use_PrivateKey_buffer instead. * Set client encrypted private key data. * parameters: - * key Renesas Secure Flash Programmer generated key. + * key Renesas Secure Flash Programmer generated key. * keyType 0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256 * return 0 on success, others on failure. */ @@ -253,7 +253,7 @@ WOLFSSL_API int tsip_set_clientPrivateKeyEnc(const byte* encKey, int keyType) g_user_key_info.encrypted_user_private_key = (uint8_t*)encKey; g_user_key_info.encrypted_user_private_key_type = keyType; } - + WOLFSSL_LEAVE("tsip_set_clientPrivateKeyEnc", ret); return ret; } @@ -299,7 +299,7 @@ WOLFSSL_LOCAL int tsip_TlsCleanup(struct WOLFSSL* ssl) /* free stored messages */ tsipFlushMessages(ssl); - + return ret; } @@ -322,12 +322,12 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse) TsipUserCtx* tuc = NULL; WOLFSSL_ENTER("tsip_Tls13GenEccKeyPair"); - + if (ssl == NULL || kse == NULL) ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -383,7 +383,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse) ecckey = (ecc_key*)kse->key; ret = wc_ecc_set_curve(ecckey, kse->keyLen, curveId); } - + kse->pubKey[0] = ECC_POINT_UNCOMP; /* generate ecc key pair with TSIP */ @@ -428,9 +428,9 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse) #if defined(WOLFSSL_TLS13) /* generate shared secret(pre-master secret) * get peer's raw ECDHE public key from KeyShareEntry. - * The pre-master secret generated by TSIP is stored into + * The pre-master secret generated by TSIP is stored into * TsipUserCtx.sharedSecret13Idx as TSIP specific format. - * + * * return 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is * expecting to fallback to S/W, other negative values on error. */ @@ -448,7 +448,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl, ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -468,7 +468,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl, if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -530,7 +530,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl) if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -539,7 +539,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl) tuc->EarlySecret_set = 1; } } - + WOLFSSL_LEAVE("tsip_Tls13DeriveEarlySecret", ret); return ret; } @@ -552,7 +552,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl) * get pre-master secret stored in TsipUserCtx.sharedSecret13Idx. * Derived handshake secret is stored into TsipUserCtx.handshakeSecret13Idx * as tsip specific format. - * + * * return 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is * expecting to fallback to S/W, other negative values on error. */ @@ -568,7 +568,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl) ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -580,7 +580,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl) if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -597,7 +597,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - + tuc->HandshakeSecret_set = 0; err = R_TSIP_Tls13GenerateHandshakeSecret( @@ -640,7 +640,7 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl) ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -651,7 +651,7 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl) if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -673,9 +673,9 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - + tuc->HandshakeClientTrafficKey_set = 0; - + err = R_TSIP_Tls13GenerateClientHandshakeTrafficKey( &(tuc->handle13), TSIP_TLS13_MODE_FULL_HANDSHAKE, @@ -687,7 +687,7 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl) if (err != TSIP_SUCCESS) { WOLFSSL_MSG( "R_TSIP_Tls13GenerateClientHandshakeTrafficKey error"); - ret = WC_HW_E; + ret = WC_HW_E; } /* key derivation succeeded */ @@ -724,7 +724,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl) ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -735,7 +735,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl) if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -757,7 +757,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - + tuc->HandshakeServerTrafficKey_set = 0; err = R_TSIP_Tls13GenerateServerHandshakeTrafficKey( @@ -773,7 +773,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl) "R_TSIP_Tls13GenerateServerHandshakeTrafficKey error"); ret = WC_HW_E; } - + /* key derivation succeeded */ if (ret == 0) { tuc->HandshakeServerTrafficKey_set = 1; @@ -808,7 +808,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl) ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -819,7 +819,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl) if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -841,7 +841,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - + tuc->ServerTrafficSecret_set = 0; tuc->ClientTrafficSecret_set = 0; tuc->ServerWriteTrafficKey_set = 0; @@ -862,7 +862,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl) "R_TSIP_Tls13GenerateApplicationTrafficKey error"); ret = WC_HW_E; } - + /* key derivation succeeded */ if (ret == 0) { tuc->ServerTrafficSecret_set = 1; @@ -899,7 +899,7 @@ static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl) ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -910,7 +910,7 @@ static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl) if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -971,7 +971,7 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl) ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -982,7 +982,7 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl) if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -1042,7 +1042,7 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl) * side ENCRYPT_SIDE_ONLY: when only encryption secret needs to be derived. * DECRYPT_SIDE_ONLY: when only decryption secret needs to be derived. * ENCRYPT_AND_DECRYPT_SIDE: when both secret needs to be derived. - * + * * returns 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is * expecting to fallback to S/W, other negative values on error. */ @@ -1142,7 +1142,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl) ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -1152,7 +1152,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl) } if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -1160,7 +1160,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl) } if (ret == 0) { /* make sure handshake secret and verify data has been set by TSIP */ - if (!tuc->HandshakeSecret_set || + if (!tuc->HandshakeSecret_set || !tuc->HandshakeVerifiedData_set) { WOLFSSL_MSG("TSIP wasn't involved in the key-exchange."); ret = CRYPTOCB_UNAVAILABLE; @@ -1168,7 +1168,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl) } if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - + tuc->MasterSecret_set = 0; err = R_TSIP_Tls13GenerateMasterSecret( @@ -1183,7 +1183,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl) "R_TSIP_Tls13GenerateMasterSecret( error"); ret = WC_HW_E; } - + if (ret == 0) { tuc->MasterSecret_set = 1; } @@ -1206,7 +1206,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl) /* verify handshake * ssl WOLFSSL object * hash buffer holding decrypted finished message content from server. - * + * */ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl, const byte* hash)/*finished message*/ @@ -1223,7 +1223,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl, ret = BAD_FUNC_ARG; if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -1234,7 +1234,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl, if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -1255,7 +1255,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl, if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - + tuc->HandshakeVerifiedData_set = 0; err = R_TSIP_Tls13ServerHandshakeVerification( @@ -1271,7 +1271,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl, } else if (err != TSIP_SUCCESS) { WOLFSSL_MSG("R_TSIP_Tls13ServerHandshakeVerification error"); - ret = WC_HW_E; + ret = WC_HW_E; } if (ret == 0) { WOLFSSL_MSG("Verified handshake"); @@ -1294,9 +1294,9 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl, #if defined(WOLFSSL_TLS13) /* handles finished message from server. - * verify hmac in the message. Also output verify data to + * verify hmac in the message. Also output verify data to * TsipUserCtx.verifyDataIdx, which is used for deriving master secret. - * + * * ssl WOLFSSL object * input the buffer holding decrypted finished message, type and padding * inOutIdx On entry, the index into the message content of Finished. @@ -1348,7 +1348,7 @@ WOLFSSL_LOCAL int tsip_Tls13HandleFinished( * inSz The size of the handshake message (including message header). * type The real content type being put after the message data. * hashOutput Whether to hash the unencrypted record data. - * returns the size of the record including header, CRYPTOCB_UNAVAILABLE + * returns the size of the record including header, CRYPTOCB_UNAVAILABLE * when tsip can not handle and is expecting to fallback to S/W, * other negative values on error. */ @@ -1365,7 +1365,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl, int isTLS13 = 0; RecordLayerHeader* rl = NULL; (void)outSz; - + WOLFSSL_ENTER("tsip_Tls13BuildMessage"); if (ssl == NULL || output == NULL || input == NULL) { @@ -1373,7 +1373,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl, } if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { isTLS13 = 1; } @@ -1421,7 +1421,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl, /* The real record content type goes at the end of the data. */ output[RECORD_HEADER_SZ + inSz] = (byte)type; - ret = tsip_Tls13AesEncrypt(ssl, + ret = tsip_Tls13AesEncrypt(ssl, output + RECORD_HEADER_SZ, /* output */ output + RECORD_HEADER_SZ, /* plain message */ inSz + 1); /* plain data size(= inSz + 1 for type) */ @@ -1440,7 +1440,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl, #if defined(WOLFSSL_TLS13) /* Send finished message to the server. - * + * * ssl WOLFSSL object * output buffer to output packet, including packet header and finished message * outSz buffer size of output @@ -1466,7 +1466,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendFinished( if (ssl == NULL || output == NULL || input == NULL || outSz == 0) { ret = BAD_FUNC_ARG; } - + if (ret == 0) { finishedSz = ssl->specs.hash_size; @@ -1485,7 +1485,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendFinished( output, outSz, input, headerSz + finishedSz, handshake, hashOut); - + if (recordSz > 0) { ssl->options.clientState = CLIENT_FINISHED_COMPLETE; ssl->options.handShakeState = HANDSHAKE_DONE; @@ -1515,7 +1515,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendFinished( * return 0 on success, CRYPTOCB_UNAVAILABLE when TSIP can not handle, * other negative values on error. */ -WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, +WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 totalSz) { @@ -1528,7 +1528,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, e_tsip_err_t err = TSIP_SUCCESS; TsipUserCtx* tuc = NULL; e_tsip_tls13_signature_scheme_type_t sig_scheme; - + WOLFSSL_ENTER("tsip_Tls13CertificateVerify"); @@ -1576,7 +1576,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, if (ret == 0) { /* get user context for TSIP */ - tuc = ssl->RenesasUserCtx; + tuc = ssl->RenesasUserCtx; if (tuc == NULL) { WOLFSSL_MSG("TsipUserCtx is not set to ssl."); ret = CRYPTOCB_UNAVAILABLE; @@ -1596,7 +1596,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, idx = 0; ForceZero(sigData, sizeof(tuc->sigDataCertVerify)); - XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE, + XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE, TSIP_SIGNING_DATA_PREFIX_SZ); idx += TSIP_SIGNING_DATA_PREFIX_SZ; @@ -1605,7 +1605,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, idx += TSIP_CERT_VFY_LABEL_SZ; ret = tsip_GetMessageSha256(ssl, &sigData[idx], &messageSz); } - + if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { @@ -1617,7 +1617,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, totalSz); if (err == TSIP_SUCCESS) { - + *inOutIdx += totalSz; *inOutIdx += ssl->keys.padSz; ssl->options.peerAuthGood = 1; @@ -1650,17 +1650,17 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, /* Send the TLS v1.3 CertificateVerify message. A part of the message is * processed by TSIP for acceleration. * - * Prior to this function call, the appropriate key-pair should be set via - * tsip_use_PrivateKey_buffer_TLS and tsip_use_PublicKey_buffer_TLS APIs. - * Those key pair can be generated by the tool named + * Prior to this function call, the appropriate key-pair should be set via + * tsip_use_PrivateKey_buffer_TLS and tsip_use_PublicKey_buffer_TLS APIs. + * Those key pair can be generated by the tool named * "Renesas secure flash programmer". * When RSA certificate is used, both public and private keys should be set. * The public key is used for self-verify the generated certificateVerify * message. When ECC certificate is used, the self-verify will be performed only * WOLFSSL_CHECK_SIG_FAULTS is defined. - * - * Returns 0 on success, CRYPTOCB_UNAVAILABLE when the required key is not - * provided or unsupported algo is specified and otherwise failure. + * + * Returns 0 on success, CRYPTOCB_UNAVAILABLE when the required key is not + * provided or unsupported algo is specified and otherwise failure. */ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) { @@ -1693,7 +1693,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) } if (ret == 0) { - if (ssl->version.major == SSLv3_MAJOR && + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) isTLS13 = 1; @@ -1702,7 +1702,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) ret = CRYPTOCB_UNAVAILABLE; } } - + if (ret == 0) { /* get user context for TSIP */ tuc = ssl->RenesasUserCtx; @@ -1712,10 +1712,10 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) } if (ret == 0) { - #if !defined(NO_RSA) + #if !defined(NO_RSA) if (ssl->options.haveRSA) isRsa = 1; - else + else #endif #ifdef HAVE_ECC if (ssl->options.haveECC) @@ -1746,7 +1746,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) } } - if (ret == 0) { + if (ret == 0) { /* get message hash */ ForceZero(hash, sizeof(hash)); ret = tsip_GetMessageSha256(ssl, hash, (int*)&hashSz); @@ -1777,7 +1777,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) TSIP_TLS13_SIGNATURE_SCHEME_RSA_PSS_RSAE_SHA256, hash, message + HANDSHAKE_HEADER_SZ, - &messageSz); + &messageSz); } else { err = R_TSIP_Tls13CertificateVerifyGenerate( @@ -1785,7 +1785,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) TSIP_TLS13_SIGNATURE_SCHEME_ECDSA_SECP256R1_SHA256, hash, message + HANDSHAKE_HEADER_SZ, - &messageSz); + &messageSz); } if (err != TSIP_SUCCESS) { WOLFSSL_MSG("failed to make certificate verify message"); @@ -1816,7 +1816,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) } } else { -#if defined(WOLFSSL_CHECK_SIG_FAULTS) +#if defined(WOLFSSL_CHECK_SIG_FAULTS) if (!tuc->ClientEccP256PubKey_set) { ret = NO_PRIVATE_KEY; } @@ -1829,7 +1829,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) idx = 0; ForceZero(sigData, sizeof(tuc->sigDataCertVerify)); - XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE, + XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE, TSIP_SIGNING_DATA_PREFIX_SZ); idx += TSIP_SIGNING_DATA_PREFIX_SZ; @@ -1842,9 +1842,9 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) if (ret == 0) { /* extract signature data from generated CertificateVerify message */ if (!isRsa) { -#if defined(WOLFSSL_CHECK_SIG_FAULTS) - idx = 4; - derSig = message + +#if defined(WOLFSSL_CHECK_SIG_FAULTS) + idx = 4; + derSig = message + HANDSHAKE_HEADER_SZ + HASH_SIG_SIZE + VERIFY_HEADER; if (derSig[idx] == 0x00) idx++; @@ -1907,8 +1907,8 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl) ((HandShakeHeader*)message)->type = certificate_verify; c32to24(messageSz, ((HandShakeHeader*)message)->length); - - recordSz = tsip_Tls13BuildMessage(ssl, output, 0, message, + + recordSz = tsip_Tls13BuildMessage(ssl, output, 0, message, messageSz + HANDSHAKE_HEADER_SZ, handshake, 1); @@ -2114,8 +2114,8 @@ int wc_tsip_RsaVerify( * key buffer holding peer's public key (NOT used in this function) * keySz public key size((NOT used in this function)) * result address of the variable to output result - * ctx context - * return 0 on success, CRYPTOCB_UNAVAILABLE in case TSIP cannot handle + * ctx context + * return 0 on success, CRYPTOCB_UNAVAILABLE in case TSIP cannot handle */ int wc_tsip_EccVerify( WOLFSSL* ssl, @@ -2138,8 +2138,8 @@ int wc_tsip_EccVerify( return CRYPTOCB_UNAVAILABLE; } - /* in TLS1.3 */ - if (ssl->version.major == SSLv3_MAJOR && + /* in TLS1.3 */ + if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { WOLFSSL_LEAVE("wc_tsip_EccVerify", CRYPTOCB_UNAVAILABLE); return CRYPTOCB_UNAVAILABLE; @@ -2261,7 +2261,7 @@ WOLFSSL_API void tsip_set_callbacks(WOLFSSL_CTX* ctx) #endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_AEAD_ONLY */ wolfSSL_CTX_SetEccSharedSecretCb(ctx, NULL); /* Set ssl-> options.sendVerify to SEND_CERT by the following two - * registrations. This will allow the client certificate to be sent to + * registrations. This will allow the client certificate to be sent to * the server even if the private key is empty. The two callbacks do * virtually nothing. */ @@ -2307,7 +2307,7 @@ WOLFSSL_API int tsip_set_callback_ctx(WOLFSSL* ssl, void* user_ctx) wolfSSL_SetRsaSignCtx(ssl, user_ctx); wolfSSL_SetGenPreMasterCtx(ssl, user_ctx); wolfSSL_SetEccSharedSecretCtx(ssl, NULL); -#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) +#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) wolfSSL_SetVerifyMacCtx(ssl, user_ctx); #endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_AEAD_ONLY */ /* set up crypt callback */ @@ -2367,7 +2367,7 @@ static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType) if (encPrivKey == NULL || provisioning_key == NULL || iv == NULL) { WOLFSSL_MSG("Missing some key materials used for import" ); return CRYPTOCB_UNAVAILABLE; - } + } if (ret == 0) { if (keyType != tuc->wrappedKeyType) { @@ -2381,7 +2381,7 @@ static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType) #if !defined(NO_RSA) case TSIP_KEY_TYPE_RSA2048: - + tuc->ClientRsa2048PrivKey_set = 0; err = R_TSIP_GenerateRsa2048PrivateKeyIndex( provisioning_key, iv, (uint8_t*)encPrivKey, @@ -2396,7 +2396,7 @@ static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType) #endif case TSIP_KEY_TYPE_RSA4096: - /* not supported as of TSIPv1.15 */ + /* not supported as of TSIPv1.15 */ ret = CRYPTOCB_UNAVAILABLE; break; @@ -2458,7 +2458,7 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType) if (encPubKey == NULL || provisioning_key == NULL || iv == NULL) { WOLFSSL_MSG("Missing some key materials used for import" ); return CRYPTOCB_UNAVAILABLE; - } + } if (ret == 0) { if (keyType != tuc->wrappedKeyType) { @@ -2469,7 +2469,7 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType) if ((ret = tsip_hw_lock()) == 0) { switch(keyType) { - + #if !defined(NO_RSA) case TSIP_KEY_TYPE_RSA2048: #if defined(WOLFSSL_RENESAS_TSIP_TLS) @@ -2479,10 +2479,10 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType) XFREE(tuc->rsa2048pub_keyIdx, NULL, DYNAMIC_TYPE_RSA_BUFFER); } - + tuc->rsa2048pub_keyIdx = (tsip_rsa2048_public_key_index_t*)XMALLOC( - sizeof(tsip_rsa2048_public_key_index_t), NULL, + sizeof(tsip_rsa2048_public_key_index_t), NULL, DYNAMIC_TYPE_RSA_BUFFER); if (tuc->rsa2048pub_keyIdx == NULL) { return MEMORY_E; @@ -2508,14 +2508,14 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType) } break; #endif - + #if !defined(NO_RSA) case TSIP_KEY_TYPE_RSA4096: - /* not supported as of TSIPv1.15 */ + /* not supported as of TSIPv1.15 */ ret = CRYPTOCB_UNAVAILABLE; break; #endif - + #if defined(HAVE_ECC) && \ defined(WOLFSSL_RENESAS_TSIP_TLS) case TSIP_KEY_TYPE_ECDSAP256: @@ -3101,7 +3101,7 @@ int wc_tsip_generateVerifyData( WOLFSSL_LEAVE("tsip_generateVerifyData", BAD_FUNC_ARG); return BAD_FUNC_ARG; } - if (XSTRNCMP((const char*)side, (const char*)kTlsServerFinStr, + if (XSTRNCMP((const char*)side, (const char*)kTlsServerFinStr, FINISHED_LABEL_SZ) == 0) { l_side = R_TSIP_TLS_GENERATE_SERVER_VERIFY; } @@ -3667,14 +3667,14 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) WOLFSSL_ENTER("tsip_SignRsaPkcs"); - if (info == NULL || tuc == NULL + if (info == NULL || tuc == NULL #ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY || tuc->ssl == NULL #endif ) { ret = BAD_FUNC_ARG; } - + #ifdef WOLFSSL_RENESAS_TSIP_TLS if (ret == 0) { ssl = tuc->ssl; @@ -3690,7 +3690,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) ret = tsipImportPrivateKey(tuc, tuc->wrappedKeyType); } - + if (ret == 0) { if (ssl->options.hashAlgo == md5_mac) tsip_hash_type = R_TSIP_RSA_HASH_MD5; @@ -3703,7 +3703,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) } #else (void)ssl; - + if (ret == 0) { if (tuc->sing_hash_type == md5_mac) tsip_hash_type = R_TSIP_RSA_HASH_MD5; @@ -3714,7 +3714,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) else ret = CRYPTOCB_UNAVAILABLE; } - + switch (tuc->wrappedKeyType) { case TSIP_KEY_TYPE_RSA1024: if (tuc->keyflgs_crypt.bits.rsapri1024_key_set != 1) @@ -3735,9 +3735,9 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) ret = CRYPTOCB_UNAVAILABLE; break; } - + #endif - + if (ret == 0) { #ifdef WOLFSSL_RENESAS_TSIP_TLS hashData.pdata = (uint8_t*)ssl->buffers.digest.buffer; @@ -3762,7 +3762,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) tsip_hash_type); if (err != TSIP_SUCCESS) { - ret = WC_HW_E; + ret = WC_HW_E; } break; #endif @@ -3779,7 +3779,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) tsip_hash_type); if (err != TSIP_SUCCESS) { - ret = WC_HW_E; + ret = WC_HW_E; } break; @@ -3807,7 +3807,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) #if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_TSIP_TLS) WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb( - WOLFSSL* ssl, + WOLFSSL* ssl, unsigned char* sig, unsigned int sigSz, unsigned char** out, const unsigned char* keyDer, unsigned int keySz, @@ -3842,7 +3842,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb( /* import public key_index from wrapped key */ ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType); } - + if (ret == 0) { if (ssl->options.hashAlgo == md5_mac) tsip_hash_type = R_TSIP_RSA_HASH_MD5; @@ -3852,7 +3852,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb( tsip_hash_type = R_TSIP_RSA_HASH_SHA256; else { ret = CRYPTOCB_UNAVAILABLE; - } + } } if (ret == 0) { @@ -3863,7 +3863,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb( if ((ret = tsip_hw_lock()) == 0) { switch (tuc->wrappedKeyType) { - + case TSIP_KEY_TYPE_RSA2048: sigData.data_length = 256; err = R_TSIP_RsassaPkcs2048SignatureVerification( @@ -3904,7 +3904,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb( #if defined(HAVE_ECC) && defined(WOLFSSL_RENESAS_TSIP_TLS) /* Perform signing with the client's ECC private key on hash value of messages - * exchanged with server. + * exchanged with server. * * parameters * info->pk.eccsign.in : the buffer holding hash value of messages @@ -3951,33 +3951,33 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc) /* import private key_index from wrapped key */ ret = tsipImportPrivateKey(tuc, tuc->wrappedKeyType); } - + if (ret == 0) { hashData.pdata = (uint8_t*)info->pk.eccsign.in; hashData.data_type = 1; sigData.pdata = (uint8_t*)info->pk.eccsign.out; sigData.data_length = 0; /* signature size will be returned here */ - if ((ret = tsip_hw_lock()) == 0) { + if ((ret = tsip_hw_lock()) == 0) { switch (tuc->wrappedKeyType) { #if defined(HAVE_ECC) case TSIP_KEY_TYPE_ECDSAP256: offsetForWork = R_TSIP_ECDSA_DATA_BYTE_SIZE + 32; - if (*(info->pk.eccsign.outlen) < + if (*(info->pk.eccsign.outlen) < R_TSIP_ECDSA_DATA_BYTE_SIZE + offsetForWork) { ret = BUFFER_E; break; } - sigData.pdata = (uint8_t*)info->pk.eccsign.out + + sigData.pdata = (uint8_t*)info->pk.eccsign.out + offsetForWork; err = R_TSIP_EcdsaP256SignatureGenerate( &hashData, &sigData, &tuc->EcdsaP256PrivateKeyIdx); if (err != TSIP_SUCCESS) { ret = WC_HW_E; - break; + break; } out = info->pk.eccsign.out; @@ -3991,7 +3991,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc) /* encode ASN sequence */ out[idx++] = ASN_SEQUENCE | ASN_CONSTRUCTED; out[idx++] = sz; - + /* copy r part */ out[idx++] = ASN_INTEGER; out[idx++] = rSz; @@ -4006,7 +4006,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc) if (sSz > R_TSIP_ECDSA_DATA_BYTE_SIZE / 2) out[idx++] = 0x00; XMEMCPY(&out[idx], sig, R_TSIP_ECDSA_DATA_BYTE_SIZE / 2); - + /* out size */ *(info->pk.eccsign.outlen) = ASN_TAG_SZ + 1 + sz; break; @@ -4047,20 +4047,22 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc) #ifdef WOLFSSL_RENESAS_TSIP_CRYPT_DEBUG -/* err - * e_tsip_err +#if 0 + /* this is here for documentation purposes. */ + enum e_tsip_err { TSIP_SUCCESS = 0, - TSIP_ERR_SELF_CHECK1, // Self-check 1 fail or TSIP function internal err. - TSIP_ERR_RESOURCE_CONFLICT, // A resource conflict occurred. - TSIP_ERR_SELF_CHECK2, // Self-check 2 fail. - TSIP_ERR_KEY_SET, // setting the invalid key. - TSIP_ERR_AUTHENTICATION, // Authentication failed. - TSIP_ERR_CALLBACK_UNREGIST, // Callback function is not registered. - TSIP_ERR_PARAMETER, // Illegal Input data. - TSIP_ERR_PROHIBIT_FUNCTION, // An invalid function call occurred. - * TSIP_RESUME_FIRMWARE_GENERATE_MAC, - // There is a continuation of R_TSIP_GenerateFirmwareMAC. -*/ + TSIP_ERR_SELF_CHECK1, /* Self-check 1 fail or TSIP function internal err. */ + TSIP_ERR_RESOURCE_CONFLICT, /* A resource conflict occurred. */ + TSIP_ERR_SELF_CHECK2, /* Self-check 2 fail. */ + TSIP_ERR_KEY_SET, /* setting the invalid key. */ + TSIP_ERR_AUTHENTICATION, /* Authentication failed. */ + TSIP_ERR_CALLBACK_UNREGIST, /* Callback function is not registered. */ + TSIP_ERR_PARAMETER, /* Illegal Input data. */ + TSIP_ERR_PROHIBIT_FUNCTION, /* An invalid function call occurred. */ + TSIP_RESUME_FIRMWARE_GENERATE_MAC + /* There is a continuation of R_TSIP_GenerateFirmwareMAC. */ + }; +#endif static void hexdump(const uint8_t* in, uint32_t len) { diff --git a/wolfcrypt/src/port/af_alg/wc_afalg.c b/wolfcrypt/src/port/af_alg/wc_afalg.c index 37ced88c8..b6671f7b8 100644 --- a/wolfcrypt/src/port/af_alg/wc_afalg.c +++ b/wolfcrypt/src/port/af_alg/wc_afalg.c @@ -40,7 +40,7 @@ void wc_Afalg_SockAddr(struct sockaddr_alg* in, const char* type, const char* na int nameSz = (int)XSTRLEN(name) + 1; /* +1 for null terminator */ if (typeSz > (int)sizeof(in->salg_type) || - nameSz > (int)sizeof(in->salg_name)) { + nameSz > (int)sizeof(in->salg_name)) { WOLFSSL_MSG("type or name was too large"); return; } diff --git a/wolfcrypt/src/port/atmel/atmel.c b/wolfcrypt/src/port/atmel/atmel.c index 9a404d8b3..b3c6b7906 100644 --- a/wolfcrypt/src/port/atmel/atmel.c +++ b/wolfcrypt/src/port/atmel/atmel.c @@ -136,7 +136,7 @@ int atmel_get_random_number(uint32_t count, uint8_t* rand_out) int atmel_get_random_block(unsigned char* output, unsigned int sz) { - return atmel_get_random_number((uint32_t)sz, (uint8_t*)output); + return atmel_get_random_number((uint32_t)sz, (uint8_t*)output); } #if defined(WOLFSSL_ATMEL) && defined(WOLFSSL_ATMEL_TIME) @@ -148,12 +148,12 @@ long atmel_get_curr_time_and_date(long* tm) { long rt = 0; - /* Get current time */ + /* Get current time */ struct rtc_calendar_time rtcTime; const int monthDay[] = {0,31,59,90,120,151,181,212,243,273,304,334}; int month, year, yearLeap; - rtc_calendar_get_time(_rtc_instance[0], &rtcTime); + rtc_calendar_get_time(_rtc_instance[0], &rtcTime); /* Convert rtc_calendar_time to seconds since UTC */ month = rtcTime.month % 12; @@ -359,7 +359,7 @@ int atmel_get_enc_key_default(byte* enckey, word16 keysize) static int atmel_init_enc_key(void) { int ret; - uint8_t read_key[ATECC_KEY_SIZE]; + uint8_t read_key[ATECC_KEY_SIZE]; uint8_t writeBlock = 0; uint8_t writeOffset = 0; int slotId; @@ -388,7 +388,7 @@ static int atmel_init_enc_key(void) ForceZero(read_key, sizeof(read_key)); ret = atmel_ecc_translate_err(ret); - return ret; + return ret; } #endif @@ -497,7 +497,7 @@ int atmel_init(void) extern ATCAIfaceCfg atecc608_0_init_data; #endif #endif - + if (!mAtcaInitDone) { ATCA_STATUS status; int i; @@ -940,7 +940,7 @@ exit: return ret; } -static int atcatls_set_certificates(WOLFSSL_CTX *ctx) +static int atcatls_set_certificates(WOLFSSL_CTX *ctx) { #ifndef ATCATLS_SIGNER_CERT_MAX_SIZE #define ATCATLS_SIGNER_CERT_MAX_SIZE 0x250 @@ -966,7 +966,7 @@ static int atcatls_set_certificates(WOLFSSL_CTX *ctx) uint8_t signerPubKeyBuffer[ATCATLS_PUBKEY_BUFF_MAX_SIZE]; #endif -#ifdef WOLFSSL_ATECC_TNGTLS +#ifdef WOLFSSL_ATECC_TNGTLS ret = tng_atcacert_max_signer_cert_size(&signerCertSize); if (ret != ATCACERT_E_SUCCESS) { #ifdef WOLFSSL_ATECC_DEBUG diff --git a/wolfcrypt/src/port/caam/caam_driver.c b/wolfcrypt/src/port/caam/caam_driver.c index 4698d7a52..e0007c9cb 100644 --- a/wolfcrypt/src/port/caam/caam_driver.c +++ b/wolfcrypt/src/port/caam/caam_driver.c @@ -129,7 +129,7 @@ static Error caamDebugDesc(struct DescStruct* desc) } - //D0JQCR_LS + /* D0JQCR_LS */ printf("Next command to be executed = 0x%08X\n", CAAM_READ(0x8804)); printf("Desc = 0x%08X\n", desc->caam->ring.Desc); diff --git a/wolfcrypt/src/port/caam/caam_qnx.c b/wolfcrypt/src/port/caam/caam_qnx.c index d6e94e8d3..0c2525743 100644 --- a/wolfcrypt/src/port/caam/caam_qnx.c +++ b/wolfcrypt/src/port/caam/caam_qnx.c @@ -1641,8 +1641,9 @@ int io_close_ocb(resmgr_context_t *ctp, void *reserved, RESMGR_OCB_T *ocb) #if 0 static int getSupported(char* in) { - //printf("CAAM Status [0x%8.8x] = 0x%8.8x\n", - // CAAM_STATUS, WC_CAAM_READ(CAAM_STATUS)); + /* printf("CAAM Status [0x%8.8x] = 0x%8.8x\n", + * CAAM_STATUS, WC_CAAM_READ(CAAM_STATUS)); + */ printf("CAAM Version MS Register [0x%8.8x] = 0x%8.8x\n", CAAM_VERSION_MS, CAAM_READ(CAAM_VERSION_MS)); printf("CAAM Version LS Register [0x%8.8x] = 0x%8.8x\n", diff --git a/wolfcrypt/src/port/caam/wolfcaam_hash.c b/wolfcrypt/src/port/caam/wolfcaam_hash.c index d3155468f..f64a29d9e 100644 --- a/wolfcrypt/src/port/caam/wolfcaam_hash.c +++ b/wolfcrypt/src/port/caam/wolfcaam_hash.c @@ -26,7 +26,7 @@ #include #if defined(WOLFSSL_CAAM) && defined(WOLFSSL_CAAM_HASH) \ - && !defined(WOLFSSL_IMXRT1170_CAAM) + && !defined(WOLFSSL_IMXRT1170_CAAM) #include #include diff --git a/wolfcrypt/src/port/caam/wolfcaam_init.c b/wolfcrypt/src/port/caam/wolfcaam_init.c index d6e93cf5a..cf9a63d77 100644 --- a/wolfcrypt/src/port/caam/wolfcaam_init.c +++ b/wolfcrypt/src/port/caam/wolfcaam_init.c @@ -694,7 +694,7 @@ int wc_caamOpenBlob(byte* data, word32 dataSz, byte* out, word32* outSz) } #endif /* WOLFSSL_CAAM_BLOB */ -/* outSz gets set to key size plus 16 for mac and padding +/* outSz gets set to key size plus 16 for mac and padding * return 0 on success */ int wc_caamCoverKey(byte* in, word32 inSz, byte* out, word32* outSz, int flag) diff --git a/wolfcrypt/src/port/cuda/aes-cuda.cu b/wolfcrypt/src/port/cuda/aes-cuda.cu index 107eb2cea..24554a020 100644 --- a/wolfcrypt/src/port/cuda/aes-cuda.cu +++ b/wolfcrypt/src/port/cuda/aes-cuda.cu @@ -77,7 +77,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits #define WOLFSSL_MISC_INCLUDED #define WOLFSSL_HAVE_MIN #define WOLFSSL_HAVE_MAX -// #include +/* #include */ #endif /* This routine performs a left circular arithmetic shift of by value. */ @@ -992,23 +992,23 @@ void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz) cudaError_t ret = cudaSuccess; #ifdef WC_AES_C_DYNAMIC_FALLBACK - if ( ret == cudaSuccess ) + if ( ret == cudaSuccess ) ret = cudaMalloc(&rk_GPU, sizeof(aes->key_C_fallback)); - if ( ret == cudaSuccess ) + if ( ret == cudaSuccess ) ret = cudaMemcpy(rk_GPU, aes->key_C_fallback, sizeof(aes->key_C_fallback), cudaMemcpyDefault); #else - if ( ret == cudaSuccess ) + if ( ret == cudaSuccess ) ret = cudaMalloc(&rk_GPU, sizeof(aes->key)); - if ( ret == cudaSuccess ) + if ( ret == cudaSuccess ) ret = cudaMemcpy(rk_GPU, aes->key, sizeof(aes->key), cudaMemcpyDefault); #endif - if ( ret == cudaSuccess ) + if ( ret == cudaSuccess ) ret = cudaMalloc(&in_GPU, sz); - if ( ret == cudaSuccess ) + if ( ret == cudaSuccess ) ret = cudaMemcpy(in_GPU, in, sz, cudaMemcpyDefault); - if ( ret == cudaSuccess ) + if ( ret == cudaSuccess ) ret = cudaMalloc(&out_GPU, sz); if ( ret == cudaSuccess ) { @@ -1017,7 +1017,7 @@ void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz) AesEncrypt_C_CUDA<<>>(rk_GPU, in_GPU, out_GPU, aes->rounds >> 1, sz / AES_BLOCK_SIZE); } - if ( ret == cudaSuccess ) + if ( ret == cudaSuccess ) ret = cudaMemcpy(out, out_GPU, sz, cudaMemcpyDefault); cudaFree(in_GPU); diff --git a/wolfcrypt/src/port/intel/quickassist_sync.c b/wolfcrypt/src/port/intel/quickassist_sync.c index 4a68b337c..4d79ca10c 100644 --- a/wolfcrypt/src/port/intel/quickassist_sync.c +++ b/wolfcrypt/src/port/intel/quickassist_sync.c @@ -144,9 +144,9 @@ typedef void (*IntelQaFreeFunc)(struct IntelQaDev*); /* QuickAssist device */ typedef struct IntelQaDev { - CpaInstanceHandle handle; + CpaInstanceHandle handle; int devId; - void* heap; + void* heap; /* callback return info */ int ret; @@ -220,7 +220,7 @@ static int IntelQaGetCyInstanceCount(void); #ifdef WOLF_CRYPTO_CB static int IntelQaSymSync_CryptoDevCb(int, struct wc_CryptoInfo*, - void*); + void*); #endif /* WOLF_CRYPTO_CB */ @@ -423,7 +423,7 @@ int IntelQaHardwareStart(const char* process_name, int limitDevAccess) #ifdef QAT_DEBUG /* optionally enable debugging */ - //osalLogLevelSet(8); + /* osalLogLevelSet(8); */ #endif status = cpaCyGetNumInstances(&g_numInstances); diff --git a/wolfcrypt/src/port/iotsafe/iotsafe.c b/wolfcrypt/src/port/iotsafe/iotsafe.c index 8a7ec2e63..2fcf61217 100644 --- a/wolfcrypt/src/port/iotsafe/iotsafe.c +++ b/wolfcrypt/src/port/iotsafe/iotsafe.c @@ -612,7 +612,7 @@ static int iotsafe_parse_public_key(char* resp, int len, ecc_key *key) /* Execute GEN_KEYPAIR on the IoT-SAFE applet. * * Return -1 on error; 0 if the operation is successful, but - * the generated public key was not yet stored in `key`; 1 if + * the generated public key was not yet stored in `key`; 1 if * the operation is successful and the public key was found in the * command response and copied to the `key` structure, if not NULL. */ @@ -1089,11 +1089,11 @@ static int wolfIoT_hkdf_extract(byte* prk, const byte* salt, word32 saltLen, localSalt = tmp; } } - - ret = iotsafe_hkdf_extract(prk, localSalt, saltLen, ikm, ikmLen, digest); + + ret = iotsafe_hkdf_extract(prk, localSalt, saltLen, ikm, ikmLen, digest); (void)ctx; return ret; -} +} #endif static int wolfIoT_ecc_sign(WOLFSSL* ssl, @@ -1573,7 +1573,7 @@ int wolfSSL_CTX_iotsafe_enable(WOLFSSL_CTX *ctx) WOLFSSL_MSG("ECC callbacks set to IoT_safe interface"); #endif #ifndef NO_RSA - /* wolfSSL_CTX_SetRsaSignCb(wolfIoT_rsa_sign); // TODO: RSA callbacks */ + /* wolfSSL_CTX_SetRsaSignCb(wolfIoT_rsa_sign); */ /* TODO: RSA callbacks */ #endif #else (void)ctx; diff --git a/wolfcrypt/src/port/maxim/maxq10xx.c b/wolfcrypt/src/port/maxim/maxq10xx.c index c0375fc51..06b9af080 100644 --- a/wolfcrypt/src/port/maxim/maxq10xx.c +++ b/wolfcrypt/src/port/maxim/maxq10xx.c @@ -56,7 +56,7 @@ void dbg_dumphex(const char *identifier, const uint8_t* pdata, uint32_t plen); #endif /* MAXQ_DEBUG */ #if defined(USE_WINDOWS_API) -# define maxq_CryptHwMutexTryLock() (0) +# define maxq_CryptHwMutexTryLock() 0 #endif #define AES_KEY_ID_START (0x2000) diff --git a/wolfcrypt/src/port/nxp/ksdk_port.c b/wolfcrypt/src/port/nxp/ksdk_port.c index 7cfa04771..b63864b0b 100644 --- a/wolfcrypt/src/port/nxp/ksdk_port.c +++ b/wolfcrypt/src/port/nxp/ksdk_port.c @@ -105,7 +105,7 @@ static int ltc_get_lsb_bin_from_mp_int(uint8_t *dst, mp_int *A, uint16_t *psz) #else res = mp_to_unsigned_bin(A, dst); if (res == MP_OKAY) { - ltc_reverse_array(dst, sz); + ltc_reverse_array(dst, sz); } #endif *psz = sz; @@ -134,7 +134,7 @@ int mp_mul(mp_int *A, mp_int *B, mp_int *C) szA = mp_unsigned_bin_size(A); szB = mp_unsigned_bin_size(B); - /* if unsigned mul can fit into LTC PKHA let's use it, otherwise call + /* if unsigned mul can fit into LTC PKHA let's use it, otherwise call * software mul */ if ((szA <= LTC_MAX_INT_BYTES / 2) && (szB <= LTC_MAX_INT_BYTES / 2)) { uint8_t *ptrA = (uint8_t*)XMALLOC(LTC_MAX_INT_BYTES, NULL, @@ -264,7 +264,7 @@ int mp_mod(mp_int *a, mp_int *b, mp_int *c) { ltc_reverse_array(ptrC, sizeC); res = mp_read_unsigned_bin(c, ptrC, sizeC); - + #if (!defined(WOLFSSL_SP_MATH) && !defined(WOLFSSL_SP_MATH_ALL)) || \ defined(WOLFSSL_SP_INT_NEGATIVE) /* fix sign */ @@ -341,10 +341,10 @@ int mp_invmod(mp_int *a, mp_int *b, mp_int *c) res = ltc_get_lsb_bin_from_mp_int(ptrA, a, &sizeA); if (res == MP_OKAY) res = ltc_get_lsb_bin_from_mp_int(ptrB, b, &sizeB); - + /* if a >= b then reduce */ /* TODO: Perhaps always do mod reduce depending on hardware performance */ - if (res == MP_OKAY && + if (res == MP_OKAY && LTC_PKHA_CompareBigNum(ptrA, sizeA, ptrB, sizeB) >= 0) { if (LTC_PKHA_ModRed(LTC_BASE, ptrA, sizeA, ptrB, sizeB, ptrA, &sizeA, kLTC_PKHA_IntegerArith) != kStatus_Success) { @@ -411,7 +411,7 @@ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d) int res = MP_OKAY; status_t status; int szA, szB, szC; - + #ifdef ENABLE_NXPLTC_TESTS mp_int t; mp_init(&t); @@ -543,8 +543,8 @@ int ltc_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int useConstTime) szX = mp_unsigned_bin_size(X); szP = mp_unsigned_bin_size(P); - if ((szG <= LTC_MAX_INT_BYTES) && - (szX <= LTC_MAX_INT_BYTES) && + if ((szG <= LTC_MAX_INT_BYTES) && + (szX <= LTC_MAX_INT_BYTES) && (szP <= LTC_MAX_INT_BYTES)) { uint16_t sizeG, sizeX, sizeP, sizeY; @@ -563,9 +563,9 @@ int ltc_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int useConstTime) /* if G >= P then reduce */ /* TODO: Perhaps always do mod reduce depending on hardware performance */ - if (res == MP_OKAY && + if (res == MP_OKAY && LTC_PKHA_CompareBigNum(ptrG, sizeG, ptrP, sizeP) >= 0) { - res = LTC_PKHA_ModRed(LTC_BASE, + res = LTC_PKHA_ModRed(LTC_BASE, ptrG, sizeG, ptrP, sizeP, ptrG, &sizeG, kLTC_PKHA_IntegerArith); @@ -602,7 +602,7 @@ int ltc_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int useConstTime) } if (ptrG) { XFREE(ptrG, NULL, DYNAMIC_TYPE_BIGINT); - } + } } else { #if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) @@ -678,7 +678,7 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng) res = ltc_get_lsb_bin_from_mp_int(ptrA, a, &sizeA); } if (res == MP_OKAY) { - if (LTC_PKHA_PrimalityTest(LTC_BASE, + if (LTC_PKHA_PrimalityTest(LTC_BASE, ptrB, sizeB, /* seed */ (uint8_t*)&t, sizeof(t), /* trials */ ptrA, sizeA, /* candidate */ @@ -726,7 +726,7 @@ int mp_prime_is_prime(mp_int* a, int t, int* result) #if defined(HAVE_ECC) && defined(FREESCALE_LTC_ECC) /* convert from mp_int to LTC integer, as array of bytes of size sz. - * if mp_int has less bytes than sz, add zero bytes at most significant byte + * if mp_int has less bytes than sz, add zero bytes at most significant byte * positions. * This is when for example modulus is 32 bytes (P-256 curve) * and mp_int has only 31 bytes, we add leading zeros @@ -763,7 +763,7 @@ static int ltc_get_from_mp_int(uint8_t *dst, mp_int *a, int sz) return res; } -/* ECC specs in lsbyte at lowest address format for direct use by LTC PKHA +/* ECC specs in lsbyte at lowest address format for direct use by LTC PKHA * driver functions */ #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES) #define ECC192 @@ -1196,7 +1196,7 @@ static const uint8_t invThree[32] = { /* * * finds square root in finite field when modulus congruent to 5 modulo 8 - * this is fixed to curve25519 modulus 2^255 - 19 which is congruent to + * this is fixed to curve25519 modulus 2^255 - 19 which is congruent to * 5 modulo 8. * * This function solves equation: res^2 = a mod (2^255 - 19) @@ -1914,7 +1914,7 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, return status; } -/* LSByte first of Ed25519 parameter l = 2^252 + +/* LSByte first of Ed25519 parameter l = 2^252 + * 27742317777372353535851937790883648493 */ static const uint8_t l_coefEdDSA[] = { 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, diff --git a/wolfcrypt/src/port/nxp/se050_port.c b/wolfcrypt/src/port/nxp/se050_port.c index b2ada5773..ad526778a 100644 --- a/wolfcrypt/src/port/nxp/se050_port.c +++ b/wolfcrypt/src/port/nxp/se050_port.c @@ -266,7 +266,7 @@ int se050_hash_copy(SE050_HASH_Context* src, SE050_HASH_Context* dst) int se050_hash_update(SE050_HASH_Context* se050Ctx, const byte* data, word32 len) { - byte* tmp = NULL; + byte* tmp = NULL; if (se050Ctx == NULL || (len > 0 && data == NULL)) { return BAD_FUNC_ARG; diff --git a/wolfcrypt/src/port/pic32/pic32mz-crypt.c b/wolfcrypt/src/port/pic32/pic32mz-crypt.c index 32cf02ed0..171fe0aac 100644 --- a/wolfcrypt/src/port/pic32/pic32mz-crypt.c +++ b/wolfcrypt/src/port/pic32/pic32mz-crypt.c @@ -365,7 +365,7 @@ static void reset_engine(int algo) static void update_engine(const byte *input, word32 len, word32 *hash) { int total; - + gLHDesc.bd[gLHDesc.currBd].UPDPTR = KVA_TO_PA(hash); /* Add the data to the current buffer. If the buffer fills, start processing it diff --git a/wolfcrypt/src/port/st/stsafe.c b/wolfcrypt/src/port/st/stsafe.c index ebe072733..4745fcf53 100644 --- a/wolfcrypt/src/port/st/stsafe.c +++ b/wolfcrypt/src/port/st/stsafe.c @@ -539,7 +539,7 @@ int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx) &otherKeyY[0], (word32*)&otherKeyY_len); if (rc == 0) { /* Compute shared secret */ - *info->pk.ecdh.outlen = 0; + *info->pk.ecdh.outlen = 0; rc = stsafe_interface_shared_secret( #ifdef WOLFSSL_STSAFE_TAKES_SLOT STSAFE_A_SLOT_0, diff --git a/wolfcrypt/src/port/ti/ti-hash.c b/wolfcrypt/src/port/ti/ti-hash.c index 0077e96da..48270f15a 100644 --- a/wolfcrypt/src/port/ti/ti-hash.c +++ b/wolfcrypt/src/port/ti/ti-hash.c @@ -203,7 +203,7 @@ WOLFSSL_API int wc_Md5GetHash(Md5* md5, byte* hash) WOLFSSL_API int wc_Md5Copy(Md5* src, Md5* dst) { - return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst); + return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst); } WOLFSSL_API int wc_Md5Hash(const byte*data, word32 len, byte* hash) @@ -249,7 +249,7 @@ WOLFSSL_API int wc_ShaGetHash(Sha* sha, byte* hash) WOLFSSL_API int wc_ShaCopy(Sha* src, Sha* dst) { - return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst); + return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst); } WOLFSSL_API int wc_ShaHash(const byte*data, word32 len, byte* hash) diff --git a/wolfcrypt/src/port/xilinx/xil-aesgcm.c b/wolfcrypt/src/port/xilinx/xil-aesgcm.c index e2dfc8af4..d92a2cd41 100644 --- a/wolfcrypt/src/port/xilinx/xil-aesgcm.c +++ b/wolfcrypt/src/port/xilinx/xil-aesgcm.c @@ -87,9 +87,9 @@ static WC_INLINE int aligned_xmalloc(byte** buf, byte** aligned, void* heap, wor static WC_INLINE void aligned_xfree(void* buf, void* heap) { - if (buf == NULL) - return; - XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER); + if (buf == NULL) + return; + XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER); } static WC_INLINE int check_keysize(word32 len) diff --git a/wolfcrypt/src/port/xilinx/xil-versal-glue.c b/wolfcrypt/src/port/xilinx/xil-versal-glue.c index ed90fd4fc..f40c86a07 100644 --- a/wolfcrypt/src/port/xilinx/xil-versal-glue.c +++ b/wolfcrypt/src/port/xilinx/xil-versal-glue.c @@ -78,7 +78,7 @@ int wc_InitXsecure(wc_Xsecure* xsec) /** Convert Xilinx specific error to string - err The error to convert + err The error to convert Returns a pointer to a string (always, never returns NULL). */ diff --git a/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h b/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h index 72905c936..8747f1655 100644 --- a/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h +++ b/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h @@ -200,7 +200,7 @@ enum { ** Even if HW is enabled, do not run HW math tests. See HW_MATH_ENABLED. ** ** NO_ESP_MP_MUL_EVEN_ALT_CALC -** Used during Z = X × Y mod M +** Used during Z = X * Y mod M ** By default, even moduli use a two step HW esp_mp_mul with SW mp_mod. ** Enable this to instead fall back to pure software mp_mulmod. ** @@ -820,8 +820,8 @@ extern "C" /* Non-FIFO read may not be needed in chip revision v3.0. */ #define ESP_EM__READ_NON_FIFO_REG {DPORT_SEQUENCE_REG_READ(0x3FF40078);} - /* When the CPU frequency is 160 MHz, add six �nop� between two consecutive - ** FIFO reads. When the CPU frequency is 240 MHz, add seven �nop� between + /* When the CPU frequency is 160 MHz, add six nops between two consecutive + ** FIFO reads. When the CPU frequency is 240 MHz, add seven nops between ** two consecutive FIFO reads. See 3.16 */ #if defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_80) #define ESP_EM__3_16 { \ diff --git a/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h b/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h index 9671fafa9..e719b93f5 100644 --- a/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h +++ b/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h @@ -123,7 +123,7 @@ WOLFSSL_LOCAL int wc_fspsm_Open(); WOLFSSL_LOCAL void wc_fspsm_Close(); WOLFSSL_LOCAL int wc_fspsm_hw_lock(); WOLFSSL_LOCAL void wc_fspsm_hw_unlock( void ); -WOLFSSL_LOCAL int wc_fspsm_usable(const struct WOLFSSL *ssl, +WOLFSSL_LOCAL int wc_fspsm_usable(const struct WOLFSSL *ssl, uint8_t session_key_generated); typedef struct { @@ -319,7 +319,7 @@ WOLFSSL_API int FSPSM_CALLBACK_CTX_FUNC(struct WOLFSSL* ssl, void* user_ctx); WOLFSSL_API void FSPSM_INFORM_CERT_SIGN(const uint8_t *sign); -#endif /* WOLFSSL_RENESAS_FSPSM_TLS && +#endif /* WOLFSSL_RENESAS_FSPSM_TLS && * !WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY */ typedef struct FSPSM_RSA_CTX { diff --git a/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h b/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h index 6b1bbfdae..43030a2cb 100644 --- a/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h +++ b/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h @@ -32,7 +32,7 @@ #if defined(WOLFSSL_RENESAS_TSIP) || \ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) - #include "r_tsip_rx_if.h" + #include "r_tsip_rx_if.h" #endif @@ -93,7 +93,7 @@ typedef enum { #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY TSIP_KEY_TYPE_RSA1024 = 3, #endif - + } wolfssl_TSIP_KEY_TYPE; struct WOLFSSL; @@ -101,11 +101,11 @@ struct KeyShareEntry; /* MsgBag stands for message bag and acts as a buffer for holding plain text * handshake messages exchanged between client and server. - * MsgBag was introduced as a workaround for the TSIP's limitation that TSIP + * MsgBag was introduced as a workaround for the TSIP's limitation that TSIP * can not process multiple hash algorithms at the same time. If the - * limitation is resolved in a future TSIP, MsgBag should be removed. + * limitation is resolved in a future TSIP, MsgBag should be removed. * The contents in this MsgBag is used for transcript hashing. The hash value - * is used for the key derivation and Finished-message. + * is used for the key derivation and Finished-message. * The capacity of the MsgBag is defined as MSGBAG_SIZE and the actual * size is 8KB. The size should be large enough to hold all the handshake * messages including the server and client certificate messages. @@ -121,9 +121,9 @@ typedef struct MsgBag } MsgBag; #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY - + typedef void* renesas_tsip_key; - + /* flags Crypt Only */ struct tsip_keyflgs_cryt { uint8_t aes256_key_set:1; @@ -147,7 +147,7 @@ typedef struct TsipUserCtx { /* public key index for verification of RootCA cert */ uint32_t user_key_id; - + /* WOLFSSL object associated with */ struct WOLFSSL* ssl; struct WOLFSSL_CTX* ctx; @@ -183,10 +183,10 @@ typedef struct TsipUserCtx { /* ECDHE pre-master secret */ tsip_tls13_ephemeral_shared_secret_key_index_t sharedSecret13Idx; - + /* Handshake secret for Tls13 handshake */ tsip_tls13_ephemeral_handshake_secret_key_index_t handshakeSecret13Idx; - + /* the key to decrypt server-finished message */ tsip_tls13_ephemeral_server_finished_key_index_t serverFinished13Idx; @@ -226,12 +226,12 @@ typedef struct TsipUserCtx { /* signature data area for TLS1.3 CertificateVerify message */ byte sigDataCertVerify[TSIP_TLS_MAX_SIGDATA_SZ]; - + #if (WOLFSSL_RENESAS_TSIP_VER >=109) /* out from R_SCE_TLS_ServerKeyExchangeVerify */ uint32_t encrypted_ephemeral_ecdh_public_key[ENCRYPTED_ECDHE_PUBKEY_SZ]; - - /* ephemeral ECDH pubkey index + + /* ephemeral ECDH pubkey index * got from R_TSIP_GenerateTlsP256EccKeyIndex. * Input to R_TSIP_TlsGeneratePreMasterSecretWithEccP256Key. */ @@ -251,33 +251,33 @@ typedef struct TsipUserCtx { #endif /* WOLFSSL_RENESAS_TSIP_TLS */ /* for tsip crypt only mode */ #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY - + renesas_tsip_key rsa1024pri_keyIdx; renesas_tsip_key rsa1024pub_keyIdx; renesas_tsip_key rsa2048pri_keyIdx; renesas_tsip_key rsa2048pub_keyIdx; - + /* sign/verify hash type : * md5, sha1 or sha256 */ int sing_hash_type; - + /* flags shows status if tsip keys are installed */ union { uint8_t chr; struct tsip_keyflgs_cryt bits; } keyflgs_crypt; - + #endif /* installed key handling */ tsip_aes_key_index_t user_aes256_key_index; uint8_t user_aes256_key_set:1; tsip_aes_key_index_t user_aes128_key_index; uint8_t user_aes128_key_set:1; - + /* TSIP defined cipher suite number */ uint32_t tsip_cipher; - + /* flags */ #ifdef WOLFSSL_RENESAS_TSIP_TLS #if !defined(NO_RSA) @@ -315,7 +315,7 @@ typedef TsipUserCtx user_PKCbInfo; typedef struct { - TsipUserCtx* userCtx; + TsipUserCtx* userCtx; } TsipPKCbInfo; @@ -387,12 +387,12 @@ WOLFSSL_API void tsip_inform_user_keys_ex( byte* provisioning_key, /* key got from DLM server */ byte* iv, /* iv used for public key */ byte* encrypted_public_key,/*RSA2048 or ECDSAp256 public key*/ - word32 public_key_type); /* 0: RSA-2048 2:ECDSA P-256 */ + word32 public_key_type); /* 0: RSA-2048 2:ECDSA P-256 */ #else WOLFSSL_API void tsip_inform_user_keys( - byte* encrypted_session_key, + byte* encrypted_session_key, byte* iv, byte* encrypted_user_tls_key); @@ -404,7 +404,7 @@ WOLFSSL_API void tsip_inform_user_keys( WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc); WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb( - WOLFSSL* ssl, + WOLFSSL* ssl, unsigned char* sig, unsigned int sigSz, unsigned char** out, const unsigned char* keyDer, unsigned int keySz, @@ -427,7 +427,7 @@ WOLFSSL_LOCAL int tsip_GetMessageSha256(struct WOLFSSL* ssl, byte* hash, WOLFSSL_LOCAL int tsip_Tls13GetHmacMessages(struct WOLFSSL* ssl, byte* mac); -WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(struct WOLFSSL* ssl, +WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(struct WOLFSSL* ssl, struct KeyShareEntry* kse); WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl, @@ -466,13 +466,13 @@ WOLFSSL_LOCAL int tsip_Tls13VerifyHandshake(struct WOLFSSL* ssl, const byte* input, byte* hash, word32* pHashSz); -WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(struct WOLFSSL* ssl, +WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(struct WOLFSSL* ssl, byte* output, const byte* input, word16 sz); WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(struct WOLFSSL* ssl, byte* output, const byte* input, word16 sz); -WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, +WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 totalSz); @@ -483,7 +483,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(struct WOLFSSL*ssl); #if (WOLFSSL_RENESAS_TSIP_VER >=109) -WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, struct wc_CryptoInfo* info, +WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, struct wc_CryptoInfo* info, void* ctx); WOLFSSL_LOCAL int wc_tsip_generateMasterSecretEx( byte cipherSuiteFirst, @@ -530,7 +530,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerify( void* ctx); WOLFSSL_LOCAL int wc_tsip_EccVerify( - WOLFSSL* ssl, + WOLFSSL* ssl, const byte* sig, word32 sigSz, const byte* hash, word32 hashSz, const byte* key, word32 keySz, @@ -553,7 +553,7 @@ WOLFSSL_LOCAL int wc_tsip_AesCbcDecrypt( byte* out, const byte* in, word32 sz); - + WOLFSSL_LOCAL int wc_tsip_AesGcmEncrypt( Aes* aes, byte* out, const byte* in, word32 sz, @@ -561,7 +561,7 @@ WOLFSSL_LOCAL int wc_tsip_AesGcmEncrypt( byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz, void* ctx); - + WOLFSSL_LOCAL int wc_tsip_AesGcmDecrypt( Aes* aes, byte* out, const byte* in, word32 sz, @@ -572,17 +572,17 @@ WOLFSSL_LOCAL int wc_tsip_AesGcmDecrypt( #endif /* NO_AES */ WOLFSSL_LOCAL int wc_tsip_ShaXHmacVerify( const WOLFSSL *ssl, - const byte* message, + const byte* message, word32 messageSz, word32 macSz, word32 content); WOLFSSL_LOCAL int wc_tsip_Sha1HmacGenerate( const WOLFSSL *ssl, - const byte* myInner, + const byte* myInner, word32 innerSz, const byte* in, - word32 sz, + word32 sz, byte* digest); WOLFSSL_LOCAL int wc_tsip_Sha256HmacGenerate( @@ -605,7 +605,7 @@ WOLFSSL_LOCAL int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated); WOLFSSL_LOCAL void tsip_inform_sflash_signedcacert( - const byte* ps_flash, + const byte* ps_flash, const byte* psigned_ca_cert, word32 len); @@ -636,7 +636,7 @@ WOLFSSL_LOCAL int wc_tsip_generateSessionKey( int devId); WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx); -WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, +WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc); WOLFSSL_LOCAL int wc_tsip_GenerateRandBlock(byte* output, word32 size); diff --git a/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h b/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h index 1213eeee8..e26911557 100644 --- a/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h +++ b/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h @@ -36,12 +36,12 @@ WOLFSSL_LOCAL int Renesas_cmn_EccSignCb(WOLFSSL* ssl, const unsigned char* keyDer, unsigned int keySz, void* ctx); WOLFSSL_LOCAL int Renesas_cmn_genMasterSecret(WOLFSSL* ssl, void* ctx); -WOLFSSL_LOCAL int Renesas_cmn_generatePremasterSecret(WOLFSSL* ssl, +WOLFSSL_LOCAL int Renesas_cmn_generatePremasterSecret(WOLFSSL* ssl, byte *premaster, word32 preSz, void* ctx); -WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in, +WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in, unsigned int inSz, unsigned char* out, word32* outSz, const unsigned char* keyDer, unsigned int keySz, void* ctx); -WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message, +WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message, word32 messageSz, word32 macSz, word32 content, void* ctx); WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig, unsigned int sigSz, const unsigned char* hash, unsigned int hashSz, @@ -55,7 +55,7 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaSignCheckCb(WOLFSSL* ssl, unsigned char** out, const unsigned char* keyDer, unsigned int keySz, void* ctx); - + WOLFSSL_LOCAL int Renesas_cmn_TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz, int content, int verify, int epochOrder); WOLFSSL_LOCAL int Renesas_cmn_usable(const WOLFSSL *ssl, byte seskey_gennerated); @@ -71,8 +71,8 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig, unsigne WOLFSSL_LOCAL void* Renesas_cmn_GetCbCtxBydevId(int devId); int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx); void wc_CryptoCb_CleanupRenesasCmn(int* id); -int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, - word32 key_n_start, word32 key_n_len, word32 key_e_start, +int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, + word32 key_n_start, word32 key_n_len, word32 key_e_start, word32 key_e_len, word32 cm_row); WOLFSSL_LOCAL int Renesas_cmn_Cleanup(WOLFSSL* ssl); WOLFSSL_LOCAL byte Renesas_cmn_checkCA(word32 cmIdx); diff --git a/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h b/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h index 93738780a..d340a1d3f 100644 --- a/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h +++ b/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h @@ -19,7 +19,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ - + #ifndef __RENESAS_TSIP_TYPES_H__ #define __RENESAS_TSIP_TYPES_H__ @@ -48,7 +48,7 @@ typedef struct { #if defined(WOLF_CRYPTO_CB) word32 flags; int devId; -#endif +#endif } wolfssl_TSIP_Hash; /* RAW hash function APIs are not implemented with TSIP */ diff --git a/wolfssl/wolfcrypt/port/caam/wolfcaam.h b/wolfssl/wolfcrypt/port/caam/wolfcaam.h index 6c96edc41..1123ecba4 100644 --- a/wolfssl/wolfcrypt/port/caam/wolfcaam.h +++ b/wolfssl/wolfcrypt/port/caam/wolfcaam.h @@ -36,7 +36,7 @@ #if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) || \ defined(WOLFSSL_QNX_CAAM) || defined(WOLFSSL_SECO_CAAM) || \ - defined(WOLFSSL_IMXRT1170_CAAM) + defined(WOLFSSL_IMXRT1170_CAAM) /* unique devId for CAAM use on crypto callbacks */ @@ -75,9 +75,9 @@ WOLFSSL_LOCAL int caamWriteToPartition(CAAM_ADDRESS addr, const unsigned char* i WOLFSSL_LOCAL int caamReadPartition(CAAM_ADDRESS addr, unsigned char* out, int outSz); WOLFSSL_API int wc_caamOpenBlob(byte* data, word32 dataSz, byte* out, - word32* outSz); + word32* outSz); WOLFSSL_API int wc_caamCreateBlob(byte* data, word32 dataSz, byte* out, - word32* outSz); + word32* outSz); WOLFSSL_API int wc_caamOpenBlob_ex(byte* data, word32 dataSz, byte* out, word32* outSz, int type, byte* mod, word32 modSz); @@ -97,7 +97,7 @@ WOLFSSL_API int wc_caamCoverKey(byte* in, word32 inSz, byte* out, word32* outSz, #define WC_CAAM_MAX_ENTROPY 44 #if !defined(WOLFSSL_QNX_CAAM) && !defined(WOLFSSL_SECO_CAAM) && \ - !defined(WOLFSSL_IMXRT1170_CAAM) + !defined(WOLFSSL_IMXRT1170_CAAM) WOLFSSL_API int wc_caamSetResource(IODevice ioDev); #ifndef WC_CAAM_READ #define WC_CAAM_READ(reg) wc_caamReadRegister((reg)) diff --git a/wolfssl/wolfcrypt/port/liboqs/liboqs.h b/wolfssl/wolfcrypt/port/liboqs/liboqs.h index 58da9ba2b..b558f5184 100644 --- a/wolfssl/wolfcrypt/port/liboqs/liboqs.h +++ b/wolfssl/wolfcrypt/port/liboqs/liboqs.h @@ -43,7 +43,7 @@ implementations for Post-Quantum cryptography algorithms. #if defined(HAVE_LIBOQS) #include "oqs/oqs.h" - + int wolfSSL_liboqsInit(void); diff --git a/wolfssl/wolfcrypt/port/nxp/ksdk_port.h b/wolfssl/wolfcrypt/port/nxp/ksdk_port.h index c272a9697..98f9ff200 100644 --- a/wolfssl/wolfcrypt/port/nxp/ksdk_port.h +++ b/wolfssl/wolfcrypt/port/nxp/ksdk_port.h @@ -34,13 +34,13 @@ int ksdk_port_init(void); /* software algorithm, by wolfcrypt */ #if defined(FREESCALE_LTC_TFM) - int wolfcrypt_mp_mul(mp_int *A, mp_int *B, mp_int *C); - int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c); - int wolfcrypt_mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); - int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c); - int wolfcrypt_mp_invmod(mp_int *a, mp_int *b, mp_int *c); - int wolfcrypt_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y); - int wolfcrypt_mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng); + int wolfcrypt_mp_mul(mp_int *A, mp_int *B, mp_int *C); + int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c); + int wolfcrypt_mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); + int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c); + int wolfcrypt_mp_invmod(mp_int *a, mp_int *b, mp_int *c); + int wolfcrypt_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y); + int wolfcrypt_mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng); /* Exported mp_mulmod function */ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); @@ -48,40 +48,40 @@ int ksdk_port_init(void); #endif /* FREESCALE_LTC_TFM */ #if defined(FREESCALE_LTC_ECC) - #include "fsl_ltc.h" + #include "fsl_ltc.h" - typedef enum _fsl_ltc_ecc_coordinate_system - { - kLTC_Weierstrass = 0U, /*< Point coordinates on an elliptic curve in Weierstrass form */ - kLTC_Curve25519 = 1U, /*< Point coordinates on an Curve25519 elliptic curve in Montgomery form */ - kLTC_Ed25519 = 2U, /*< Point coordinates on an Ed25519 elliptic curve in twisted Edwards form */ - } fsl_ltc_ecc_coordinate_system_t; + typedef enum _fsl_ltc_ecc_coordinate_system + { + kLTC_Weierstrass = 0U, /*< Point coordinates on an elliptic curve in Weierstrass form */ + kLTC_Curve25519 = 1U, /*< Point coordinates on an Curve25519 elliptic curve in Montgomery form */ + kLTC_Ed25519 = 2U, /*< Point coordinates on an Ed25519 elliptic curve in twisted Edwards form */ + } fsl_ltc_ecc_coordinate_system_t; - int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m); + int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m); - #ifdef HAVE_CURVE25519 - int nxp_ltc_curve25519(ECPoint *q, const byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type); - const ECPoint *nxp_ltc_curve25519_GetBasePoint(void); - status_t LTC_PKHA_Curve25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut); - status_t LTC_PKHA_WeierstrassToCurve25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut); - status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint); - #endif + #ifdef HAVE_CURVE25519 + int nxp_ltc_curve25519(ECPoint *q, const byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type); + const ECPoint *nxp_ltc_curve25519_GetBasePoint(void); + status_t LTC_PKHA_Curve25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut); + status_t LTC_PKHA_WeierstrassToCurve25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut); + status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint); + #endif - #ifdef HAVE_ED25519 - status_t LTC_PKHA_Ed25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut); - status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut); - status_t LTC_PKHA_Ed25519_PointMul(const ltc_pkha_ecc_point_t *ltcPointIn, - const uint8_t *N, - size_t sizeN, - ltc_pkha_ecc_point_t *ltcPointOut, - fsl_ltc_ecc_coordinate_system_t typeOut); - const ltc_pkha_ecc_point_t *LTC_PKHA_Ed25519_BasePoint(void); - status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, size_t pubKeySize, ltc_pkha_ecc_point_t *ltcPointOut); - status_t LTC_PKHA_sc_reduce(uint8_t *a); - status_t LTC_PKHA_sc_muladd(uint8_t *s, const uint8_t *a, const uint8_t *b, const uint8_t *c); - status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a, const unsigned char *b, ed25519_key *key); - status_t LTC_PKHA_Ed25519_Compress(const ltc_pkha_ecc_point_t *ltcPointIn, uint8_t *p); - #endif + #ifdef HAVE_ED25519 + status_t LTC_PKHA_Ed25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut); + status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut); + status_t LTC_PKHA_Ed25519_PointMul(const ltc_pkha_ecc_point_t *ltcPointIn, + const uint8_t *N, + size_t sizeN, + ltc_pkha_ecc_point_t *ltcPointOut, + fsl_ltc_ecc_coordinate_system_t typeOut); + const ltc_pkha_ecc_point_t *LTC_PKHA_Ed25519_BasePoint(void); + status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, size_t pubKeySize, ltc_pkha_ecc_point_t *ltcPointOut); + status_t LTC_PKHA_sc_reduce(uint8_t *a); + status_t LTC_PKHA_sc_muladd(uint8_t *s, const uint8_t *a, const uint8_t *b, const uint8_t *c); + status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a, const unsigned char *b, ed25519_key *key); + status_t LTC_PKHA_Ed25519_Compress(const ltc_pkha_ecc_point_t *ltcPointIn, uint8_t *p); + #endif #endif /* FREESCALE_LTC_ECC */