forked from wolfSSL/wolfssl
Merge pull request #7685 from dgarske/renesas_rx_tsip
Renesas RX TSIP ECDSA support
This commit is contained in:
@ -34,7 +34,7 @@ BUILD_C
|
||||
RSA 2048 public 7.619 ops/sec
|
||||
RSA 2048 private 0.276 ops/sec
|
||||
|
||||
###Building testwolfcryt/benchmark
|
||||
###Building testwolfcrypt/benchmark
|
||||
To build either testwolfcrypt or benchmark first build wolfssl.a, place it in
|
||||
$(NBROOT)/lib and then cd into the respective directory. Running "make" will
|
||||
then create a .s19 application that can be ran on the board.
|
||||
|
@ -21,8 +21,8 @@
|
||||
|
||||
#include <wolfssl/wolfcrypt/wc_port.h>
|
||||
|
||||
#define YEAR 2023
|
||||
#define MON 5
|
||||
#define YEAR 2024
|
||||
#define MON 7
|
||||
|
||||
static int tick = 0;
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* simpel_tls_tsip_client.c
|
||||
*
|
||||
* Copyright (C) 2006-2023 wolfSSL Inc.
|
||||
* Copyright (C) 2006-2024 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
@ -31,7 +31,7 @@
|
||||
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
|
||||
#endif
|
||||
|
||||
#define SIMPLE_TLSSEVER_IP "192.168.11.9"
|
||||
#define SIMPLE_TLSSEVER_IP "192.168.11.5"
|
||||
#define SIMPLE_TLSSERVER_PORT "11111"
|
||||
|
||||
ER t4_tcp_callback(ID cepid, FN fncd , VP p_parblk);
|
||||
@ -198,7 +198,7 @@ void wolfSSL_TLS_client( )
|
||||
{
|
||||
ID cepid = 1;
|
||||
ER ercd;
|
||||
int ret;
|
||||
int ret = 0;
|
||||
WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)client_ctx;
|
||||
WOLFSSL *ssl = NULL;
|
||||
|
||||
@ -231,44 +231,95 @@ void wolfSSL_TLS_client( )
|
||||
}
|
||||
|
||||
#ifdef SIMPLE_TLS_TSIP_CLIENT
|
||||
tsip_set_callback_ctx(ssl, &userContext);
|
||||
ret = tsip_set_callback_ctx(ssl, &userContext);
|
||||
#endif
|
||||
|
||||
/* set client private key data */
|
||||
#if defined(WOLFSSL_TLS13) && defined(SIMPLE_TLS_TSIP_CLIENT)
|
||||
#if defined(USE_ECC_CERT)
|
||||
if (tsip_use_PrivateKey_buffer_TLS(ssl,
|
||||
#ifdef USE_ECC_CERT
|
||||
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_TLS
|
||||
|
||||
/* TSIP specific ECC private key */
|
||||
if (ret == 0){
|
||||
ret = tsip_use_PrivateKey_buffer_TLS(ssl,
|
||||
(const char*)g_key_block_data.encrypted_user_ecc256_private_key,
|
||||
sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
|
||||
TSIP_ECCP256) != 0) {
|
||||
printf("ERROR: can't load client-private key\n");
|
||||
return;
|
||||
}
|
||||
#else
|
||||
if (tsip_use_PrivateKey_buffer_TLS(ssl,
|
||||
(const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
|
||||
sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
|
||||
TSIP_RSA2048) != 0) {
|
||||
printf("ERROR: can't load client-private key\n");
|
||||
return;
|
||||
}
|
||||
ret = tsip_use_PublicKey_buffer_TLS(ssl,
|
||||
(const char*)g_key_block_data.encrypted_user_rsa2048_public_key,
|
||||
sizeof(g_key_block_data.encrypted_user_rsa2048_public_key), TSIP_RSA2048);
|
||||
TSIP_ECCP256);
|
||||
if (ret != 0) {
|
||||
printf("ERROR tsip_use_PublicKey_buffer: %d\n", ret);
|
||||
return;
|
||||
printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
|
||||
}
|
||||
#endif
|
||||
#else
|
||||
if (wolfSSL_use_PrivateKey_buffer(ssl,
|
||||
}
|
||||
# if defined(WOLFSSL_CHECK_SIG_FAULTS)
|
||||
if (ret == 0){
|
||||
ret = tsip_use_PublicKey_buffer_TLS(ssl,
|
||||
(const char*)g_key_block_data.encrypted_user_ecc256_public_key,
|
||||
sizeof(g_key_block_data.encrypted_user_ecc256_public_key),
|
||||
TSIP_ECCP256);
|
||||
if (ret != 0) {
|
||||
printf("ERROR tsip_use_PublicKey_buffer_TLS\n");
|
||||
}
|
||||
}
|
||||
#endif /* WOLFSSL_CHECK_SIG_FAULTS */
|
||||
|
||||
#else
|
||||
|
||||
/* DER format ECC private key */
|
||||
if (ret == 0) {
|
||||
ret = wolfSSL_use_PrivateKey_buffer(ssl,
|
||||
ecc_clikey_der_256,
|
||||
sizeof_ecc_clikey_der_256,
|
||||
SSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
|
||||
printf("ERROR: can't load private-key data.\n");
|
||||
return;
|
||||
WOLFSSL_FILETYPE_ASN1);
|
||||
if (ret != SSL_SUCCESS) {
|
||||
printf("ERROR wolfSSL_use_PrivateKey_buffer: %d\n",
|
||||
wolfSSL_get_error(ssl, 0));
|
||||
ret = -1;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_TLS */
|
||||
|
||||
#else
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
|
||||
/* Note: TSIP asks RSA client key pair for client authentication. */
|
||||
|
||||
/* TSIP specific RSA private key */
|
||||
if (ret == 0) {
|
||||
ret = tsip_use_PrivateKey_buffer_TLS(ssl,
|
||||
(const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
|
||||
sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
|
||||
TSIP_RSA2048);
|
||||
if (ret != 0) {
|
||||
printf("ERROR tsip_use_PrivateKey_buffer_TLS :%d\n", ret);
|
||||
}
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = tsip_use_PublicKey_buffer_TLS(ssl,
|
||||
(const char*)g_key_block_data.encrypted_user_rsa2048_public_key,
|
||||
sizeof(g_key_block_data.encrypted_user_rsa2048_public_key),
|
||||
TSIP_RSA2048);
|
||||
if (ret != 0) {
|
||||
printf("ERROR tsip_use_PublicKey_buffer_TLS: %d\n", ret);
|
||||
}
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
if (ret == 0) {
|
||||
err = wolfSSL_use_PrivateKey_buffer(ssl, client_key_der_2048,
|
||||
sizeof_client_key_der_2048, WOLFSSL_FILETYPE_ASN1);
|
||||
|
||||
if (err != SSL_SUCCESS) {
|
||||
printf("ERROR wolfSSL_use_PrivateKey_buffer: %d\n",
|
||||
wolfSSL_get_error(ssl, 0));
|
||||
ret = -1;
|
||||
}
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_TLS */
|
||||
|
||||
#endif /* USE_ECC_CERT */
|
||||
|
||||
/* set callback context */
|
||||
wolfSSL_SetIOReadCtx(ssl, (void *)&cepid);
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* key_data.c
|
||||
*
|
||||
* Copyright (C) 2006-2023 wolfSSL Inc.
|
||||
* Copyright (C) 2006-2024 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
@ -31,43 +31,43 @@ const st_key_block_data_t g_key_block_data =
|
||||
{
|
||||
/* uint8_t encrypted_provisioning_key[R_TSIP_AES_CBC_IV_BYTE_SIZE * 2]; */
|
||||
{
|
||||
0xDF, 0x78, 0x49, 0x28, 0xA9, 0x4C, 0x36, 0xD6, 0xC9, 0x89, 0x98, 0xDF,
|
||||
0xFF, 0xB1, 0xCB, 0xBC, 0x9F, 0xF4, 0x34, 0xCD, 0x81, 0x53, 0x67, 0xB3,
|
||||
0xFC, 0x85, 0xC6, 0x0B, 0xA2, 0xC8, 0xF4, 0x83
|
||||
0x68, 0x03, 0xA1, 0x95, 0x3B, 0x93, 0x12, 0xCC, 0x86, 0x5A, 0x3E, 0x24,
|
||||
0xF7, 0xDD, 0x22, 0x31, 0xEC, 0xAB, 0x42, 0x8B, 0x90, 0xC2, 0x8E, 0xDF,
|
||||
0x56, 0xB3, 0xAE, 0x3A, 0x99, 0x05, 0x34, 0xCD
|
||||
},
|
||||
/* uint8_t iv[R_TSIP_AES_CBC_IV_BYTE_SIZE]; */
|
||||
{
|
||||
0xF6, 0xA9, 0x83, 0x5A, 0xA1, 0x65, 0x1D, 0x28, 0xC8, 0x1A, 0xA6, 0x9D,
|
||||
0x34, 0xB2, 0x4D, 0x92
|
||||
0x01, 0x23, 0x45, 0x67, 0x89, 0x01, 0x23, 0x45, 0x67, 0x89, 0x01, 0x23,
|
||||
0x45, 0x67, 0x89, 0x01
|
||||
},
|
||||
/* uint8_t
|
||||
* encrypted_user_rsa2048_ne_key[R_TSIP_RSA2048_NE_KEY_BYTE_SIZE + 16];
|
||||
*/
|
||||
{
|
||||
0xC8, 0x12, 0x94, 0x44, 0x43, 0x35, 0x82, 0x09, 0xF2, 0x54, 0x69, 0xB6,
|
||||
0x9B, 0x8E, 0x6F, 0x92, 0xE3, 0x3A, 0xB2, 0x55, 0x63, 0x8D, 0xDB, 0x47,
|
||||
0x75, 0x8D, 0x9D, 0x56, 0xD7, 0x7F, 0x42, 0x3A, 0x04, 0x4C, 0xAA, 0xF1,
|
||||
0x94, 0x9C, 0x8C, 0x97, 0xAF, 0x5C, 0xBA, 0x0E, 0xBD, 0x8A, 0xE3, 0x67,
|
||||
0x3E, 0xF8, 0x4C, 0x8E, 0xB7, 0x71, 0xB0, 0xCE, 0x09, 0x3C, 0xEC, 0x9C,
|
||||
0xCC, 0x81, 0x9D, 0x37, 0x9E, 0x34, 0x39, 0x6D, 0xF0, 0x7D, 0x1A, 0x4A,
|
||||
0xEB, 0xF5, 0x99, 0x91, 0xE1, 0xB0, 0x99, 0x72, 0xB3, 0xF3, 0x2B, 0xE1,
|
||||
0x6F, 0x5B, 0xD4, 0xA3, 0xB9, 0x9C, 0xEB, 0x95, 0xC3, 0xB2, 0x8F, 0x5C,
|
||||
0x58, 0xD5, 0x0A, 0xAA, 0x02, 0x01, 0xBF, 0xE1, 0xE9, 0x23, 0xFB, 0x03,
|
||||
0xCF, 0x54, 0x6D, 0x29, 0xE7, 0x5E, 0x96, 0x51, 0x68, 0x6B, 0xDD, 0x06,
|
||||
0x67, 0x5E, 0x84, 0x50, 0x21, 0x50, 0x78, 0x89, 0x80, 0xF8, 0x61, 0x9C,
|
||||
0xBE, 0xDA, 0x75, 0x55, 0x1A, 0xE6, 0x3C, 0xA5, 0x1C, 0xE4, 0x5A, 0x5C,
|
||||
0x68, 0x7C, 0x48, 0xC7, 0x6A, 0xC9, 0x80, 0x54, 0x31, 0xE7, 0x65, 0x8A,
|
||||
0x13, 0xF3, 0x6D, 0x0F, 0xB3, 0x62, 0x8D, 0x1B, 0xEA, 0x71, 0x12, 0x86,
|
||||
0x50, 0x98, 0xA3, 0x8E, 0x64, 0x1D, 0x3E, 0xA4, 0x5A, 0x99, 0xB3, 0xBD,
|
||||
0x3E, 0x3D, 0xF5, 0x0F, 0x41, 0x09, 0xFB, 0x04, 0x7B, 0x8D, 0xA1, 0xCF,
|
||||
0xBA, 0x71, 0x85, 0x86, 0x3C, 0x04, 0xDD, 0x74, 0x8D, 0xE3, 0x3C, 0x8E,
|
||||
0x52, 0x3C, 0x05, 0x7A, 0xBE, 0xCC, 0xEA, 0x9D, 0x57, 0x2C, 0x40, 0x05,
|
||||
0xEE, 0x49, 0x1D, 0xD2, 0xA3, 0x5A, 0xFA, 0x25, 0x1D, 0x1F, 0xDD, 0xB5,
|
||||
0x36, 0x7D, 0x25, 0xD3, 0x34, 0x39, 0xC2, 0x59, 0x57, 0xAD, 0x3C, 0x9D,
|
||||
0xC9, 0xBF, 0x09, 0x8D, 0xA0, 0x40, 0x5A, 0x14, 0x7B, 0xCF, 0xFE, 0x05,
|
||||
0x3E, 0xF3, 0xD1, 0x7D, 0xBB, 0x33, 0x96, 0x40, 0x79, 0xC2, 0x7B, 0x15,
|
||||
0x2E, 0xEE, 0xE3, 0x5B, 0x9C, 0x06, 0x72, 0x95, 0xFF, 0xCB, 0xC9, 0xE4,
|
||||
0x96, 0x97, 0x18, 0x0D, 0xE7, 0x78, 0xCD, 0xE9, 0xA7, 0xEA, 0xE9, 0xDF
|
||||
0x8F, 0xCE, 0xBA, 0x0C, 0xF6, 0x6F, 0x65, 0x7F, 0xF7, 0xB7, 0x31, 0x11,
|
||||
0x20, 0x17, 0x7D, 0x8F, 0x5B, 0xA4, 0x43, 0x4F, 0x0A, 0x7C, 0x64, 0x24,
|
||||
0x57, 0x03, 0xEB, 0xBB, 0xDD, 0xF4, 0x60, 0x1E, 0x30, 0x97, 0xB1, 0xC7,
|
||||
0xFA, 0xEF, 0x5D, 0x16, 0x93, 0x16, 0xD6, 0x24, 0xA8, 0xC3, 0xCA, 0x7C,
|
||||
0xF4, 0x00, 0x77, 0x0E, 0x62, 0xB1, 0x7E, 0x8E, 0x57, 0x19, 0x91, 0xEC,
|
||||
0x47, 0xE1, 0x81, 0x6F, 0x79, 0x43, 0x51, 0xB9, 0x0A, 0x3F, 0x6B, 0x38,
|
||||
0x9A, 0xB6, 0x2F, 0x97, 0x59, 0xA2, 0x7C, 0x6B, 0xBD, 0x8A, 0xCC, 0x52,
|
||||
0x37, 0x2A, 0x22, 0xC9, 0x60, 0xB8, 0x99, 0x17, 0x2D, 0x94, 0x8B, 0x02,
|
||||
0x51, 0xAB, 0xD2, 0x09, 0xEE, 0x08, 0x92, 0x19, 0x68, 0x0F, 0xBB, 0xEE,
|
||||
0x0F, 0xFF, 0xAF, 0x7F, 0x08, 0x55, 0x81, 0xE6, 0x12, 0x34, 0x12, 0xBD,
|
||||
0x2C, 0x8E, 0x8E, 0x9D, 0xC3, 0x34, 0x47, 0xF0, 0xF6, 0x01, 0x24, 0x05,
|
||||
0x3D, 0x2E, 0x2E, 0x3E, 0x9C, 0x19, 0x8C, 0x99, 0x19, 0x06, 0x93, 0xD0,
|
||||
0x14, 0x78, 0x89, 0x37, 0x2B, 0xA2, 0xD0, 0xBE, 0x67, 0x7C, 0xC6, 0xB3,
|
||||
0x61, 0x85, 0xF9, 0x4E, 0xC7, 0x33, 0x00, 0x45, 0x34, 0x1B, 0x3F, 0xD9,
|
||||
0xF1, 0xA4, 0x4B, 0x82, 0x34, 0x69, 0xF0, 0xE5, 0x4D, 0xCF, 0xC7, 0xAD,
|
||||
0xD9, 0xF7, 0x86, 0x84, 0x1A, 0x5B, 0x7D, 0xBA, 0x7B, 0xC1, 0xF8, 0xB0,
|
||||
0xE4, 0xAB, 0xA3, 0x05, 0xE0, 0xF0, 0x14, 0xDE, 0x8D, 0x7A, 0x98, 0xCA,
|
||||
0x02, 0xDE, 0x02, 0xB6, 0xCC, 0xE4, 0xF9, 0x84, 0x1A, 0x1D, 0x5E, 0x00,
|
||||
0x64, 0x80, 0x4F, 0x65, 0xDE, 0x48, 0x5D, 0x5C, 0x5C, 0x4B, 0x00, 0xD3,
|
||||
0x03, 0xF0, 0x77, 0xB2, 0x8F, 0x2A, 0xFE, 0x38, 0x73, 0x2D, 0xFE, 0xDC,
|
||||
0x18, 0xE0, 0x9A, 0xAC, 0x1D, 0x09, 0x41, 0x38, 0x99, 0x4C, 0xA6, 0x0E,
|
||||
0x0F, 0xB4, 0xC0, 0x59, 0x38, 0x31, 0xC7, 0x69, 0x8A, 0x6A, 0x94, 0x8E,
|
||||
0xEE, 0x38, 0x63, 0x2C, 0x4C, 0x0C, 0x65, 0x3F, 0xC6, 0xA2, 0x91, 0x48,
|
||||
0x0A, 0xE2, 0x09, 0x50, 0x8F, 0x9E, 0x91, 0xF8, 0xAC, 0x3B, 0xDA, 0xBA
|
||||
},
|
||||
/* uint8_t encrypted_user_update_key[R_TSIP_AES256_KEY_BYTE_SIZE + 16]; */
|
||||
{
|
||||
@ -77,100 +77,100 @@ const st_key_block_data_t g_key_block_data =
|
||||
* encrypted_user_rsa2048_public_key[R_TSIP_RSA2048_NE_KEY_BYTE_SIZE + 16]
|
||||
*/
|
||||
{
|
||||
0xAF, 0x8C, 0x78, 0xE3, 0x6C, 0x9E, 0xC6, 0x76, 0xE5, 0x86, 0x84, 0xBE,
|
||||
0xF5, 0x6C, 0xD7, 0x2B, 0x46, 0x24, 0x35, 0x99, 0xA5, 0x64, 0xDD, 0xFA,
|
||||
0x35, 0x22, 0x5A, 0xB8, 0x5F, 0xD8, 0x1E, 0xCF, 0xCC, 0x73, 0x10, 0xD6,
|
||||
0x13, 0x69, 0x8F, 0x36, 0xA9, 0x8E, 0x09, 0xDF, 0x83, 0x20, 0x85, 0xBE,
|
||||
0x81, 0x69, 0x51, 0x75, 0xCB, 0xA5, 0x90, 0x8C, 0xC1, 0x75, 0xBE, 0x0F,
|
||||
0x8C, 0xB6, 0xFE, 0x73, 0x03, 0x37, 0x03, 0x41, 0xC0, 0x98, 0xC2, 0xEE,
|
||||
0x2D, 0x1B, 0xDA, 0x10, 0x8B, 0xF6, 0xB6, 0x67, 0xE9, 0x29, 0xCD, 0xEC,
|
||||
0x4C, 0x4D, 0x84, 0x28, 0x61, 0x3A, 0xF5, 0x6D, 0xEE, 0x78, 0x45, 0xF3,
|
||||
0x17, 0xC9, 0x77, 0xAB, 0x56, 0x2C, 0x68, 0xCB, 0x14, 0x9F, 0x5A, 0xE7,
|
||||
0x11, 0xC7, 0x13, 0x4B, 0xDC, 0x31, 0x60, 0x77, 0xDA, 0x56, 0x0C, 0x15,
|
||||
0xB2, 0xA9, 0x73, 0x4C, 0xD3, 0x46, 0x29, 0x18, 0x1C, 0x8C, 0xFD, 0xCF,
|
||||
0xAC, 0x4B, 0x55, 0x30, 0x96, 0xDC, 0xE9, 0xC0, 0x6A, 0x74, 0x68, 0x1D,
|
||||
0x6B, 0x25, 0xB0, 0x8F, 0x0C, 0xD7, 0xDD, 0xFC, 0xA8, 0x15, 0x87, 0x3E,
|
||||
0xA3, 0x91, 0x46, 0x25, 0x6C, 0x6F, 0xC4, 0xB2, 0xE1, 0xB8, 0x5F, 0xF3,
|
||||
0x6A, 0x0D, 0x9C, 0x29, 0x08, 0x6F, 0x5E, 0xFF, 0xA0, 0x81, 0x34, 0xA5,
|
||||
0x2B, 0x2B, 0x47, 0xE0, 0x6D, 0x56, 0xD2, 0x52, 0xC7, 0x19, 0x63, 0x72,
|
||||
0x84, 0x96, 0x64, 0xA5, 0xF2, 0x92, 0x3C, 0x38, 0x37, 0x9F, 0x6A, 0x2D,
|
||||
0x58, 0x33, 0x8C, 0x5C, 0x27, 0x05, 0xCB, 0x4F, 0x62, 0x2F, 0x40, 0xE9,
|
||||
0x55, 0x2C, 0x75, 0x4B, 0x02, 0xB3, 0x61, 0xAD, 0x34, 0x14, 0x49, 0x26,
|
||||
0x94, 0x45, 0x9B, 0xB8, 0xDB, 0x1F, 0xCE, 0xE9, 0xB1, 0xBF, 0x47, 0xF3,
|
||||
0xD4, 0xAD, 0xEB, 0xBC, 0x4F, 0x61, 0xAD, 0x66, 0xAF, 0x10, 0x94, 0x5D,
|
||||
0x25, 0x5B, 0x52, 0xF3, 0xBC, 0xCE, 0x10, 0x77, 0x76, 0xE4, 0x5C, 0xCF,
|
||||
0xC3, 0xA4, 0xCC, 0x11, 0xD3, 0x1E, 0x02, 0x98, 0x33, 0xA5, 0xF7, 0xD9,
|
||||
0x43, 0xAB, 0x45, 0x9A, 0x97, 0x0D, 0x08, 0x03, 0xBD, 0xB2, 0xAB, 0x50
|
||||
0x7B, 0x9E, 0xC9, 0x21, 0x70, 0xDF, 0xC0, 0x9E, 0x06, 0x57, 0xB8, 0x44,
|
||||
0xD0, 0x95, 0x21, 0xD0, 0x37, 0xDC, 0xAE, 0x3A, 0xAF, 0xCD, 0x56, 0x51,
|
||||
0x3C, 0xEC, 0x82, 0xB1, 0xFE, 0xBF, 0x6E, 0x12, 0xE7, 0x79, 0x92, 0xF0,
|
||||
0x3F, 0x56, 0x8A, 0x46, 0x0E, 0x4D, 0x9D, 0xC9, 0x7D, 0xC9, 0x2D, 0xE9,
|
||||
0x07, 0x1C, 0x9A, 0x11, 0x2F, 0x92, 0x26, 0x40, 0xD7, 0x73, 0xC8, 0xB9,
|
||||
0xD0, 0xB8, 0x46, 0x42, 0x53, 0x23, 0x79, 0xBB, 0x3B, 0x97, 0x91, 0x11,
|
||||
0x70, 0x66, 0xB6, 0xF4, 0x7B, 0x2F, 0x65, 0x3C, 0xA0, 0xD0, 0x70, 0x58,
|
||||
0x3C, 0xA8, 0xD9, 0x79, 0x79, 0x14, 0x55, 0xA4, 0x73, 0xE3, 0x40, 0xBB,
|
||||
0xC7, 0x57, 0x5C, 0x30, 0x9C, 0xC5, 0xB5, 0x9D, 0x87, 0xFB, 0x6E, 0x66,
|
||||
0x9C, 0x77, 0xF8, 0x41, 0x75, 0x80, 0x30, 0x62, 0xD5, 0x20, 0xBA, 0xB4,
|
||||
0x5D, 0x33, 0x8F, 0xC1, 0x5F, 0x22, 0xF1, 0xD8, 0x09, 0x62, 0xA6, 0xE1,
|
||||
0x73, 0x50, 0x5B, 0x9B, 0xD7, 0x21, 0x8F, 0x38, 0x31, 0x5B, 0x79, 0x1D,
|
||||
0xF8, 0x50, 0xE0, 0x87, 0xC1, 0x6B, 0xC4, 0x4D, 0x25, 0x6C, 0xB2, 0x0B,
|
||||
0x88, 0x51, 0xB9, 0xB0, 0xDF, 0xC2, 0x6C, 0xC6, 0x52, 0xB8, 0x88, 0xC0,
|
||||
0x25, 0x31, 0x99, 0x61, 0xCA, 0x0F, 0xCB, 0x63, 0x9A, 0x90, 0xE3, 0xB3,
|
||||
0x11, 0xFD, 0xAB, 0x1F, 0x4C, 0x6B, 0xC5, 0x5C, 0x86, 0x29, 0x4C, 0x84,
|
||||
0xC8, 0xE9, 0x5A, 0xCE, 0xE6, 0x3F, 0x79, 0xD2, 0xDC, 0x6A, 0xDD, 0x5F,
|
||||
0x42, 0x45, 0x62, 0xB9, 0xE7, 0x64, 0x88, 0x2F, 0x70, 0x45, 0x1E, 0x9E,
|
||||
0xCF, 0x9A, 0x4C, 0x2A, 0x3D, 0x1C, 0x6C, 0x2F, 0x94, 0x27, 0xD4, 0x2A,
|
||||
0xE5, 0x55, 0xA5, 0x73, 0xB8, 0x74, 0x29, 0x74, 0xD6, 0xF4, 0x6C, 0xB7,
|
||||
0x6C, 0x9D, 0x26, 0x6D, 0x2E, 0xBF, 0x99, 0xCA, 0xDD, 0xEB, 0x48, 0xAD,
|
||||
0x71, 0xB1, 0x1B, 0x1E, 0xFB, 0xDE, 0x19, 0xB8, 0x11, 0x61, 0x09, 0xA2,
|
||||
0x89, 0x66, 0xE3, 0xA6, 0x3D, 0x7F, 0xFE, 0xFF, 0xE8, 0x1B, 0xD3, 0x2D,
|
||||
0xEA, 0xA5, 0x86, 0xCF, 0x96, 0xDE, 0xDE, 0xC1, 0x17, 0x96, 0x77, 0x41
|
||||
},
|
||||
/* uint8_t
|
||||
* encrypted_user_rsa2048_private_key[R_TSIP_RSA2048_ND_KEY_BYTE_SIZE + 16]
|
||||
*/
|
||||
{
|
||||
0xAF, 0x8C, 0x78, 0xE3, 0x6C, 0x9E, 0xC6, 0x76, 0xE5, 0x86, 0x84, 0xBE,
|
||||
0xF5, 0x6C, 0xD7, 0x2B, 0x46, 0x24, 0x35, 0x99, 0xA5, 0x64, 0xDD, 0xFA,
|
||||
0x35, 0x22, 0x5A, 0xB8, 0x5F, 0xD8, 0x1E, 0xCF, 0xCC, 0x73, 0x10, 0xD6,
|
||||
0x13, 0x69, 0x8F, 0x36, 0xA9, 0x8E, 0x09, 0xDF, 0x83, 0x20, 0x85, 0xBE,
|
||||
0x81, 0x69, 0x51, 0x75, 0xCB, 0xA5, 0x90, 0x8C, 0xC1, 0x75, 0xBE, 0x0F,
|
||||
0x8C, 0xB6, 0xFE, 0x73, 0x03, 0x37, 0x03, 0x41, 0xC0, 0x98, 0xC2, 0xEE,
|
||||
0x2D, 0x1B, 0xDA, 0x10, 0x8B, 0xF6, 0xB6, 0x67, 0xE9, 0x29, 0xCD, 0xEC,
|
||||
0x4C, 0x4D, 0x84, 0x28, 0x61, 0x3A, 0xF5, 0x6D, 0xEE, 0x78, 0x45, 0xF3,
|
||||
0x17, 0xC9, 0x77, 0xAB, 0x56, 0x2C, 0x68, 0xCB, 0x14, 0x9F, 0x5A, 0xE7,
|
||||
0x11, 0xC7, 0x13, 0x4B, 0xDC, 0x31, 0x60, 0x77, 0xDA, 0x56, 0x0C, 0x15,
|
||||
0xB2, 0xA9, 0x73, 0x4C, 0xD3, 0x46, 0x29, 0x18, 0x1C, 0x8C, 0xFD, 0xCF,
|
||||
0xAC, 0x4B, 0x55, 0x30, 0x96, 0xDC, 0xE9, 0xC0, 0x6A, 0x74, 0x68, 0x1D,
|
||||
0x6B, 0x25, 0xB0, 0x8F, 0x0C, 0xD7, 0xDD, 0xFC, 0xA8, 0x15, 0x87, 0x3E,
|
||||
0xA3, 0x91, 0x46, 0x25, 0x6C, 0x6F, 0xC4, 0xB2, 0xE1, 0xB8, 0x5F, 0xF3,
|
||||
0x6A, 0x0D, 0x9C, 0x29, 0x08, 0x6F, 0x5E, 0xFF, 0xA0, 0x81, 0x34, 0xA5,
|
||||
0x2B, 0x2B, 0x47, 0xE0, 0x6D, 0x56, 0xD2, 0x52, 0xC7, 0x19, 0x63, 0x72,
|
||||
0x84, 0x96, 0x64, 0xA5, 0xF2, 0x92, 0x3C, 0x38, 0x37, 0x9F, 0x6A, 0x2D,
|
||||
0x58, 0x33, 0x8C, 0x5C, 0x27, 0x05, 0xCB, 0x4F, 0x62, 0x2F, 0x40, 0xE9,
|
||||
0x55, 0x2C, 0x75, 0x4B, 0x02, 0xB3, 0x61, 0xAD, 0x34, 0x14, 0x49, 0x26,
|
||||
0x94, 0x45, 0x9B, 0xB8, 0xDB, 0x1F, 0xCE, 0xE9, 0xB1, 0xBF, 0x47, 0xF3,
|
||||
0xD4, 0xAD, 0xEB, 0xBC, 0x4F, 0x61, 0xAD, 0x66, 0xAF, 0x10, 0x94, 0x5D,
|
||||
0x25, 0x5B, 0x52, 0xF3, 0x44, 0xBA, 0x28, 0xF8, 0xF2, 0x01, 0x41, 0x61,
|
||||
0xF3, 0xE5, 0x91, 0x44, 0xF9, 0xA3, 0x56, 0xD8, 0xE9, 0x43, 0x0F, 0x78,
|
||||
0x7E, 0x1C, 0x01, 0xA6, 0xD7, 0x47, 0x87, 0x7C, 0xC5, 0xAF, 0x2A, 0xD3,
|
||||
0x71, 0x3A, 0x3E, 0x96, 0xF5, 0x8E, 0xA8, 0x1A, 0x89, 0x17, 0xCD, 0x52,
|
||||
0x7E, 0x98, 0x70, 0xB3, 0x57, 0x22, 0x59, 0x1C, 0xB7, 0x61, 0xD3, 0x32,
|
||||
0xE5, 0x2E, 0x6B, 0x6F, 0x2B, 0xD2, 0xAB, 0x27, 0x62, 0x65, 0xBE, 0x0B,
|
||||
0x8B, 0xFC, 0x9D, 0xB7, 0x3B, 0x4F, 0xA7, 0x35, 0xA6, 0xB3, 0x10, 0x98,
|
||||
0x6D, 0x47, 0x12, 0x16, 0x89, 0x33, 0x9A, 0x87, 0x85, 0x50, 0x21, 0x2B,
|
||||
0x03, 0xD0, 0x0C, 0x25, 0x52, 0xC1, 0xA4, 0xD9, 0x50, 0x57, 0x0A, 0x88,
|
||||
0x67, 0xE9, 0x55, 0x78, 0xFF, 0x23, 0xC0, 0xD1, 0xB6, 0xF4, 0xBD, 0x64,
|
||||
0x38, 0x9A, 0x59, 0xD8, 0x0C, 0xCA, 0x3C, 0x44, 0xBB, 0x31, 0x40, 0xF3,
|
||||
0x3F, 0x84, 0x74, 0x1A, 0x1B, 0xFB, 0x81, 0x22, 0x20, 0x0E, 0x68, 0x48,
|
||||
0x7F, 0xBF, 0xBB, 0xE2, 0xF7, 0xEA, 0x1C, 0xDD, 0x63, 0xAA, 0x3E, 0xFE,
|
||||
0x7A, 0xBD, 0x6C, 0x2A, 0x2C, 0x6C, 0x8E, 0x3C, 0xB6, 0x42, 0x2F, 0x42,
|
||||
0xF2, 0x17, 0x07, 0x2F, 0x4F, 0xAA, 0x4B, 0xA0, 0xE7, 0x98, 0xAE, 0x95,
|
||||
0x21, 0x2A, 0xF8, 0x1C, 0x33, 0x81, 0xC2, 0x64, 0xEC, 0xF3, 0xD7, 0x75,
|
||||
0x81, 0x61, 0x8C, 0xDF, 0x7F, 0x76, 0x6B, 0x44, 0x22, 0x36, 0xD3, 0x7F,
|
||||
0x17, 0x40, 0x84, 0xF8, 0xA8, 0x4B, 0xD5, 0xD4, 0x4E, 0xA1, 0x86, 0xDB,
|
||||
0x9B, 0xCD, 0xB6, 0x6C, 0xDF, 0x35, 0x0C, 0x0D, 0x7E, 0x0F, 0x01, 0x9C,
|
||||
0xF7, 0x6E, 0x89, 0xE6, 0x2F, 0x0E, 0xC5, 0xF3, 0xEA, 0x69, 0x8C, 0xA5,
|
||||
0xD5, 0x48, 0xEE, 0x5B, 0x77, 0x04, 0xFE, 0xC7, 0x56, 0x87, 0x27, 0xD4,
|
||||
0xF9, 0xCC, 0xB4, 0xB4, 0xB7, 0x1A, 0x85, 0x38, 0x0B, 0x93, 0xD2, 0x1D,
|
||||
0xD3, 0xDE, 0x7E, 0x45, 0xAF, 0x82, 0x46, 0x65, 0xFE, 0x59, 0x55, 0x83
|
||||
0x7B, 0x9E, 0xC9, 0x21, 0x70, 0xDF, 0xC0, 0x9E, 0x06, 0x57, 0xB8, 0x44,
|
||||
0xD0, 0x95, 0x21, 0xD0, 0x37, 0xDC, 0xAE, 0x3A, 0xAF, 0xCD, 0x56, 0x51,
|
||||
0x3C, 0xEC, 0x82, 0xB1, 0xFE, 0xBF, 0x6E, 0x12, 0xE7, 0x79, 0x92, 0xF0,
|
||||
0x3F, 0x56, 0x8A, 0x46, 0x0E, 0x4D, 0x9D, 0xC9, 0x7D, 0xC9, 0x2D, 0xE9,
|
||||
0x07, 0x1C, 0x9A, 0x11, 0x2F, 0x92, 0x26, 0x40, 0xD7, 0x73, 0xC8, 0xB9,
|
||||
0xD0, 0xB8, 0x46, 0x42, 0x53, 0x23, 0x79, 0xBB, 0x3B, 0x97, 0x91, 0x11,
|
||||
0x70, 0x66, 0xB6, 0xF4, 0x7B, 0x2F, 0x65, 0x3C, 0xA0, 0xD0, 0x70, 0x58,
|
||||
0x3C, 0xA8, 0xD9, 0x79, 0x79, 0x14, 0x55, 0xA4, 0x73, 0xE3, 0x40, 0xBB,
|
||||
0xC7, 0x57, 0x5C, 0x30, 0x9C, 0xC5, 0xB5, 0x9D, 0x87, 0xFB, 0x6E, 0x66,
|
||||
0x9C, 0x77, 0xF8, 0x41, 0x75, 0x80, 0x30, 0x62, 0xD5, 0x20, 0xBA, 0xB4,
|
||||
0x5D, 0x33, 0x8F, 0xC1, 0x5F, 0x22, 0xF1, 0xD8, 0x09, 0x62, 0xA6, 0xE1,
|
||||
0x73, 0x50, 0x5B, 0x9B, 0xD7, 0x21, 0x8F, 0x38, 0x31, 0x5B, 0x79, 0x1D,
|
||||
0xF8, 0x50, 0xE0, 0x87, 0xC1, 0x6B, 0xC4, 0x4D, 0x25, 0x6C, 0xB2, 0x0B,
|
||||
0x88, 0x51, 0xB9, 0xB0, 0xDF, 0xC2, 0x6C, 0xC6, 0x52, 0xB8, 0x88, 0xC0,
|
||||
0x25, 0x31, 0x99, 0x61, 0xCA, 0x0F, 0xCB, 0x63, 0x9A, 0x90, 0xE3, 0xB3,
|
||||
0x11, 0xFD, 0xAB, 0x1F, 0x4C, 0x6B, 0xC5, 0x5C, 0x86, 0x29, 0x4C, 0x84,
|
||||
0xC8, 0xE9, 0x5A, 0xCE, 0xE6, 0x3F, 0x79, 0xD2, 0xDC, 0x6A, 0xDD, 0x5F,
|
||||
0x42, 0x45, 0x62, 0xB9, 0xE7, 0x64, 0x88, 0x2F, 0x70, 0x45, 0x1E, 0x9E,
|
||||
0xCF, 0x9A, 0x4C, 0x2A, 0x3D, 0x1C, 0x6C, 0x2F, 0x94, 0x27, 0xD4, 0x2A,
|
||||
0xE5, 0x55, 0xA5, 0x73, 0xB8, 0x74, 0x29, 0x74, 0xD6, 0xF4, 0x6C, 0xB7,
|
||||
0x6C, 0x9D, 0x26, 0x6D, 0x2E, 0xBF, 0x99, 0xCA, 0xDD, 0xEB, 0x48, 0xAD,
|
||||
0x71, 0xB1, 0x1B, 0x1E, 0x45, 0xE8, 0xE9, 0xF1, 0x1F, 0x8D, 0x7B, 0x7B,
|
||||
0xD5, 0xDE, 0xE0, 0x8B, 0x67, 0x64, 0x4D, 0x9F, 0x6E, 0xC5, 0xB3, 0x03,
|
||||
0xC6, 0x35, 0x93, 0xE9, 0xE1, 0xA5, 0xC4, 0x6B, 0xD9, 0x29, 0xA6, 0x86,
|
||||
0xBB, 0x4B, 0xD9, 0xA4, 0x82, 0x68, 0xAF, 0x1E, 0x57, 0x30, 0x8C, 0xC6,
|
||||
0x94, 0xCA, 0xE5, 0xAB, 0x9E, 0x11, 0x51, 0x22, 0xEC, 0x28, 0x63, 0xBD,
|
||||
0xAA, 0xE8, 0xE5, 0x27, 0x7B, 0x68, 0x6C, 0x94, 0x42, 0xBA, 0x05, 0xEA,
|
||||
0x68, 0x5F, 0x18, 0xE9, 0x64, 0x23, 0x07, 0x11, 0xE4, 0x7B, 0x37, 0x77,
|
||||
0xFC, 0x35, 0xBC, 0xFC, 0x06, 0x2E, 0x7F, 0x15, 0xB8, 0xE1, 0x07, 0x42,
|
||||
0x04, 0xD2, 0x4A, 0xD5, 0x43, 0xE1, 0x49, 0x7C, 0x43, 0x49, 0x80, 0x3A,
|
||||
0x86, 0xE0, 0x10, 0x98, 0x77, 0xF2, 0x55, 0xC9, 0x21, 0x24, 0x6D, 0x01,
|
||||
0x36, 0xC5, 0x1F, 0xB8, 0x2D, 0x5B, 0x62, 0x99, 0x15, 0x74, 0x19, 0x44,
|
||||
0x82, 0xC1, 0x09, 0x16, 0x1B, 0xF1, 0x7E, 0xFD, 0xC5, 0xFD, 0x6C, 0x20,
|
||||
0xC3, 0x35, 0x8D, 0x46, 0xE3, 0x98, 0xCF, 0xE7, 0x6F, 0xC7, 0xD7, 0x71,
|
||||
0xCC, 0x95, 0x23, 0x60, 0xE7, 0x9E, 0x19, 0xD1, 0xA1, 0x0F, 0xDD, 0xFF,
|
||||
0x6B, 0x79, 0x12, 0x06, 0xB6, 0x12, 0x28, 0x42, 0x20, 0x16, 0x1C, 0xA4,
|
||||
0x0B, 0x94, 0x7D, 0xF5, 0xE3, 0x73, 0x62, 0x7B, 0x3B, 0x6B, 0xB7, 0xEC,
|
||||
0xCF, 0xAF, 0xF9, 0x8E, 0x09, 0x84, 0x50, 0x25, 0xF6, 0x2C, 0x1F, 0x7E,
|
||||
0x58, 0xE2, 0x5F, 0x06, 0x6D, 0xBB, 0x49, 0x9F, 0x29, 0x0A, 0x77, 0x95,
|
||||
0xF2, 0x02, 0xA6, 0x10, 0xC6, 0x3C, 0x12, 0xC5, 0xD3, 0xA2, 0x73, 0x0A,
|
||||
0x88, 0x86, 0x1D, 0xD7, 0x12, 0xF7, 0x49, 0x25, 0xFC, 0x81, 0x9F, 0xF6,
|
||||
0x2D, 0xF8, 0xB4, 0xE9, 0xE7, 0xC5, 0x3D, 0x40, 0x73, 0x6C, 0xFD, 0xE7,
|
||||
0xDA, 0x42, 0x34, 0xDB, 0x88, 0x72, 0x9E, 0xAE, 0x22, 0x68, 0x5B, 0xB1,
|
||||
0x68, 0xF7, 0xF7, 0x2A, 0xD6, 0x6A, 0x02, 0x07, 0x5F, 0x8F, 0xD7, 0xE9
|
||||
},
|
||||
/* uint8_t
|
||||
* encrypted_user_ecc256_public_key[R_TSIP_ECC_PUBLIC_KEY_BYTE_SIZE + 16];
|
||||
*/
|
||||
{
|
||||
0xAD, 0x59, 0x2A, 0x12, 0xAA, 0xA8, 0x34, 0x30, 0xD4, 0xC9, 0xA1, 0x5A,
|
||||
0xD2, 0xD8, 0xF8, 0x99, 0xA0, 0x26, 0x87, 0x27, 0x90, 0x39, 0x00, 0xEA,
|
||||
0x64, 0x8F, 0x70, 0xF8, 0x1A, 0xA7, 0x44, 0xC8, 0xE6, 0x66, 0xCB, 0xF6,
|
||||
0x8B, 0x00, 0xC7, 0x86, 0x2B, 0x14, 0x98, 0xDB, 0x03, 0xE8, 0xD5, 0x02,
|
||||
0xB8, 0x02, 0x6D, 0x73, 0x66, 0x19, 0x94, 0x83, 0xC4, 0xB9, 0x57, 0x3D,
|
||||
0xFE, 0xA7, 0x19, 0xAC, 0xBC, 0xE3, 0x75, 0x40, 0xC2, 0x48, 0x5E, 0xEF,
|
||||
0x1E, 0x9E, 0xCC, 0xE2, 0xAC, 0xE6, 0xC8, 0x08
|
||||
0xF2, 0x01, 0x30, 0xFE, 0x9F, 0xC6, 0x8F, 0x18, 0x81, 0xD9, 0xFF, 0xB9,
|
||||
0x8F, 0xF3, 0x93, 0x7E, 0xBA, 0x5C, 0x12, 0xA1, 0x7F, 0x39, 0x85, 0x3E,
|
||||
0xB0, 0xE7, 0x3E, 0xC7, 0xEF, 0x48, 0xA7, 0x75, 0x7B, 0x24, 0x16, 0x63,
|
||||
0x7B, 0x8D, 0x13, 0x5B, 0xCA, 0xC9, 0xF7, 0xB1, 0xC7, 0x46, 0xCE, 0xBB,
|
||||
0xB9, 0xEE, 0x89, 0xAE, 0x90, 0xDF, 0x74, 0xF1, 0x2B, 0x61, 0x41, 0x2B,
|
||||
0xF9, 0x5D, 0x41, 0x14, 0x92, 0x9E, 0xBC, 0x9D, 0xFE, 0x0D, 0x9A, 0x72,
|
||||
0x5A, 0x52, 0x3F, 0xE1, 0xFA, 0xED, 0x40, 0x47
|
||||
},
|
||||
/* uint8_t
|
||||
* encrypted_user_ecc256_private_key[R_TSIP_ECC_PRIVATE_KEY_BYTE_SIZE + 16];
|
||||
*/
|
||||
{
|
||||
0xE6, 0x6C, 0xB8, 0x7C, 0xDB, 0x85, 0x50, 0x51, 0x4A, 0x75, 0x38, 0xA4,
|
||||
0x74, 0x7A, 0x8C, 0x7C, 0x07, 0x71, 0x0E, 0x52, 0xC3, 0x19, 0xD1, 0xE6,
|
||||
0xF8, 0x36, 0xD2, 0xD3, 0x53, 0xF8, 0xA7, 0xCE, 0xBC, 0xBE, 0xAE, 0x62,
|
||||
0x7F, 0x00, 0x54, 0xB1, 0x01, 0x11, 0xCA, 0xE3, 0x77, 0x3E, 0x2E, 0x21
|
||||
0x49, 0x3E, 0xC8, 0x9B, 0xB0, 0x04, 0xAE, 0x16, 0x98, 0xB2, 0x57, 0x70,
|
||||
0x8D, 0x40, 0x6B, 0xAC, 0x59, 0xDD, 0x09, 0xB8, 0xCC, 0x10, 0xDE, 0xBE,
|
||||
0x4F, 0xD4, 0x9E, 0x6B, 0xB4, 0x03, 0x85, 0x95, 0x73, 0xA7, 0x48, 0x6D,
|
||||
0x08, 0xD8, 0x71, 0xD7, 0xDA, 0x50, 0x2F, 0x18, 0x48, 0x3D, 0xBF, 0x02
|
||||
},
|
||||
|
||||
};
|
||||
@ -186,87 +186,95 @@ const uint32_t encrypted_user_key_type =
|
||||
|
||||
const unsigned char ca_ecc_cert_der_sig[] =
|
||||
{
|
||||
0xc0, 0x3c, 0x28, 0xef, 0x6c, 0xd5, 0x6c, 0x36, 0xc5, 0xe5, 0xb0, 0xaa,
|
||||
0xd0, 0x6a, 0x33, 0x1d, 0x7b, 0x28, 0x9f, 0xb2, 0x12, 0x8c, 0x0c, 0x5c,
|
||||
0x30, 0xdf, 0x8f, 0x3f, 0x2e, 0x72, 0x0f, 0x3d, 0x8d, 0x4a, 0x1d, 0xa6,
|
||||
0xc5, 0x1f, 0xb4, 0xf2, 0x18, 0xf1, 0x65, 0x40, 0x8e, 0xf2, 0x06, 0x0a,
|
||||
0xda, 0xa4, 0xd6, 0x3d, 0x87, 0x61, 0x00, 0xd6, 0x89, 0x4e, 0x77, 0xbd,
|
||||
0x57, 0xd7, 0x5f, 0x04, 0xe9, 0x0c, 0x96, 0x68, 0xa9, 0x72, 0xa2, 0xba,
|
||||
0x46, 0x3f, 0x35, 0xeb, 0xf9, 0x4f, 0x10, 0xfd, 0x51, 0x39, 0x7c, 0x44,
|
||||
0xa8, 0xa8, 0xd3, 0x62, 0x81, 0x2f, 0x82, 0x90, 0x3e, 0xea, 0xe9, 0xbc,
|
||||
0x2e, 0xd1, 0x19, 0xc0, 0xb6, 0xd7, 0xc0, 0x22, 0x7c, 0xc1, 0x64, 0x61,
|
||||
0xd2, 0x79, 0x01, 0x2d, 0x19, 0x7a, 0xf0, 0x34, 0x68, 0x78, 0x01, 0x35,
|
||||
0x7f, 0xe2, 0xbe, 0x11, 0x8f, 0x0d, 0x04, 0xa8, 0xa4, 0x7b, 0x4e, 0x7a,
|
||||
0x9c, 0xa0, 0x91, 0x3f, 0x7d, 0xdf, 0xe4, 0x69, 0x2f, 0x9b, 0x73, 0xc6,
|
||||
0x1d, 0x4b, 0x3e, 0xcd, 0xa8, 0x2d, 0xf1, 0xfc, 0x35, 0x5c, 0xae, 0x7e,
|
||||
0xef, 0xd9, 0x91, 0x7c, 0x32, 0xc3, 0x5a, 0xcb, 0x5f, 0xd9, 0x99, 0x1b,
|
||||
0xb3, 0x6d, 0xa1, 0xaf, 0x69, 0x45, 0x41, 0xca, 0x92, 0x01, 0x93, 0x18,
|
||||
0xb7, 0x4c, 0x35, 0xe0, 0x11, 0x16, 0xc7, 0xf2, 0xf9, 0xf1, 0x9e, 0xa5,
|
||||
0xda, 0x60, 0x41, 0x78, 0x67, 0xef, 0x2f, 0x85, 0x08, 0xfe, 0x21, 0x1f,
|
||||
0xdd, 0x31, 0xce, 0x70, 0xf2, 0xe2, 0x6f, 0xc1, 0x5f, 0xce, 0xa7, 0x4c,
|
||||
0x3a, 0x1a, 0x81, 0x5d, 0xec, 0x35, 0xad, 0xf3, 0xb4, 0x46, 0x83, 0x9b,
|
||||
0x95, 0x98, 0xcc, 0xa5, 0x46, 0x74, 0xdf, 0xca, 0xf9, 0x2e, 0x86, 0xe8,
|
||||
0x04, 0x18, 0x33, 0x91, 0x94, 0xb7, 0xca, 0x98, 0xf7, 0xc2, 0xfe, 0x99,
|
||||
0xc0, 0x73, 0x11, 0x1e
|
||||
0x85, 0x76, 0x96, 0x7D, 0xB5, 0x14, 0xD9, 0x4F, 0x3E, 0xCF,
|
||||
0xF3, 0xD3, 0xAB, 0x76, 0x77, 0xBA, 0xDB, 0xB8, 0x87, 0xD2,
|
||||
0x2E, 0xB5, 0x87, 0x69, 0x79, 0x8C, 0x34, 0x1A, 0x06, 0xB9,
|
||||
0xD5, 0x0D, 0xA8, 0x4B, 0x05, 0x6A, 0xF4, 0x26, 0x86, 0xB6,
|
||||
0x91, 0x0F, 0x27, 0x6F, 0xA7, 0xF1, 0x3C, 0xEC, 0x3D, 0x34,
|
||||
0xE7, 0x82, 0xEB, 0x10, 0xE6, 0xFA, 0x04, 0x11, 0x78, 0xCD,
|
||||
0xEB, 0xA0, 0xB4, 0x6C, 0xBC, 0x7C, 0x8C, 0x83, 0xD3, 0x68,
|
||||
0xC2, 0x72, 0x17, 0xE0, 0x41, 0xA3, 0xE3, 0x5A, 0xB6, 0x2D,
|
||||
0x52, 0xA4, 0x4A, 0x4E, 0x9B, 0x3E, 0x98, 0xD7, 0xBB, 0x17,
|
||||
0xF5, 0x19, 0xAB, 0x30, 0xBF, 0xE2, 0x8B, 0xD7, 0x47, 0x7B,
|
||||
0x99, 0x7B, 0x97, 0x46, 0x53, 0x34, 0xCA, 0x74, 0x00, 0x39,
|
||||
0x04, 0x6F, 0x0B, 0xC0, 0x42, 0x73, 0x65, 0xCA, 0x3F, 0xE2,
|
||||
0x58, 0x1E, 0x26, 0xE5, 0xA2, 0x86, 0x63, 0xF3, 0x41, 0x89,
|
||||
0x0E, 0x6B, 0x74, 0xF4, 0x73, 0x4D, 0x8E, 0x04, 0x1E, 0x64,
|
||||
0x7E, 0x9C, 0x37, 0x3A, 0xF2, 0x4E, 0x5B, 0xF2, 0x67, 0x9A,
|
||||
0x48, 0xFB, 0x70, 0xDD, 0x70, 0x8C, 0xC0, 0x8F, 0xE9, 0x77,
|
||||
0x7B, 0xC0, 0x1F, 0xB7, 0xE2, 0xB8, 0xC2, 0x67, 0xF0, 0x1D,
|
||||
0x13, 0xFB, 0x8D, 0xEB, 0x69, 0xE8, 0xC0, 0x31, 0xAC, 0xB9,
|
||||
0x0C, 0x2D, 0x89, 0x77, 0x81, 0xC5, 0x87, 0xDD, 0x28, 0x7C,
|
||||
0x03, 0x34, 0xFA, 0xD8, 0xE5, 0x20, 0x4A, 0x88, 0x42, 0x6B,
|
||||
0x16, 0x55, 0x33, 0x16, 0x57, 0x19, 0x6B, 0x5A, 0x0C, 0xAC,
|
||||
0x12, 0xF4, 0x72, 0x7B, 0x1C, 0x8E, 0x85, 0xCE, 0x2D, 0xE7,
|
||||
0x94, 0xAD, 0xFC, 0xA8, 0x92, 0x70, 0xE0, 0xFA, 0x19, 0xB3,
|
||||
0xB4, 0x97, 0x25, 0x10, 0xCB, 0x27, 0x74, 0x57, 0x5D, 0x22,
|
||||
0xDB, 0x1D, 0x2F, 0xB4, 0x27, 0x52, 0xDE, 0x56, 0x77, 0xFB,
|
||||
0xBA, 0x75, 0x5F, 0xC3, 0x84, 0xA6
|
||||
};
|
||||
const int sizeof_ca_ecc_cert_sig = sizeof(ca_ecc_cert_der_sig);
|
||||
|
||||
/* ./ca-cert.der.sign, */
|
||||
const unsigned char ca_cert_der_sig[] =
|
||||
{
|
||||
0x97, 0x8f, 0x90, 0x03, 0x0b, 0xca, 0xdf, 0x8f, 0xe8, 0x51, 0x23, 0xba,
|
||||
0x14, 0xfb, 0x28, 0xb8, 0x5c, 0x58, 0x0d, 0x6e, 0x8b, 0x97, 0x0f, 0x89,
|
||||
0x63, 0xc2, 0xd6, 0xb3, 0xf0, 0x16, 0x35, 0x74, 0x9d, 0xb9, 0xd7, 0x18,
|
||||
0x14, 0x86, 0x91, 0xe0, 0xcd, 0xb3, 0x28, 0x63, 0x16, 0xf4, 0x6c, 0xb1,
|
||||
0xd3, 0x93, 0xb6, 0x6e, 0xd9, 0x66, 0xcd, 0x65, 0x39, 0x7b, 0x1b, 0x74,
|
||||
0x5c, 0xde, 0x20, 0xd4, 0x46, 0x60, 0x2f, 0xc0, 0x10, 0xf5, 0x49, 0x4a,
|
||||
0x8d, 0x31, 0x29, 0x9b, 0x8a, 0xea, 0xf4, 0x8a, 0xaf, 0xc4, 0x84, 0xd7,
|
||||
0x42, 0xef, 0xaf, 0x14, 0x17, 0x44, 0xed, 0x6e, 0x2b, 0xd9, 0x70, 0xed,
|
||||
0x3e, 0x40, 0xf0, 0xef, 0x75, 0x4c, 0x05, 0x1f, 0xc3, 0x37, 0xec, 0xc2,
|
||||
0xcd, 0xcc, 0xce, 0x39, 0x61, 0xa0, 0xea, 0x16, 0x84, 0x6d, 0xde, 0xe7,
|
||||
0xf4, 0x0d, 0x8c, 0xf7, 0x69, 0x81, 0x64, 0x09, 0x16, 0xa7, 0x5b, 0x34,
|
||||
0x83, 0xe5, 0x73, 0xcf, 0x02, 0xf4, 0x37, 0x96, 0x93, 0x27, 0x72, 0x47,
|
||||
0x71, 0xca, 0x56, 0xcd, 0xd2, 0x85, 0x48, 0xe5, 0x9e, 0x1f, 0x39, 0x52,
|
||||
0xc1, 0xc3, 0x9c, 0x6b, 0x98, 0x41, 0xc2, 0x0a, 0x77, 0x94, 0xe5, 0x84,
|
||||
0x44, 0xe7, 0x94, 0xee, 0x5f, 0x05, 0x62, 0xad, 0xe5, 0xe5, 0xc9, 0x7e,
|
||||
0x02, 0x31, 0x85, 0xca, 0x28, 0x2d, 0x0d, 0x7f, 0x30, 0x5d, 0xb5, 0xaa,
|
||||
0x12, 0x81, 0x25, 0x37, 0x4a, 0xf2, 0x95, 0x81, 0xda, 0x76, 0xb4, 0x89,
|
||||
0x76, 0x8a, 0x0c, 0x8d, 0xdf, 0xed, 0xd5, 0x48, 0xa8, 0xc8, 0x6d, 0xf4,
|
||||
0xbf, 0x98, 0xa3, 0xc5, 0x42, 0x7d, 0xd2, 0x21, 0x2c, 0x8d, 0x57, 0xd0,
|
||||
0x91, 0x16, 0xee, 0x83, 0xd0, 0xa1, 0x8f, 0x05, 0x50, 0x2b, 0x6e, 0xe8,
|
||||
0x52, 0xf7, 0xbe, 0x96, 0x89, 0x40, 0xca, 0x9c, 0x19, 0x5a, 0xfc, 0xae,
|
||||
0x1d, 0xdb, 0x57, 0xb8
|
||||
0x3C, 0x99, 0x92, 0x6F, 0x0A, 0xE7, 0xC1, 0x31, 0x1F, 0xC2,
|
||||
0x60, 0xFD, 0x26, 0x54, 0x2F, 0xEA, 0xA4, 0xB6, 0x99, 0x8F,
|
||||
0xCF, 0x01, 0x6F, 0x37, 0x7A, 0xF5, 0xB7, 0xD1, 0xCC, 0x51,
|
||||
0x0B, 0x34, 0xF1, 0xF4, 0xF0, 0x48, 0xCF, 0x53, 0xD3, 0xE1,
|
||||
0xF1, 0x08, 0xD1, 0x3F, 0x2B, 0x9A, 0x0E, 0x5A, 0x15, 0xB7,
|
||||
0xAD, 0x14, 0x27, 0x24, 0x70, 0xE8, 0x02, 0x68, 0x21, 0xA2,
|
||||
0xA2, 0x9D, 0x63, 0x41, 0x6A, 0xE3, 0xD2, 0xC9, 0x48, 0x7B,
|
||||
0xF2, 0x6E, 0x7A, 0x80, 0xB8, 0xA9, 0x28, 0x61, 0x7B, 0x93,
|
||||
0x93, 0x18, 0x68, 0x19, 0x6A, 0x6F, 0x78, 0x53, 0x32, 0xBF,
|
||||
0xAB, 0x28, 0x10, 0x44, 0xAC, 0xB9, 0x15, 0xFD, 0x51, 0xFE,
|
||||
0x5E, 0x47, 0x07, 0xCD, 0xAF, 0x94, 0x69, 0x7A, 0x66, 0x31,
|
||||
0x3E, 0xED, 0x1B, 0x93, 0x97, 0x1A, 0x83, 0xA2, 0xC7, 0x5B,
|
||||
0xD3, 0x34, 0xAE, 0x24, 0xC8, 0xE9, 0xA9, 0x9E, 0x64, 0xEA,
|
||||
0x57, 0xA8, 0xA8, 0xD8, 0xA2, 0x74, 0x5F, 0xDB, 0x70, 0xCC,
|
||||
0x07, 0x1D, 0xD0, 0xA7, 0x91, 0x61, 0xD6, 0x9F, 0x6F, 0x77,
|
||||
0x80, 0xE9, 0x6C, 0x2F, 0x90, 0xF1, 0xBE, 0x25, 0x3F, 0x1C,
|
||||
0x76, 0xB6, 0xAC, 0xD7, 0xD1, 0x1E, 0x97, 0x15, 0x94, 0x96,
|
||||
0xD6, 0xF6, 0xBF, 0x39, 0x6D, 0xC7, 0xF5, 0x13, 0xE0, 0xBB,
|
||||
0xC4, 0xDC, 0x18, 0x13, 0x65, 0x2B, 0x80, 0x23, 0x9A, 0x6A,
|
||||
0x70, 0x30, 0x9A, 0xB3, 0xE5, 0x2D, 0xC1, 0xCB, 0xBF, 0x5A,
|
||||
0xC2, 0xEE, 0xF6, 0x65, 0x50, 0xD4, 0xF2, 0xA3, 0xD5, 0xF9,
|
||||
0xF8, 0x16, 0xD3, 0x05, 0xAC, 0xE9, 0x8B, 0x5A, 0x75, 0xD7,
|
||||
0xF9, 0xB9, 0x05, 0xF3, 0x9C, 0xD0, 0xCE, 0x39, 0xA5, 0x7D,
|
||||
0xB6, 0xC6, 0x78, 0x6A, 0x31, 0x6C, 0xD2, 0xBB, 0x6F, 0x8E,
|
||||
0x11, 0xD4, 0x84, 0x8B, 0x21, 0x65, 0xFC, 0x2D, 0xD3, 0x51,
|
||||
0xC6, 0x31, 0x80, 0xCD, 0xE9, 0x5F
|
||||
};
|
||||
const int sizeof_ca_cert_sig = sizeof(ca_cert_der_sig);
|
||||
/* ./client-cert.der.sign, */
|
||||
const unsigned char client_cert_der_sign[] =
|
||||
{
|
||||
0x5D, 0x1F, 0x89, 0x41, 0xEC, 0x47, 0xC8, 0x90, 0x61, 0x79,
|
||||
0x8A, 0x16, 0x1F, 0x31, 0x96, 0x67, 0xD9, 0x3C, 0xEC, 0x6B,
|
||||
0x58, 0xC6, 0x5A, 0xED, 0x99, 0xB3, 0xEF, 0x27, 0x6F, 0x04,
|
||||
0x8C, 0xD9, 0x68, 0xB1, 0xD6, 0x23, 0x15, 0x84, 0x00, 0xE1,
|
||||
0x27, 0xD1, 0x1F, 0x68, 0xB7, 0x3F, 0x13, 0x53, 0x8A, 0x95,
|
||||
0x5A, 0x20, 0x7C, 0xB2, 0x76, 0x5B, 0xDC, 0xE0, 0xA6, 0x21,
|
||||
0x7C, 0x49, 0xCF, 0x93, 0xBA, 0xD5, 0x12, 0x9F, 0xEE, 0x90,
|
||||
0x5B, 0x3F, 0xA3, 0x9D, 0x13, 0x72, 0xAC, 0x72, 0x16, 0xFE,
|
||||
0x1D, 0xBE, 0xEB, 0x8E, 0xC7, 0xDC, 0xC4, 0xF8, 0x1A, 0xD8,
|
||||
0xA0, 0xA4, 0xF6, 0x04, 0x30, 0xF6, 0x7E, 0xB6, 0xC8, 0xE1,
|
||||
0xAB, 0x88, 0x37, 0x08, 0x63, 0x72, 0xAA, 0x46, 0xCC, 0xCA,
|
||||
0xF0, 0x9E, 0x02, 0x1E, 0x65, 0x67, 0xFF, 0x2C, 0x9D, 0x81,
|
||||
0x6C, 0x1E, 0xF1, 0x54, 0x05, 0x68, 0x68, 0x18, 0x72, 0x26,
|
||||
0x55, 0xB6, 0x2C, 0x95, 0xC0, 0xC9, 0xB2, 0xA7, 0x0B, 0x60,
|
||||
0xD7, 0xEB, 0x1D, 0x08, 0x1A, 0xA2, 0x54, 0x15, 0x89, 0xCB,
|
||||
0x83, 0x21, 0x5D, 0x15, 0x9B, 0x38, 0xAC, 0x89, 0x63, 0xD5,
|
||||
0x4B, 0xF4, 0x8B, 0x47, 0x93, 0x78, 0x43, 0xCB, 0x9B, 0x71,
|
||||
0xBF, 0x94, 0x76, 0xB5, 0xCE, 0x35, 0xA9, 0x1A, 0xD5, 0xA5,
|
||||
0xD8, 0x19, 0xA6, 0x04, 0x39, 0xB1, 0x09, 0x8C, 0x65, 0x02,
|
||||
0x58, 0x3A, 0x95, 0xEF, 0xA2, 0xC3, 0x85, 0x18, 0x61, 0x23,
|
||||
0x2D, 0xC5, 0xCD, 0x62, 0xC1, 0x19, 0x31, 0xE5, 0x36, 0x95,
|
||||
0x22, 0xDB, 0x3E, 0x1A, 0x3C, 0xE8, 0xC6, 0x2E, 0xDF, 0xD9,
|
||||
0x2F, 0x84, 0xC1, 0xF0, 0x38, 0x2B, 0xE5, 0x73, 0x35, 0x4F,
|
||||
0x05, 0xE2, 0xA5, 0x60, 0x79, 0xB0, 0x23, 0xDC, 0x56, 0x4C,
|
||||
0xE7, 0xD9, 0x1F, 0xCF, 0x6A, 0xFC, 0x55, 0xEB, 0xAA, 0x48,
|
||||
0x3E, 0x95, 0x2A, 0x10, 0x01, 0x05
|
||||
0x58, 0x04, 0xD2, 0xCA, 0x82, 0x7F, 0x7C, 0xB3, 0x93, 0x8A,
|
||||
0x81, 0x5F, 0x48, 0x91, 0xA4, 0x04, 0x13, 0x55, 0x20, 0x02,
|
||||
0x1A, 0xCC, 0xD6, 0x09, 0x56, 0x89, 0x37, 0xBD, 0x3F, 0x88,
|
||||
0x10, 0x3E, 0x8D, 0x2E, 0x30, 0x0E, 0x97, 0xA8, 0x68, 0xE1,
|
||||
0xAE, 0x00, 0x9A, 0x42, 0xA0, 0xAF, 0x3E, 0xAE, 0xFF, 0xFF,
|
||||
0xA7, 0xF3, 0x9C, 0xA7, 0x59, 0xB1, 0xA9, 0x67, 0x2D, 0xCE,
|
||||
0xAE, 0x27, 0x0D, 0x9F, 0x22, 0x99, 0x43, 0x49, 0xC3, 0xC7,
|
||||
0x50, 0x11, 0xDB, 0xD4, 0xE8, 0xA4, 0x6B, 0x30, 0x95, 0x6C,
|
||||
0x66, 0x69, 0xF2, 0x2D, 0xE4, 0x41, 0x7D, 0x45, 0x73, 0xD5,
|
||||
0xE7, 0x3D, 0x15, 0x34, 0x99, 0xB7, 0x27, 0xAC, 0xFB, 0x6D,
|
||||
0xDC, 0xFF, 0x1F, 0x17, 0xF3, 0x37, 0x92, 0x44, 0x58, 0x57,
|
||||
0x50, 0xA6, 0x3A, 0xB4, 0xB2, 0xB9, 0xAE, 0x8E, 0x4E, 0x63,
|
||||
0x42, 0xBD, 0xDD, 0xAA, 0xC8, 0x26, 0x0D, 0xE8, 0x57, 0xCF,
|
||||
0xBD, 0x75, 0xAB, 0xDD, 0x92, 0x53, 0x1F, 0x7A, 0x9F, 0x4D,
|
||||
0x0E, 0xB0, 0xF5, 0x7F, 0xCE, 0x92, 0xD4, 0xEC, 0x3E, 0x44,
|
||||
0x99, 0x27, 0x32, 0x42, 0xFA, 0x68, 0xCE, 0x2E, 0x75, 0x31,
|
||||
0xEE, 0x74, 0xDA, 0xB4, 0x42, 0x8C, 0x30, 0xF8, 0xB7, 0xB6,
|
||||
0xF4, 0x29, 0x5C, 0x18, 0x59, 0xE8, 0x39, 0x06, 0xF2, 0xDB,
|
||||
0x50, 0xC4, 0x75, 0x3A, 0xD2, 0xDA, 0x9B, 0xEA, 0xBF, 0x80,
|
||||
0x42, 0x97, 0x01, 0x7B, 0xBA, 0x5D, 0xA0, 0x29, 0x40, 0xAE,
|
||||
0x3C, 0x4D, 0x75, 0x98, 0xEB, 0xCE, 0x5E, 0x67, 0xDC, 0xE3,
|
||||
0xC5, 0x70, 0x8F, 0x22, 0x15, 0xCB, 0x31, 0x39, 0x8F, 0x6E,
|
||||
0x8B, 0xA9, 0x22, 0x09, 0x18, 0xDC, 0x19, 0xD5, 0x65, 0x5E,
|
||||
0xD5, 0x59, 0xAE, 0xD9, 0xAD, 0xF7, 0x9C, 0x2C, 0xD5, 0x79,
|
||||
0x15, 0x62, 0xF8, 0xAE, 0xBA, 0x11, 0x24, 0x98, 0xC8, 0xB6,
|
||||
0xF5, 0xDE, 0x32, 0x10, 0x03, 0x07
|
||||
};
|
||||
const int sizeof_client_cert_der_sign = sizeof(client_cert_der_sign);
|
||||
|
||||
|
@ -246,7 +246,6 @@
|
||||
#define WOLFSSL_RENESAS_TSIP_TLS
|
||||
|
||||
#if !defined(NO_RENESAS_TSIP_CRYPT)
|
||||
#define WOLFSSL_RENESAS_TSIP_CRYPTONLY
|
||||
#define HAVE_PK_CALLBACKS
|
||||
#define WOLF_CRYPTO_CB
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
|
@ -107,7 +107,6 @@ typedef struct tagInfo
|
||||
|
||||
void Clr_CallbackCtx(TsipUserCtx *g)
|
||||
{
|
||||
|
||||
if (g->rsa1024pri_keyIdx != NULL)
|
||||
XFREE(g->rsa1024pri_keyIdx,
|
||||
NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@ -1158,11 +1157,10 @@ int tsip_crypt_test()
|
||||
ret = tsip_aesgcm256_test(1, &g_user_aes256_key_index1);
|
||||
|
||||
}
|
||||
#if defined(WOLFSSL_KEY_GEN)&& \
|
||||
#if defined(WOLFSSL_KEY_GEN) && \
|
||||
defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
|
||||
if (ret == 0) {
|
||||
|
||||
Clr_CallbackCtx(&userContext);
|
||||
|
||||
ret = wc_CryptoCb_CryptInitRenesasCmn(NULL, &userContext);
|
||||
@ -1172,11 +1170,10 @@ int tsip_crypt_test()
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
|
||||
printf(" tsip_rsa_SignVerify_test(1024)");
|
||||
|
||||
userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA1024;
|
||||
userContext.sing_hash_type = sha256_mac;
|
||||
userContext.sign_hash_type = sha256_mac;
|
||||
userContext.keyflgs_crypt.bits.message_type = 0;
|
||||
|
||||
ret = tsip_rsa_SignVerify_test(1, 1024);
|
||||
@ -1189,7 +1186,7 @@ int tsip_crypt_test()
|
||||
printf(" tsip_rsa_SignVerify_test(2048)");
|
||||
|
||||
userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA2048;
|
||||
userContext.sing_hash_type = sha256_mac;
|
||||
userContext.sign_hash_type = sha256_mac;
|
||||
userContext.keyflgs_crypt.bits.message_type = 0;
|
||||
|
||||
ret = tsip_rsa_SignVerify_test(1, 2048);
|
||||
|
@ -4769,11 +4769,6 @@ then
|
||||
AC_MSG_ERROR([please disable dsa if disabling asn.])
|
||||
fi
|
||||
|
||||
if test "x$ENABLED_ECC" != "xno" && test "x$ENABLED_ASN" = "xno"
|
||||
then
|
||||
AC_MSG_ERROR([please disable ecc if disabling asn.])
|
||||
fi
|
||||
|
||||
# No Big Int (ASN, DSA, RSA, DH, ECC and compatibility layer need bigint)
|
||||
if test "$ENABLED_ASN" = "no" && test "$ENABLED_DSA" = "no" && \
|
||||
test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" = "no" && \
|
||||
|
@ -10663,11 +10663,15 @@ void bench_ecc(int useDeviceID, int curveId)
|
||||
BENCH_MAX_PENDING, MAX_ECC_BYTES, HEAP_HINT);
|
||||
#endif
|
||||
|
||||
#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
|
||||
/* old scan-build misfires -Wmaybe-uninitialized on these. */
|
||||
XMEMSET(sig, 0, sizeof(sig));
|
||||
XMEMSET(digest, 0, sizeof(digest));
|
||||
XMEMSET(shared, 0, sizeof(shared));
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ECC_DHE
|
||||
XMEMSET(shared, 0, sizeof(shared));
|
||||
#endif
|
||||
WC_CALLOC_ARRAY(genKey, ecc_key, BENCH_MAX_PENDING,
|
||||
sizeof(ecc_key), HEAP_HINT);
|
||||
|
||||
|
@ -6395,9 +6395,6 @@ static int wc_ecc_get_curve_order_bit_count(const ecc_set_type* dp)
|
||||
|
||||
#ifdef HAVE_ECC_SIGN
|
||||
|
||||
#ifndef NO_ASN
|
||||
|
||||
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
|
||||
defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL) || \
|
||||
defined(WOLFSSL_SILABS_SE_ACCEL) || defined(WOLFSSL_KCAPI_ECC) || \
|
||||
@ -6722,6 +6719,9 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
|
||||
DECL_MP_INT_SIZE_DYN(r, ECC_KEY_MAX_BITS(key), MAX_ECC_BITS_USE);
|
||||
DECL_MP_INT_SIZE_DYN(s, ECC_KEY_MAX_BITS(key), MAX_ECC_BITS_USE);
|
||||
#endif
|
||||
#ifdef NO_ASN
|
||||
word32 keySz;
|
||||
#endif
|
||||
|
||||
if (in == NULL || out == NULL || outlen == NULL || key == NULL) {
|
||||
return ECC_BAD_ARG_E;
|
||||
@ -6758,17 +6758,17 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
|
||||
#else
|
||||
|
||||
NEW_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC);
|
||||
#ifdef MP_INT_SIZE_CHECK_NULL
|
||||
#ifdef MP_INT_SIZE_CHECK_NULL
|
||||
if (r == NULL)
|
||||
return MEMORY_E;
|
||||
#endif
|
||||
#endif
|
||||
NEW_MP_INT_SIZE(s, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC);
|
||||
#ifdef MP_INT_SIZE_CHECK_NULL
|
||||
#ifdef MP_INT_SIZE_CHECK_NULL
|
||||
if (s == NULL) {
|
||||
FREE_MP_INT_SIZE(r, key->heap, DYNAMIC_TYPE_ECC);
|
||||
return MEMORY_E;
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
err = INIT_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key));
|
||||
if (err != 0) {
|
||||
@ -6800,8 +6800,26 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
|
||||
return err;
|
||||
}
|
||||
|
||||
#ifndef NO_ASN
|
||||
/* encoded with DSA header */
|
||||
err = StoreECC_DSA_Sig(out, outlen, r, s);
|
||||
#else
|
||||
/* No support for DSA ASN.1 header.
|
||||
* Signature will be r+s directly. */
|
||||
keySz = 0;
|
||||
if (key->dp != NULL) {
|
||||
keySz = (word32)key->dp->size;
|
||||
}
|
||||
if (keySz <= 0) {
|
||||
WOLFSSL_MSG("Error: ECDSA sign raw signature size");
|
||||
return WC_NO_ERR_TRACE(ECC_BAD_ARG_E);
|
||||
}
|
||||
*outlen = keySz * 2;
|
||||
|
||||
/* Export signature into r,s */
|
||||
mp_to_unsigned_bin_len(r, out, keySz);
|
||||
mp_to_unsigned_bin_len(s, out + keySz, keySz);
|
||||
#endif /* !NO_ASN */
|
||||
|
||||
/* cleanup */
|
||||
mp_clear(r);
|
||||
@ -6813,7 +6831,6 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
|
||||
return err;
|
||||
#endif /* !WOLF_CRYPTO_CB_ONLY_ECC */
|
||||
}
|
||||
#endif /* !NO_ASN */
|
||||
|
||||
#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
|
||||
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
|
||||
@ -8458,7 +8475,6 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
|
||||
|
||||
|
||||
#ifdef HAVE_ECC_VERIFY
|
||||
#ifndef NO_ASN
|
||||
/* verify
|
||||
*
|
||||
* w = s^-1 mod n
|
||||
@ -8496,6 +8512,9 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
int isPrivateKeyOnly = 0;
|
||||
#endif
|
||||
#ifdef NO_ASN
|
||||
word32 keySz;
|
||||
#endif
|
||||
|
||||
if (sig == NULL || hash == NULL || res == NULL || key == NULL) {
|
||||
return ECC_BAD_ARG_E;
|
||||
@ -8528,18 +8547,20 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
|
||||
r = key->r;
|
||||
s = key->s;
|
||||
#else
|
||||
NEW_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC);
|
||||
#ifdef MP_INT_SIZE_CHECK_NULL
|
||||
NEW_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap,
|
||||
DYNAMIC_TYPE_ECC);
|
||||
#ifdef MP_INT_SIZE_CHECK_NULL
|
||||
if (r == NULL)
|
||||
return MEMORY_E;
|
||||
#endif
|
||||
NEW_MP_INT_SIZE(s, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC);
|
||||
#ifdef MP_INT_SIZE_CHECK_NULL
|
||||
#endif
|
||||
NEW_MP_INT_SIZE(s, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap,
|
||||
DYNAMIC_TYPE_ECC);
|
||||
#ifdef MP_INT_SIZE_CHECK_NULL
|
||||
if (s == NULL) {
|
||||
FREE_MP_INT_SIZE(r, key->heap, DYNAMIC_TYPE_ECC);
|
||||
return MEMORY_E;
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
err = INIT_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key));
|
||||
if (err != 0) {
|
||||
FREE_MP_INT_SIZE(s, key->heap, DYNAMIC_TYPE_ECC);
|
||||
@ -8562,6 +8583,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
|
||||
/* default to invalid signature */
|
||||
*res = 0;
|
||||
|
||||
#ifndef NO_ASN
|
||||
/* Decode ASN.1 ECDSA signature. */
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
|
||||
/* Note, DecodeECC_DSA_Sig() calls mp_init() on r and s.
|
||||
@ -8576,6 +8598,24 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
|
||||
if (err < 0) {
|
||||
break;
|
||||
}
|
||||
#else
|
||||
/* No support for DSA ASN.1 header.
|
||||
* Signature must be r+s directly. */
|
||||
keySz = 0;
|
||||
if (key->dp != NULL) {
|
||||
keySz = (word32)key->dp->size;
|
||||
}
|
||||
if (siglen != keySz * 2) {
|
||||
WOLFSSL_MSG("Error: ECDSA Verify raw signature size");
|
||||
return WC_NO_ERR_TRACE(ECC_BAD_ARG_E);
|
||||
}
|
||||
|
||||
/* Import signature into r,s */
|
||||
mp_init(r);
|
||||
mp_init(s);
|
||||
mp_read_unsigned_bin(r, sig, keySz);
|
||||
mp_read_unsigned_bin(s, sig + keySz, keySz);
|
||||
#endif /* !NO_ASN */
|
||||
FALL_THROUGH;
|
||||
|
||||
case ECC_STATE_VERIFY_DO:
|
||||
@ -8635,7 +8675,6 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
|
||||
return err;
|
||||
#endif /* !WOLF_CRYPTO_CB_ONLY_ECC */
|
||||
}
|
||||
#endif /* !NO_ASN */
|
||||
|
||||
#ifndef WOLF_CRYPTO_CB_ONLY_ECC
|
||||
|
||||
|
@ -21,18 +21,21 @@
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_FSPSM_TLS) \
|
||||
|| defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) \
|
||||
|| defined(WOLFSSL_RENESAS_TSIP_TLS) \
|
||||
|| defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
|
||||
defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) || \
|
||||
defined(WOLFSSL_RENESAS_TSIP_TLS) || \
|
||||
defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
|
||||
defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
|
||||
|
||||
#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
|
||||
#define cmn_hw_lock wc_fspsm_hw_lock
|
||||
#define cmn_hw_unlock wc_fspsm_hw_unlock
|
||||
|
||||
#elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \
|
||||
defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
|
||||
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
|
||||
#define cmn_hw_lock tsip_hw_lock
|
||||
#define cmn_hw_unlock tsip_hw_unlock
|
||||
@ -44,14 +47,18 @@
|
||||
#include <wolfssl/wolfcrypt/wc_port.h>
|
||||
#include <wolfssl/wolfcrypt/types.h>
|
||||
#include <wolfssl/wolfcrypt/asn.h>
|
||||
#ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY
|
||||
#include <wolfssl/internal.h>
|
||||
#endif
|
||||
#include <wolfssl/error-ssl.h>
|
||||
#include <wolfssl/wolfcrypt/error-crypt.h>
|
||||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
#include <wolfssl/wolfcrypt/port/renesas/renesas_cmn.h>
|
||||
#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
|
||||
|
||||
#define INITIAL_DEVID 7890
|
||||
|
||||
uint32_t g_CAscm_Idx = (uint32_t)-1; /* index of CM table */
|
||||
static int gdevId = 7890; /* initial dev Id for Crypt Callback */
|
||||
static int gdevId = INITIAL_DEVID; /* initial dev Id for Crypt Callback */
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
/* store callback ctx by devId */
|
||||
@ -68,7 +75,7 @@ TsipUserCtx *gCbCtx[MAX_FSPSM_CBINDEX];
|
||||
#include <wolfssl/wolfcrypt/cryptocb.h>
|
||||
|
||||
|
||||
WOLFSSL_LOCAL int Renesas_cmn_Cleanup(WOLFSSL* ssl)
|
||||
WOLFSSL_LOCAL int Renesas_cmn_Cleanup(struct WOLFSSL* ssl)
|
||||
{
|
||||
int ret = 0;
|
||||
WOLFSSL_ENTER("Renesas_cmn_Cleanup");
|
||||
@ -111,11 +118,9 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaSignCheckCb(WOLFSSL* ssl,
|
||||
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
|
||||
WOLFSSL_ENTER("Renesas_cmn_RsaSignCheckCb");
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP)
|
||||
|
||||
return tsip_VerifyRsaPkcsCb(ssl, sig, sigSz, out, keyDer, keySz, ctx);
|
||||
|
||||
#endif /* WOLFSSL_RENESAS_TSIP */
|
||||
#if defined(WOLFSSL_RENESAS_TSIP)
|
||||
ret = tsip_VerifyRsaPkcsCb(ssl, sig, sigSz, out, keyDer, keySz, ctx);
|
||||
#endif /* WOLFSSL_RENESAS_TSIP */
|
||||
|
||||
WOLFSSL_LEAVE("Renesas_cmn_RsaSignCheckCb", ret);
|
||||
return ret;
|
||||
@ -151,8 +156,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
|
||||
|
||||
WOLFSSL_ENTER("Renesas_cmn_CryptoDevCb");
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS) \
|
||||
|| defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS) || \
|
||||
defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
|
||||
#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
|
||||
defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
|
||||
@ -162,18 +167,20 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
|
||||
if (info == NULL || ctx == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
#ifdef DEBUG_WOLFSSL
|
||||
#if defined(DEBUG_WOLFSSL)
|
||||
printf("CryptoDevCb: Algo Type %d session key set: %d\n",
|
||||
info->algo_type, cbInfo->session_key_set);
|
||||
#endif
|
||||
#if defined(DEBUG_CRYPTOCB)
|
||||
wc_CryptoCb_InfoString(info);
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP) \
|
||||
|| defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
#if defined(WOLFSSL_RENESAS_TSIP) || \
|
||||
defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
|
||||
if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
|
||||
|
||||
#if !defined(NO_AES) || !defined(NO_DES3)
|
||||
#if !defined(NO_AES)
|
||||
#ifdef HAVE_AESGCM
|
||||
if (info->cipher.type == WC_CIPHER_AES_GCM
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_TLS
|
||||
@ -236,44 +243,51 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
|
||||
}
|
||||
}
|
||||
#endif /* HAVE_AES_CBC */
|
||||
#endif /* !NO_AES || !NO_DES3 */
|
||||
#endif /* !NO_AES */
|
||||
}
|
||||
|
||||
if (info->algo_type == WC_ALGO_TYPE_PK) {
|
||||
#if !defined(NO_RSA)
|
||||
#if defined(WOLFSSL_KEY_GEN)
|
||||
if (info->pk.type == WC_PK_TYPE_RSA_KEYGEN &&
|
||||
(info->pk.rsakg.size == 1024 ||
|
||||
info->pk.rsakg.size == 2048)) {
|
||||
(info->pk.rsakg.size == 1024 || info->pk.rsakg.size == 2048)) {
|
||||
ret = wc_tsip_MakeRsaKey(info->pk.rsakg.size, (void*)ctx);
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Is called for signing
|
||||
/* RSA Signing
|
||||
* Can handle only RSA PkCS#1v1.5 padding scheme here.
|
||||
*/
|
||||
if (info->algo_type == WC_ALGO_TYPE_PK) {
|
||||
#if !defined(NO_RSA)
|
||||
if (info->pk.type == WC_PK_TYPE_RSA) {
|
||||
if (info->pk.rsa.type == RSA_PRIVATE_ENCRYPT) {
|
||||
ret = tsip_SignRsaPkcs(info, ctx);
|
||||
ret = tsip_SignRsaPkcs(info, cbInfo);
|
||||
}
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
else if (info->pk.rsa.type == RSA_PUBLIC_DECRYPT /* verify */) {
|
||||
ret = wc_tsip_RsaVerifyPkcs(info, ctx);
|
||||
/* RSA Verify */
|
||||
if (info->pk.rsa.type == RSA_PUBLIC_DECRYPT) {
|
||||
ret = wc_tsip_RsaVerifyPkcs(info, cbInfo);
|
||||
}
|
||||
#endif
|
||||
#endif /* !NO_RSA */
|
||||
|
||||
#if defined(HAVE_ECC)
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
|
||||
ret = tsip_SignEcdsa(info, cbInfo);
|
||||
}
|
||||
#endif /* NO_RSA */
|
||||
#if defined(HAVE_ECC) && defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
else if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
|
||||
ret = tsip_SignEcdsa(info, ctx);
|
||||
#endif
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
if (info->pk.type == WC_PK_TYPE_ECDSA_VERIFY) {
|
||||
ret = tsip_VerifyEcdsa(info, cbInfo);
|
||||
}
|
||||
#endif
|
||||
#endif /* HAVE_ECC */
|
||||
}
|
||||
#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
|
||||
|
||||
#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
|
||||
defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
|
||||
|
||||
if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
|
||||
|
||||
#if !defined(NO_AES) || !defined(NO_DES3)
|
||||
#if !defined(NO_AES)
|
||||
#ifdef HAVE_AESGCM
|
||||
if (info->cipher.type == WC_CIPHER_AES_GCM) {
|
||||
|
||||
@ -342,12 +356,11 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
|
||||
}
|
||||
}
|
||||
#endif /* HAVE_AES_CBC */
|
||||
#endif /* !NO_AES || !NO_DES3 */
|
||||
#endif /* !NO_AES */
|
||||
}
|
||||
#if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
|
||||
else if (info->algo_type == WC_ALGO_TYPE_PK) {
|
||||
|
||||
#if !defined(NO_RSA)
|
||||
#if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
|
||||
else if (info->algo_type == WC_ALGO_TYPE_PK) {
|
||||
#if defined(WOLFSSL_KEY_GEN)
|
||||
if (info->pk.type == WC_PK_TYPE_RSA_KEYGEN &&
|
||||
(info->pk.rsakg.size == 1024 ||
|
||||
@ -406,9 +419,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
|
||||
"RSA operation falls through to SW operation.");
|
||||
}
|
||||
}
|
||||
#endif /* NO_RSA && WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
|
||||
}
|
||||
#endif /* NO_RSA */
|
||||
#endif /* !NO_RSA */
|
||||
#endif /* TSIP or SCE */
|
||||
|
||||
(void)devIdArg;
|
||||
@ -424,9 +436,9 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
|
||||
* session_key_generated : if session key has been generated
|
||||
* return 1 for usable, 0 for unusable
|
||||
*/
|
||||
int Renesas_cmn_usable(const WOLFSSL* ssl, byte session_key_generated)
|
||||
int Renesas_cmn_usable(const struct WOLFSSL* ssl, byte session_key_generated)
|
||||
{
|
||||
int ret;
|
||||
int ret = 0;
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
ret = tsip_usable(ssl, session_key_generated);
|
||||
@ -435,6 +447,9 @@ int Renesas_cmn_usable(const WOLFSSL* ssl, byte session_key_generated)
|
||||
ret = wc_fspsm_usable(ssl, session_key_generated);
|
||||
#endif
|
||||
|
||||
(void)ssl;
|
||||
(void)session_key_generated;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -447,8 +462,8 @@ int Renesas_cmn_usable(const WOLFSSL* ssl, byte session_key_generated)
|
||||
*/
|
||||
WOLFSSL_LOCAL void *Renesas_cmn_GetCbCtxBydevId(int devId)
|
||||
{
|
||||
if (devId >= 7890 && devId <= (MAX_FSPSM_CBINDEX + 7890))
|
||||
return gCbCtx[devId - 7890];
|
||||
if (devId >= INITIAL_DEVID && devId <= (MAX_FSPSM_CBINDEX + INITIAL_DEVID))
|
||||
return gCbCtx[devId - INITIAL_DEVID];
|
||||
else
|
||||
return NULL;
|
||||
}
|
||||
@ -462,13 +477,13 @@ WOLFSSL_LOCAL void *Renesas_cmn_GetCbCtxBydevId(int devId)
|
||||
* device Id starts from 7890, and increases + 1 its number
|
||||
* when the method is successfully called.
|
||||
*/
|
||||
int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
|
||||
int wc_CryptoCb_CryptInitRenesasCmn(struct WOLFSSL* ssl, void* ctx)
|
||||
{
|
||||
(void)ssl;
|
||||
(void)ctx;
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS) \
|
||||
|| defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS) || \
|
||||
defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
|
||||
#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
|
||||
defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
|
||||
@ -476,18 +491,21 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
|
||||
#endif
|
||||
|
||||
if (cbInfo == NULL
|
||||
#if (!defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) &&\
|
||||
#if (!defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
|
||||
!defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
|
||||
!defined(HAVE_RENESAS_SYNC)
|
||||
|| ssl == NULL) {
|
||||
#else
|
||||
) {
|
||||
|| ssl == NULL
|
||||
#endif
|
||||
printf("Invalid devId\n");
|
||||
) {
|
||||
WOLFSSL_MSG("Invalid devId\n");
|
||||
return INVALID_DEVID;
|
||||
}
|
||||
/* need exclusive control because of static variable */
|
||||
if ((cmn_hw_lock()) == 0) {
|
||||
/* sanity check for overflow */
|
||||
if (gdevId < 0) {
|
||||
gdevId = INITIAL_DEVID;
|
||||
}
|
||||
cbInfo->devId = gdevId++;
|
||||
cmn_hw_unlock();
|
||||
}
|
||||
@ -509,12 +527,8 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
|
||||
if (ssl)
|
||||
wolfSSL_SetDevId(ssl, cbInfo->devId);
|
||||
#endif
|
||||
/* sanity check for overflow */
|
||||
if (gdevId < 0) {
|
||||
gdevId = 7890;
|
||||
}
|
||||
|
||||
gCbCtx[cbInfo->devId - 7890] = (void*)cbInfo;
|
||||
gCbCtx[cbInfo->devId - INITIAL_DEVID] = (void*)cbInfo;
|
||||
|
||||
return cbInfo->devId;
|
||||
}
|
||||
@ -532,7 +546,7 @@ void wc_CryptoCb_CleanupRenesasCmn(int* id)
|
||||
}
|
||||
|
||||
#endif /* WOLF_CRYPTO_CB */
|
||||
#endif /* WOLFSSL_RENESAS_FSPSM_TLS|| WOLFSSL_RENESAS_FSPSM_CRYPTONLY
|
||||
#endif /* WOLFSSL_RENESAS_FSPSM_TLS || WOLFSSL_RENESAS_FSPSM_CRYPTONLY
|
||||
WOLFSSL_RENESAS_TSIP_TLS || WOLFSSL_RENESAS_TSIP_CRYPTONLY */
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
@ -805,7 +819,7 @@ WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx)
|
||||
WOLFSSL_ENTER("Renesas_cmn_generateSessionKey");
|
||||
if (Renesas_cmn_usable(ssl, 0)) {
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
ret = wc_tsip_generateSessionKey(ssl, (TsipUserCtx*)ctx, cbInfo->devId);
|
||||
ret = wc_tsip_generateSessionKey(ssl, cbInfo, cbInfo->devId);
|
||||
#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
|
||||
ret = wc_fspsm_generateSessionKey(ssl, ctx, cbInfo->devId);
|
||||
#endif
|
||||
|
@ -40,7 +40,7 @@
|
||||
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
|
||||
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
|
||||
/* Make Rsa key for TSIP and set it to callback ctx
|
||||
/* Make RSA key for TSIP and set it to callback ctx
|
||||
* Assumes to be called by Crypt Callback
|
||||
*
|
||||
* size desired keylenth, in bits. supports 1024 or 2048 bits
|
||||
@ -59,6 +59,11 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
|
||||
if (ctx == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
if (size != 1024 && size != 2048) {
|
||||
WOLFSSL_MSG("Failed to generate key pair by TSIP");
|
||||
return CRYPTOCB_UNAVAILABLE;
|
||||
}
|
||||
|
||||
if ((ret = tsip_hw_lock()) == 0) {
|
||||
if (size == 1024) {
|
||||
tsip_pair1024_key =
|
||||
@ -80,8 +85,6 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
|
||||
|
||||
ret = R_TSIP_GenerateRsa2048RandomKeyIndex(tsip_pair2048_key);
|
||||
}
|
||||
else
|
||||
return CRYPTOCB_UNAVAILABLE;
|
||||
|
||||
if (ret == TSIP_SUCCESS) {
|
||||
if (size == 1024) {
|
||||
@ -90,8 +93,7 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
|
||||
DYNAMIC_TYPE_RSA_BUFFER);
|
||||
}
|
||||
if (info->rsa1024pub_keyIdx != NULL) {
|
||||
XFREE(info->rsa1024pub_keyIdx, NULL,
|
||||
DYNAMIC_TYPE_RSA_BUFFER);
|
||||
XFREE(info->rsa1024pub_keyIdx, NULL, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
}
|
||||
info->rsa1024pri_keyIdx =
|
||||
(tsip_rsa1024_private_key_index_t*)XMALLOC(
|
||||
@ -99,7 +101,7 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
|
||||
DYNAMIC_TYPE_RSA_BUFFER);
|
||||
|
||||
if (info->rsa1024pri_keyIdx == NULL) {
|
||||
XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
XFREE(tsip_pair1024_key, NULL, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
@ -109,9 +111,8 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
|
||||
DYNAMIC_TYPE_RSA_BUFFER);
|
||||
|
||||
if (info->rsa1024pub_keyIdx == NULL) {
|
||||
XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
XFREE(info->rsa1024pri_keyIdx, 0,
|
||||
DYNAMIC_TYPE_RSA_BUFFER);
|
||||
XFREE(tsip_pair1024_key, NULL, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
XFREE(info->rsa1024pri_keyIdx, NULL, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
return MEMORY_E;
|
||||
}
|
||||
/* copy generated key pair and free malloced key */
|
||||
@ -121,7 +122,7 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
|
||||
XMEMCPY(info->rsa1024pub_keyIdx,
|
||||
&tsip_pair1024_key->public,
|
||||
sizeof(tsip_rsa1024_public_key_index_t));
|
||||
XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
XFREE(tsip_pair1024_key, NULL, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
|
||||
info->keyflgs_crypt.bits.rsapri1024_key_set = 1;
|
||||
info->keyflgs_crypt.bits.rsapub1024_key_set = 1;
|
||||
@ -141,7 +142,7 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
|
||||
DYNAMIC_TYPE_RSA_BUFFER);
|
||||
|
||||
if (info->rsa2048pri_keyIdx == NULL) {
|
||||
XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
XFREE(tsip_pair2048_key, NULL, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
@ -151,11 +152,12 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
|
||||
DYNAMIC_TYPE_RSA_BUFFER);
|
||||
|
||||
if (info->rsa2048pub_keyIdx == NULL) {
|
||||
XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
XFREE(info->rsa2048pri_keyIdx, 0,
|
||||
XFREE(tsip_pair2048_key, NULL, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
XFREE(info->rsa2048pri_keyIdx, NULL,
|
||||
DYNAMIC_TYPE_RSA_BUFFER);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
/* copy generated key pair and free malloced key */
|
||||
XMEMCPY(info->rsa2048pri_keyIdx,
|
||||
&tsip_pair2048_key->private,
|
||||
@ -163,21 +165,17 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
|
||||
XMEMCPY(info->rsa2048pub_keyIdx,
|
||||
&tsip_pair2048_key->public,
|
||||
sizeof(tsip_rsa2048_public_key_index_t));
|
||||
XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
XFREE(tsip_pair2048_key, NULL, DYNAMIC_TYPE_RSA_BUFFER);
|
||||
|
||||
info->keyflgs_crypt.bits.rsapri2048_key_set = 1;
|
||||
info->keyflgs_crypt.bits.rsapub2048_key_set = 1;
|
||||
|
||||
}
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("Failed to generate key pair by TSIP");
|
||||
return CRYPTOCB_UNAVAILABLE;
|
||||
}
|
||||
|
||||
tsip_hw_unlock();
|
||||
}
|
||||
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -199,21 +197,19 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
int ret = 0;
|
||||
e_tsip_err_t err = TSIP_SUCCESS;
|
||||
tsip_rsa_byte_data_t hashData, sigData;
|
||||
|
||||
uint8_t tsip_hash_type;
|
||||
|
||||
|
||||
/* sanity check */
|
||||
if (info == NULL || tuc == NULL){
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
if (tuc->sing_hash_type == md5_mac)
|
||||
if (tuc->sign_hash_type == md5_mac)
|
||||
tsip_hash_type = R_TSIP_RSA_HASH_MD5;
|
||||
else if (tuc->sing_hash_type == sha_mac)
|
||||
else if (tuc->sign_hash_type == sha_mac)
|
||||
tsip_hash_type = R_TSIP_RSA_HASH_SHA1;
|
||||
else if (tuc->sing_hash_type == sha256_mac)
|
||||
else if (tuc->sign_hash_type == sha256_mac)
|
||||
tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
|
||||
else
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
@ -221,8 +217,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
|
||||
switch (tuc->wrappedKeyType) {
|
||||
case TSIP_KEY_TYPE_RSA1024:
|
||||
if (tuc->keyflgs_crypt.bits.rsapub1024_key_set != 1)
|
||||
{
|
||||
if (tuc->keyflgs_crypt.bits.rsapub1024_key_set != 1) {
|
||||
ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
|
||||
|
||||
WOLFSSL_MSG("tsip rsa private key 1024 not set");
|
||||
@ -232,11 +227,10 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
}
|
||||
break;
|
||||
case TSIP_KEY_TYPE_RSA2048:
|
||||
if (tuc->keyflgs_crypt.bits.rsapub2048_key_set != 1)
|
||||
{
|
||||
if (tuc->keyflgs_crypt.bits.rsapub2048_key_set != 1) {
|
||||
ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
|
||||
|
||||
WOLFSSL_MSG("tsip rsa private key 1024 not set");
|
||||
WOLFSSL_MSG("tsip rsa private key 2048 not set");
|
||||
if (ret != 0)
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
}
|
||||
|
@ -34,11 +34,15 @@
|
||||
#define WOLFSSL_MISC_INCLUDED
|
||||
#include <wolfcrypt/src/misc.c>
|
||||
#endif
|
||||
#include <wolfssl/ssl.h>
|
||||
#include <wolfssl/internal.h>
|
||||
#include <wolfssl/error-ssl.h>
|
||||
|
||||
#ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY
|
||||
#include <wolfssl/ssl.h>
|
||||
#include <wolfssl/internal.h>
|
||||
#include <wolfssl/error-ssl.h>
|
||||
#endif
|
||||
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
|
||||
#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
#define TSIP_SIGNING_DATA_PREFIX_SZ 64
|
||||
@ -171,6 +175,7 @@ WOLFSSL_API int tsip_use_PrivateKey_buffer_TLS(struct WOLFSSL* ssl,
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_TLS */
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
|
||||
/* Set client encrypted public key data.
|
||||
@ -189,8 +194,7 @@ WOLFSSL_API int tsip_use_PublicKey_buffer_crypt(TsipUserCtx *uc,
|
||||
|
||||
WOLFSSL_ENTER("tsip_use_PublicKey_buffer_crypt");
|
||||
|
||||
if (uc == NULL
|
||||
|| keyBuf == NULL || keyBufLen == 0) {
|
||||
if (uc == NULL || keyBuf == NULL || keyBufLen == 0) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
@ -412,20 +416,20 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
|
||||
}
|
||||
}
|
||||
|
||||
if (ret != 0) {
|
||||
if (kse->key != NULL)
|
||||
if ((ret != 0) && (ret != CRYPTOCB_UNAVAILABLE)) {
|
||||
if (kse->key != NULL) {
|
||||
XFREE(kse->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY);
|
||||
if (kse->pubKey != NULL)
|
||||
kse->key = NULL;
|
||||
}
|
||||
if (kse->pubKey != NULL) {
|
||||
XFREE(kse->pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
kse->pubKey = NULL;
|
||||
}
|
||||
}
|
||||
WOLFSSL_LEAVE("tsip_Tls13GenEccKeyPair", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
/* generate shared secret(pre-master secret)
|
||||
* get peer's raw ECDHE public key from KeyShareEntry.
|
||||
* The pre-master secret generated by TSIP is stored into
|
||||
@ -514,11 +518,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
|
||||
WOLFSSL_LEAVE("tsip_Tls13GenSharedSecret", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
|
||||
{
|
||||
int ret = 0;
|
||||
@ -543,11 +543,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
|
||||
WOLFSSL_LEAVE("tsip_Tls13DeriveEarlySecret", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
/* derive handshake secret.
|
||||
* get pre-master secret stored in TsipUserCtx.sharedSecret13Idx.
|
||||
* Derived handshake secret is stored into TsipUserCtx.handshakeSecret13Idx
|
||||
@ -621,11 +617,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl)
|
||||
WOLFSSL_LEAVE("tsip_Tls13DeriveHandshakeSecret", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl)
|
||||
{
|
||||
int ret = 0;
|
||||
@ -705,11 +697,7 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl)
|
||||
WOLFSSL_LEAVE("tsipTls13DeriveClientHandshakeKeys", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl)
|
||||
{
|
||||
int ret = 0;
|
||||
@ -789,11 +777,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl)
|
||||
WOLFSSL_LEAVE("tsipTls13DeriveServerHandshakeKeys", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl)
|
||||
{
|
||||
int ret = 0;
|
||||
@ -881,11 +865,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl)
|
||||
WOLFSSL_LEAVE("tsipTls13DeriveTrafficKeys", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl)
|
||||
{
|
||||
int ret = 0;
|
||||
@ -953,11 +933,7 @@ static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl)
|
||||
WOLFSSL_LEAVE("tsipTls13UpdateClientTrafficKeys", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl)
|
||||
{
|
||||
int ret = 0;
|
||||
@ -1025,11 +1001,7 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl)
|
||||
WOLFSSL_LEAVE("tsipTls13UpdateServerTrafficKeys", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
/* Derive the keys for TLS v1.3.
|
||||
*
|
||||
* ssl The WOLFSSL object.
|
||||
@ -1124,11 +1096,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveKeys(struct WOLFSSL* ssl,
|
||||
WOLFSSL_LEAVE("tsip_Tls13DeriveKeys", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
|
||||
{
|
||||
int ret = 0;
|
||||
@ -1198,11 +1166,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
|
||||
WOLFSSL_LEAVE("tsip_Tls13DeriveMasterSecret", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
/* verify handshake
|
||||
* ssl WOLFSSL object
|
||||
* hash buffer holding decrypted finished message content from server.
|
||||
@ -1288,11 +1252,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl,
|
||||
WOLFSSL_LEAVE("tsipTls13VerifyHandshake", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
/* handles finished message from server.
|
||||
* verify hmac in the message. Also output verify data to
|
||||
* TsipUserCtx.verifyDataIdx, which is used for deriving master secret.
|
||||
@ -1334,11 +1294,7 @@ WOLFSSL_LOCAL int tsip_Tls13HandleFinished(
|
||||
WOLFSSL_LEAVE("tsip_Tls13HandleFinished", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
/* Build TLS v1.3 Message and make it encrypted with AEAD algorithm.
|
||||
* TSIP supports AES-GCM and AES-CCM.
|
||||
* ssl The WOLFSSL object.
|
||||
@ -1434,11 +1390,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl,
|
||||
WOLFSSL_LEAVE("tsip_Tls13BuildMessage", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
/* Send finished message to the server.
|
||||
*
|
||||
* ssl WOLFSSL object
|
||||
@ -1501,9 +1453,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendFinished(
|
||||
WOLFSSL_LEAVE("tsip_Tls13SendFinished", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
/* Parse and handle a TLS v1.3 CertificateVerify message sent from a server.
|
||||
*
|
||||
* ssl WOLFSSL object
|
||||
@ -1644,9 +1594,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
|
||||
WOLFSSL_LEAVE("tsip_Tls13CertificateVerify", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
/* Send the TLS v1.3 CertificateVerify message. A part of the message is
|
||||
* processed by TSIP for acceleration.
|
||||
*
|
||||
@ -1740,7 +1688,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
|
||||
}
|
||||
}
|
||||
else {
|
||||
if (!tuc->ClientEccP256PrivKey_set) {
|
||||
if (!tuc->ClientEccPrivKey_set) {
|
||||
ret = NO_PRIVATE_KEY;
|
||||
}
|
||||
}
|
||||
@ -1781,7 +1729,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
|
||||
}
|
||||
else {
|
||||
err = R_TSIP_Tls13CertificateVerifyGenerate(
|
||||
(uint32_t*)&(tuc->EcdsaP256PrivateKeyIdx),
|
||||
(uint32_t*)&(tuc->EcdsaPrivateKeyIdx),
|
||||
TSIP_TLS13_SIGNATURE_SCHEME_ECDSA_SECP256R1_SHA256,
|
||||
hash,
|
||||
message + HANDSHAKE_HEADER_SZ,
|
||||
@ -1817,7 +1765,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
|
||||
}
|
||||
else {
|
||||
#if defined(WOLFSSL_CHECK_SIG_FAULTS)
|
||||
if (!tuc->ClientEccP256PubKey_set) {
|
||||
if (!tuc->ClientEccPubKey_set) {
|
||||
ret = NO_PRIVATE_KEY;
|
||||
}
|
||||
#endif /* WOLFSSL_CHECK_SIG_FAULTS */
|
||||
@ -1886,7 +1834,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
|
||||
|
||||
err = R_TSIP_EcdsaP256SignatureVerification(
|
||||
&ecdsa_sig, &ecdsa_hash,
|
||||
&tuc->EcdsaP256PublicKeyIdx);
|
||||
&tuc->EcdsaPublicKeyIdx);
|
||||
WOLFSSL_MSG("Perform self-verify for ecc signature");
|
||||
#endif /* WOLFSSL_CHECK_SIG_FAULTS */
|
||||
}
|
||||
@ -1927,6 +1875,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_TLS */
|
||||
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER >=109)
|
||||
|
||||
static uint32_t GetTsipCipherSuite(
|
||||
@ -2072,7 +2021,7 @@ static int tsip_ServerKeyExVerify(
|
||||
WOLFSSL_MSG("Failed to lock tsip hw");
|
||||
}
|
||||
|
||||
XFREE(peerkey, 0, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(peerkey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
WOLFSSL_LEAVE("tsip_ServerKeyExVerify", ret);
|
||||
return ret;
|
||||
@ -2145,7 +2094,7 @@ int wc_tsip_EccVerify(
|
||||
return CRYPTOCB_UNAVAILABLE;
|
||||
}
|
||||
|
||||
/* concatenate r and s parts of the signature so that TSIP can handle it*/
|
||||
/* concatenate r and s parts of the signature so that TSIP can handle it */
|
||||
/* r */
|
||||
if (sig[offset] == 0x20) {
|
||||
XMEMCPY(sigforSCE, &sig[offset+1], rs_size);
|
||||
@ -2346,8 +2295,10 @@ static byte _tls2tsipdef(byte cipher)
|
||||
* The target key should be set with tsip_use_PrivateKey_buffer in advance.
|
||||
* Acceptable key types are:
|
||||
* TSIP_KEY_TYPE_RSA2048 rsa 2048 bit key
|
||||
* TSIP_KEY_TYPE_RSA4096 rsa 4096 bit key(Not supported as of now)
|
||||
* TSIP_KEY_TYPE_RSA3072 rsa 3072 bit key
|
||||
* TSIP_KEY_TYPE_RSA4096 rsa 4096 bit key
|
||||
* TSIP_KEY_TYPE_ECDSAP256 ecdsa p256r1 key
|
||||
* TSIP_KEY_TYPE_ECDSAP384 ecdsa p384r1 key
|
||||
*/
|
||||
static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
|
||||
{
|
||||
@ -2403,12 +2354,12 @@ static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
|
||||
#if defined(HAVE_ECC)
|
||||
case TSIP_KEY_TYPE_ECDSAP256:
|
||||
|
||||
tuc->ClientEccP256PrivKey_set = 0;
|
||||
tuc->ClientEccPrivKey_set = 0;
|
||||
err = R_TSIP_GenerateEccP256PrivateKeyIndex(
|
||||
provisioning_key, iv, (uint8_t*)encPrivKey,
|
||||
&(tuc->EcdsaP256PrivateKeyIdx));
|
||||
&(tuc->EcdsaPrivateKeyIdx));
|
||||
if (err == TSIP_SUCCESS) {
|
||||
tuc->ClientEccP256PrivKey_set = 1;
|
||||
tuc->ClientEccPrivKey_set = 1;
|
||||
}
|
||||
else {
|
||||
ret = WC_HW_E;
|
||||
@ -2436,8 +2387,10 @@ static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
|
||||
* The target key should be set with tsip_use_PublicKey_buffer in advance.
|
||||
* Acceptable key types are:
|
||||
* TSIP_KEY_TYPE_RSA2048 rsa 2048 bit key
|
||||
* TSIP_KEY_TYPE_RSA4096 rsa 4096 bit key(Not supported as of now)
|
||||
* TSIP_KEY_TYPE_RSA3072 rsa 3072 bit key
|
||||
* TSIP_KEY_TYPE_RSA4096 rsa 4096 bit key
|
||||
* TSIP_KEY_TYPE_ECDSAP256 ecdsa p256r1 key
|
||||
* TSIP_KEY_TYPE_ECDSAP384 ecdsa p384r1 key
|
||||
*/
|
||||
WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
|
||||
{
|
||||
@ -2468,7 +2421,7 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
|
||||
}
|
||||
|
||||
if ((ret = tsip_hw_lock()) == 0) {
|
||||
switch(keyType) {
|
||||
switch (keyType) {
|
||||
|
||||
#if !defined(NO_RSA)
|
||||
case TSIP_KEY_TYPE_RSA2048:
|
||||
@ -2479,7 +2432,7 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
|
||||
XFREE(tuc->rsa2048pub_keyIdx, NULL,
|
||||
DYNAMIC_TYPE_RSA_BUFFER);
|
||||
}
|
||||
|
||||
tuc->keyflgs_crypt.bits.rsapub2048_key_set = 0;
|
||||
tuc->rsa2048pub_keyIdx =
|
||||
(tsip_rsa2048_public_key_index_t*)XMALLOC(
|
||||
sizeof(tsip_rsa2048_public_key_index_t), NULL,
|
||||
@ -2507,25 +2460,47 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
|
||||
ret = WC_HW_E;
|
||||
}
|
||||
break;
|
||||
#endif
|
||||
|
||||
#if !defined(NO_RSA)
|
||||
case TSIP_KEY_TYPE_RSA4096:
|
||||
/* not supported as of TSIPv1.15 */
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
break;
|
||||
#endif
|
||||
#endif /* !NO_RSA */
|
||||
|
||||
#if defined(HAVE_ECC) && \
|
||||
defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
#if defined(HAVE_ECC)
|
||||
case TSIP_KEY_TYPE_ECDSAP256:
|
||||
|
||||
tuc->ClientEccP256PubKey_set = 0;
|
||||
case TSIP_KEY_TYPE_ECDSAP384:
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
tuc->ClientEccPubKey_set = 0;
|
||||
#elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
tuc->keyflgs_crypt.bits.eccpub_key_set = 0;
|
||||
#endif
|
||||
if (keyType == TSIP_KEY_TYPE_ECDSAP256) {
|
||||
err = R_TSIP_GenerateEccP256PublicKeyIndex(
|
||||
provisioning_key, iv, (uint8_t*)encPubKey,
|
||||
&(tuc->EcdsaP256PublicKeyIdx));
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
&(tuc->EcdsaPublicKeyIdx)
|
||||
#elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
&tuc->eccpub_keyIdx
|
||||
#endif
|
||||
);
|
||||
}
|
||||
else if (keyType == TSIP_KEY_TYPE_ECDSAP384) {
|
||||
err = R_TSIP_GenerateEccP384PublicKeyIndex(
|
||||
provisioning_key, iv, (uint8_t*)encPubKey,
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
&(tuc->EcdsaPublicKeyIdx)
|
||||
#elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
&tuc->eccpub_keyIdx
|
||||
#endif
|
||||
);
|
||||
}
|
||||
if (err == TSIP_SUCCESS) {
|
||||
tuc->ClientEccP256PubKey_set = 1;
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
tuc->ClientEccPubKey_set = 1;
|
||||
#elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
tuc->keyflgs_crypt.bits.eccpub_key_set = 1;
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
ret = WC_HW_E;
|
||||
@ -2545,41 +2520,7 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
|
||||
WOLFSSL_LEAVE("tsipImportPublicKey", ret);
|
||||
return ret;
|
||||
}
|
||||
/*
|
||||
* lock hw engine.
|
||||
* this should be called before using engine.
|
||||
*/
|
||||
WOLFSSL_LOCAL int tsip_hw_lock(void)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
if (tsip_CryptHwMutexInit_ == 0) {
|
||||
|
||||
ret = tsip_CryptHwMutexInit(&tsip_mutex);
|
||||
|
||||
if (ret == 0) {
|
||||
tsip_CryptHwMutexInit_ = 1;
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG(" mutex initialization failed.");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
if (tsip_CryptHwMutexLock(&tsip_mutex) != 0) {
|
||||
/* this should not happens */
|
||||
return -1;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* release hw engine
|
||||
*/
|
||||
WOLFSSL_LOCAL void tsip_hw_unlock(void)
|
||||
{
|
||||
tsip_CryptHwMutexUnLock(&tsip_mutex);
|
||||
}
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
/* check if tsip tls functions can be used for the cipher */
|
||||
/* return :1 when tsip can be used , 0 not be used. */
|
||||
@ -2678,6 +2619,41 @@ int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated)
|
||||
}
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_TLS */
|
||||
|
||||
/*
|
||||
* lock hw engine.
|
||||
* this should be called before using engine.
|
||||
*/
|
||||
WOLFSSL_LOCAL int tsip_hw_lock(void)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
if (tsip_CryptHwMutexInit_ == 0) {
|
||||
|
||||
ret = tsip_CryptHwMutexInit(&tsip_mutex);
|
||||
|
||||
if (ret == 0) {
|
||||
tsip_CryptHwMutexInit_ = 1;
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG(" mutex initialization failed.");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
if (tsip_CryptHwMutexLock(&tsip_mutex) != 0) {
|
||||
/* this should not happens */
|
||||
return -1;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* release hw engine
|
||||
*/
|
||||
WOLFSSL_LOCAL void tsip_hw_unlock(void)
|
||||
{
|
||||
tsip_CryptHwMutexUnLock(&tsip_mutex);
|
||||
}
|
||||
|
||||
/* open TSIP driver
|
||||
* return 0 on success.
|
||||
@ -2696,6 +2672,7 @@ WOLFSSL_LOCAL int tsip_Open(void)
|
||||
if (ret != TSIP_SUCCESS) {
|
||||
WOLFSSL_MSG("RENESAS TSIP Open failed");
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
if (ret == TSIP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
|
||||
|
||||
@ -2722,11 +2699,13 @@ WOLFSSL_LOCAL int tsip_Open(void)
|
||||
if (ret != TSIP_SUCCESS) {
|
||||
WOLFSSL_MSG("R_TSIP_(Re)Open: NG");
|
||||
}
|
||||
|
||||
/* init vars */
|
||||
g_CAscm_Idx = (uint32_t)-1;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#elif defined(WOLFSSL_RENESAS_TSIP) && (WOLFSSL_RENESAS_TSIP_VER>=106)
|
||||
|
||||
ret = R_TSIP_Open((uint32_t*)s_flash, s_inst1, s_inst2);
|
||||
@ -2756,6 +2735,7 @@ WOLFSSL_LOCAL int tsip_Open(void)
|
||||
if (ret != TSIP_SUCCESS) {
|
||||
WOLFSSL_MSG("R_TSIP_(Re)Open failed");
|
||||
}
|
||||
|
||||
/* init vars */
|
||||
g_CAscm_Idx = (uint32_t)-1;
|
||||
}
|
||||
@ -2832,7 +2812,8 @@ void tsip_inform_user_keys_ex(
|
||||
word32 encrypted_user_tls_key_type)
|
||||
{
|
||||
WOLFSSL_ENTER("tsip_inform_user_keys_ex");
|
||||
ForceZero(&g_user_key_info, sizeof(g_user_key_info));
|
||||
|
||||
XMEMSET(&g_user_key_info, 0, sizeof(g_user_key_info));
|
||||
g_user_key_info.encrypted_provisioning_key = NULL;
|
||||
g_user_key_info.iv = NULL;
|
||||
|
||||
@ -3690,7 +3671,6 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
ret = tsipImportPrivateKey(tuc, tuc->wrappedKeyType);
|
||||
}
|
||||
|
||||
|
||||
if (ret == 0) {
|
||||
if (ssl->options.hashAlgo == md5_mac)
|
||||
tsip_hash_type = R_TSIP_RSA_HASH_MD5;
|
||||
@ -3705,11 +3685,11 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
(void)ssl;
|
||||
|
||||
if (ret == 0) {
|
||||
if (tuc->sing_hash_type == md5_mac)
|
||||
if (tuc->sign_hash_type == md5_mac)
|
||||
tsip_hash_type = R_TSIP_RSA_HASH_MD5;
|
||||
else if (tuc->sing_hash_type == sha_mac)
|
||||
else if (tuc->sign_hash_type == sha_mac)
|
||||
tsip_hash_type = R_TSIP_RSA_HASH_SHA1;
|
||||
else if (tuc->sing_hash_type == sha256_mac)
|
||||
else if (tuc->sign_hash_type == sha256_mac)
|
||||
tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
|
||||
else
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
@ -3717,15 +3697,13 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
|
||||
switch (tuc->wrappedKeyType) {
|
||||
case TSIP_KEY_TYPE_RSA1024:
|
||||
if (tuc->keyflgs_crypt.bits.rsapri1024_key_set != 1)
|
||||
{
|
||||
WOLFSSL_MSG("tsip rsa private key 2048 not set");
|
||||
if (tuc->keyflgs_crypt.bits.rsapri1024_key_set != 1) {
|
||||
WOLFSSL_MSG("tsip rsa private key 1024 not set");
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
}
|
||||
break;
|
||||
case TSIP_KEY_TYPE_RSA2048:
|
||||
if (tuc->keyflgs_crypt.bits.rsapri2048_key_set != 1)
|
||||
{
|
||||
if (tuc->keyflgs_crypt.bits.rsapri2048_key_set != 1) {
|
||||
WOLFSSL_MSG("tsip rsa private key 2048 not set");
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
}
|
||||
@ -3735,7 +3713,6 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
break;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
if (ret == 0) {
|
||||
@ -3902,7 +3879,8 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
|
||||
}
|
||||
#endif /* !NO_RSA && TSIP_TLS */
|
||||
|
||||
#if defined(HAVE_ECC) && defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
#if defined(HAVE_ECC)
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
|
||||
/* Perform signing with the client's ECC private key on hash value of messages
|
||||
* exchanged with server.
|
||||
*
|
||||
@ -3922,7 +3900,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
{
|
||||
int ret = 0;
|
||||
e_tsip_err_t err = TSIP_SUCCESS;
|
||||
tsip_rsa_byte_data_t hashData, sigData;
|
||||
tsip_ecdsa_byte_data_t hashData, sigData;
|
||||
byte offsetForWork;
|
||||
byte* out = NULL;
|
||||
byte* sig = NULL;
|
||||
@ -3961,7 +3939,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
if ((ret = tsip_hw_lock()) == 0) {
|
||||
switch (tuc->wrappedKeyType) {
|
||||
|
||||
#if defined(HAVE_ECC)
|
||||
#if !defined(NO_ECC256)
|
||||
case TSIP_KEY_TYPE_ECDSAP256:
|
||||
offsetForWork = R_TSIP_ECDSA_DATA_BYTE_SIZE + 32;
|
||||
if (*(info->pk.eccsign.outlen) <
|
||||
@ -3974,7 +3952,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
offsetForWork;
|
||||
err = R_TSIP_EcdsaP256SignatureGenerate(
|
||||
&hashData, &sigData,
|
||||
&tuc->EcdsaP256PrivateKeyIdx);
|
||||
&tuc->EcdsaPrivateKeyIdx);
|
||||
if (err != TSIP_SUCCESS) {
|
||||
ret = WC_HW_E;
|
||||
break;
|
||||
@ -4012,16 +3990,6 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
break;
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ECC192)
|
||||
case TSIP_KEY_TYPE_ECDSAP192:
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
break;
|
||||
#endif
|
||||
#if defined(HAVE_ECC224)
|
||||
case TSIP_KEY_TYPE_ECDSAP224:
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
break;
|
||||
#endif
|
||||
#if defined(HAVE_ECC384)
|
||||
case TSIP_KEY_TYPE_ECDSAP384:
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
@ -4042,7 +4010,114 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
WOLFSSL_LEAVE("tsip_SignEcdsa", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* HAVE_ECC && TSIP_TLS */
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_TLS */
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
/* zero pad or truncate hash */
|
||||
static int tsip_HashPad(int curveSz, uint8_t* hash,
|
||||
const uint8_t* hashIn, int hashSz)
|
||||
{
|
||||
if (hashSz > curveSz)
|
||||
hashSz = curveSz;
|
||||
XMEMCPY(hash + (curveSz - hashSz), hashIn, hashSz);
|
||||
return curveSz;
|
||||
}
|
||||
|
||||
/* Perform verify with the wrapped public key, provided hash and signature r+s
|
||||
*
|
||||
* parameters
|
||||
* info->pk.eccverify.in : the buffer holding hash value of messages
|
||||
* info->pk.eccverify.inlen : hash data size
|
||||
* info->pk.eccverify.out : the buffer where the signature data is output to
|
||||
* info->pk.eccverify.outlen: the length of the buffer pk.eccsign.out
|
||||
* tuc: the pointer to the TsipUserCtx structure
|
||||
* returns
|
||||
* 0 on success, CRYPTOCB_UNAVAILABLE on unsupported key type specified.
|
||||
*/
|
||||
WOLFSSL_LOCAL int tsip_VerifyEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
|
||||
{
|
||||
int ret = 0;
|
||||
e_tsip_err_t err = TSIP_SUCCESS;
|
||||
tsip_ecdsa_byte_data_t hashData, sigData;
|
||||
/* hard coding largest digest size, since WC_MAX_DIGEST_SZ could be 32
|
||||
* if using SHA2-256 with ECDSA SECP384R1 */
|
||||
uint8_t hash[TSIP_MAX_ECC_BYTES];
|
||||
|
||||
WOLFSSL_ENTER("tsip_VerifyEcdsa");
|
||||
|
||||
if (info == NULL || tuc == NULL) {
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
}
|
||||
|
||||
XMEMSET(hash, 0, sizeof(hash));
|
||||
|
||||
if (ret == 0) {
|
||||
/* import public key_index from wrapped key */
|
||||
ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
int curveSz = info->pk.eccverify.key->dp->size;
|
||||
hashData.pdata = (uint8_t*)hash;
|
||||
hashData.data_type = tuc->keyflgs_crypt.bits.message_type;
|
||||
sigData.pdata = (uint8_t*)info->pk.eccverify.sig;
|
||||
sigData.data_length = info->pk.eccverify.siglen;
|
||||
|
||||
if ((ret = tsip_hw_lock()) == 0) {
|
||||
switch (tuc->wrappedKeyType) {
|
||||
#if !defined(NO_ECC256)
|
||||
case TSIP_KEY_TYPE_ECDSAP256:
|
||||
/* zero pad or truncate */
|
||||
hashData.data_length = tsip_HashPad(curveSz,
|
||||
hash, info->pk.eccverify.hash,
|
||||
info->pk.eccverify.hashlen);
|
||||
|
||||
err = R_TSIP_EcdsaP256SignatureVerification(&sigData,
|
||||
&hashData, &tuc->eccpub_keyIdx);
|
||||
if (err == TSIP_SUCCESS) {
|
||||
*info->pk.eccverify.res = 1; /* success */
|
||||
}
|
||||
else {
|
||||
ret = WC_HW_E;
|
||||
}
|
||||
break;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ECC384)
|
||||
case TSIP_KEY_TYPE_ECDSAP384:
|
||||
/* zero pad or truncate */
|
||||
hashData.data_length = tsip_HashPad(curveSz,
|
||||
hash, info->pk.eccverify.hash,
|
||||
info->pk.eccverify.hashlen);
|
||||
|
||||
err = R_TSIP_EcdsaP384SignatureVerification(&sigData,
|
||||
&hashData, &tuc->eccpub_keyIdx);
|
||||
if (err == TSIP_SUCCESS) {
|
||||
*info->pk.eccverify.res = 1; /* success */
|
||||
}
|
||||
else {
|
||||
ret = WC_HW_E;
|
||||
}
|
||||
break;
|
||||
#endif
|
||||
|
||||
default:
|
||||
WOLFSSL_MSG("ECDSA public key size not available");
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
break;
|
||||
}
|
||||
tsip_hw_unlock();
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("mutex locking error");
|
||||
}
|
||||
}
|
||||
WOLFSSL_LEAVE("tsip_VerifyEcdsa", ret);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_CRYPT_DEBUG
|
||||
|
@ -110,7 +110,7 @@ This library contains implementation for the random number generator.
|
||||
#include <basictypes.h>
|
||||
#include <random.h>
|
||||
#elif defined(WOLFSSL_XILINX_CRYPT_VERSAL)
|
||||
#include "wolfssl/wolfcrypt/port/xilinx/xil-versal-trng.h"
|
||||
#include "wolfssl/wolfcrypt/port/xilinx/xil-versal-trng.h"
|
||||
#elif defined(NO_DEV_RANDOM)
|
||||
#elif defined(CUSTOM_RAND_GENERATE)
|
||||
#elif defined(CUSTOM_RAND_GENERATE_BLOCK)
|
||||
@ -126,6 +126,9 @@ This library contains implementation for the random number generator.
|
||||
#elif defined(WOLFSSL_PB)
|
||||
#elif defined(WOLFSSL_ZEPHYR)
|
||||
#elif defined(WOLFSSL_TELIT_M2MB)
|
||||
#elif defined(WOLFSSL_RENESAS_TSIP)
|
||||
/* for wc_tsip_GenerateRandBlock */
|
||||
#include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h"
|
||||
#elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_TRNG)
|
||||
#elif defined(WOLFSSL_IMXRT1170_CAAM)
|
||||
#elif defined(CY_USING_HAL) && defined(COMPONENT_WOLFSSL)
|
||||
@ -3652,6 +3655,14 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
|
||||
return 0;
|
||||
}
|
||||
|
||||
#elif defined(WOLFSSL_RENESAS_TSIP)
|
||||
|
||||
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
|
||||
{
|
||||
(void)os;
|
||||
return wc_tsip_GenerateRandBlock(output, sz);
|
||||
}
|
||||
|
||||
|
||||
#elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_TRNG)
|
||||
#include "hal_data.h"
|
||||
|
@ -28687,12 +28687,10 @@ typedef struct eccVector {
|
||||
const char* curveName;
|
||||
word32 msgLen;
|
||||
word32 keySize;
|
||||
#ifndef NO_ASN
|
||||
const byte* r;
|
||||
word32 rSz;
|
||||
const byte* s;
|
||||
word32 sSz;
|
||||
#endif
|
||||
} eccVector;
|
||||
|
||||
#if !defined(WOLF_CRYPTO_CB_ONLY_ECC)
|
||||
@ -28744,13 +28742,14 @@ static wc_test_ret_t ecc_test_vector_item(const eccVector* vector)
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
|
||||
#if !defined(NO_ASN)
|
||||
XMEMSET(sig, 0, ECC_SIG_SIZE);
|
||||
sigSz = ECC_SIG_SIZE;
|
||||
ret = wc_ecc_rs_to_sig(vector->R, vector->S, sig, &sigSz);
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
|
||||
#if !defined(NO_ASN) && !defined(HAVE_SELFTEST)
|
||||
#if !defined(HAVE_SELFTEST)
|
||||
XMEMSET(sigRaw, 0, ECC_SIG_SIZE);
|
||||
sigRawSz = ECC_SIG_SIZE;
|
||||
ret = wc_ecc_rs_raw_to_sig(vector->r, vector->rSz, vector->s, vector->sSz,
|
||||
@ -28770,7 +28769,17 @@ static wc_test_ret_t ecc_test_vector_item(const eccVector* vector)
|
||||
ret = WC_TEST_RET_ENC_NC;
|
||||
goto done;
|
||||
}
|
||||
#endif
|
||||
#endif /* !HAVE_SELFTEST */
|
||||
#else
|
||||
/* Signature will be R+S directly */
|
||||
/* Make sure and zero pad if r or s is less than key size */
|
||||
XMEMSET(sig, 0, ECC_SIG_SIZE);
|
||||
sigSz = vector->keySize * 2;
|
||||
XMEMCPY(sig + (vector->keySize - vector->rSz),
|
||||
vector->r, vector->rSz);
|
||||
XMEMCPY(sig + vector->keySize + (vector->keySize - vector->sSz),
|
||||
vector->s, vector->sSz);
|
||||
#endif /* !NO_ASN */
|
||||
|
||||
#ifdef HAVE_ECC_VERIFY
|
||||
do {
|
||||
@ -28858,14 +28867,12 @@ static wc_test_ret_t ecc_test_vector(int keySize)
|
||||
vec.R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
|
||||
vec.S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
|
||||
vec.curveName = "SECP192R1";
|
||||
#ifndef NO_ASN
|
||||
vec.r = (byte*)"\x69\x94\xd9\x62\xbd\xd0\xd7\x93\xff\xdd\xf8\x55"
|
||||
"\xec\x5b\xf2\xf9\x1a\x96\x98\xb4\x62\x58\xa6\x3e";
|
||||
vec.rSz = 24;
|
||||
vec.s = (byte*)"\x02\xba\x64\x65\xa2\x34\x90\x37\x44\xab\x02\xbc"
|
||||
"\x85\x21\x40\x5b\x73\xcf\x5f\xc0\x0e\x1a\x9f\x41";
|
||||
vec.sSz = 24;
|
||||
#endif
|
||||
break;
|
||||
#endif /* HAVE_ECC192 */
|
||||
|
||||
@ -28894,7 +28901,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
|
||||
vec.R = "147b33758321e722a0360a4719738af848449e2c1d08defebc1671a7";
|
||||
vec.S = "24fc7ed7f1352ca3872aa0916191289e2e04d454935d50fe6af3ad5b";
|
||||
vec.curveName = "SECP224R1";
|
||||
#ifndef NO_ASN
|
||||
vec.r = (byte*)"\x14\x7b\x33\x75\x83\x21\xe7\x22\xa0\x36\x0a\x47"
|
||||
"\x19\x73\x8a\xf8\x48\x44\x9e\x2c\x1d\x08\xde\xfe"
|
||||
"\xbc\x16\x71\xa7";
|
||||
@ -28903,7 +28909,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
|
||||
"\x61\x91\x28\x9e\x2e\x04\xd4\x54\x93\x5d\x50\xfe"
|
||||
"\x6a\xf3\xad\x5b";
|
||||
vec.sSz = 28;
|
||||
#endif
|
||||
break;
|
||||
#endif /* HAVE_ECC224 */
|
||||
|
||||
@ -28936,7 +28941,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
|
||||
vec.d = "be34baa8d040a3b991f9075b56ba292f755b90e4b6dc10dad36715c33cfdac25";
|
||||
vec.R = "2b826f5d44e2d0b6de531ad96b51e8f0c56fdfead3c236892e4d84eacfc3b75c";
|
||||
vec.S = "a2248b62c03db35a7cd63e8a120a3521a89d3d2f61ff99035a2148ae32e3a248";
|
||||
#ifndef NO_ASN
|
||||
vec.r = (byte*)"\x2b\x82\x6f\x5d\x44\xe2\xd0\xb6\xde\x53\x1a\xd9"
|
||||
"\x6b\x51\xe8\xf0\xc5\x6f\xdf\xea\xd3\xc2\x36\x89"
|
||||
"\x2e\x4d\x84\xea\xcf\xc3\xb7\x5c";
|
||||
@ -28945,7 +28949,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
|
||||
"\x12\x0a\x35\x21\xa8\x9d\x3d\x2f\x61\xff\x99\x03"
|
||||
"\x5a\x21\x48\xae\x32\xe3\xa2\x48";
|
||||
vec.sSz = 32;
|
||||
#endif
|
||||
vec.curveName = "SECP256R1";
|
||||
break;
|
||||
#endif /* !NO_ECC256 */
|
||||
@ -28980,7 +28983,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
|
||||
vec.R = "6820b8585204648aed63bdff47f6d9acebdea62944774a7d14f0e14aa0b9a5b99545b2daee6b3c74ebf606667a3f39b7";
|
||||
vec.S = "491af1d0cccd56ddd520b233775d0bc6b40a6255cc55207d8e9356741f23c96c14714221078dbd5c17f4fdd89b32a907";
|
||||
vec.curveName = "SECP384R1";
|
||||
#ifndef NO_ASN
|
||||
vec.r = (byte*)"\x68\x20\xb8\x58\x52\x04\x64\x8a\xed\x63\xbd\xff"
|
||||
"\x47\xf6\xd9\xac\xeb\xde\xa6\x29\x44\x77\x4a\x7d"
|
||||
"\x14\xf0\xe1\x4a\xa0\xb9\xa5\xb9\x95\x45\xb2\xda"
|
||||
@ -28991,7 +28993,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
|
||||
"\x8e\x93\x56\x74\x1f\x23\xc9\x6c\x14\x71\x42\x21"
|
||||
"\x07\x8d\xbd\x5c\x17\xf4\xfd\xd8\x9b\x32\xa9\x07";
|
||||
vec.sSz = 48;
|
||||
#endif
|
||||
break;
|
||||
#endif /* HAVE_ECC384 */
|
||||
|
||||
@ -29025,7 +29026,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
|
||||
vec.R = "0bd117b4807710898f9dd7778056485777668f0e78e6ddf5b000356121eb7a220e9493c7f9a57c077947f89ac45d5acb6661bbcd17abb3faea149ba0aa3bb1521be";
|
||||
vec.S = "019cd2c5c3f9870ecdeb9b323abdf3a98cd5e231d85c6ddc5b71ab190739f7f226e6b134ba1d5889ddeb2751dabd97911dff90c34684cdbe7bb669b6c3d22f2480c";
|
||||
vec.curveName = "SECP521R1";
|
||||
#ifndef NO_ASN
|
||||
vec.r = (byte*)"\xbd\x11\x7b\x48\x07\x71\x08\x98\xf9\xdd\x77\x78"
|
||||
"\x05\x64\x85\x77\x76\x68\xf0\xe7\x8e\x6d\xdf\x5b"
|
||||
"\x00\x03\x56\x12\x1e\xb7\xa2\x20\xe9\x49\x3c\x7f"
|
||||
@ -29040,7 +29040,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
|
||||
"\xdf\xf9\x0c\x34\x68\x4c\xdb\xe7\xbb\x66\x9b\x6c"
|
||||
"\x3d\x22\xf2\x48\x0c";
|
||||
vec.sSz = 65;
|
||||
#endif
|
||||
break;
|
||||
#endif /* HAVE_ECC521 */
|
||||
default:
|
||||
@ -29838,6 +29837,15 @@ static wc_test_ret_t ecc_test_make_pub(WC_RNG* rng)
|
||||
#ifdef HAVE_ECC_VERIFY
|
||||
int verify = 0;
|
||||
#endif
|
||||
#ifdef NO_ASN
|
||||
/* private d for eccKeyDerFile / ecc_key_der_256 */
|
||||
const byte keyPriv[] = {
|
||||
0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85,
|
||||
0xA1, 0x38, 0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC,
|
||||
0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04, 0xFA, 0x6C,
|
||||
0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C
|
||||
};
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||
if ((key == NULL) ||
|
||||
@ -29892,6 +29900,7 @@ static wc_test_ret_t ecc_test_make_pub(WC_RNG* rng)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, done);
|
||||
}
|
||||
|
||||
#ifndef NO_ASN
|
||||
x = 0;
|
||||
ret = wc_EccPrivateKeyDecode(tmp, &x, key, tmpSz);
|
||||
if (ret != 0)
|
||||
@ -29917,6 +29926,10 @@ static wc_test_ret_t ecc_test_make_pub(WC_RNG* rng)
|
||||
}
|
||||
|
||||
#endif /* HAVE_ECC_KEY_EXPORT */
|
||||
#else
|
||||
/* Load raw private d directly */
|
||||
ret = wc_ecc_import_private_key(keyPriv, sizeof(keyPriv), NULL, 0, key);
|
||||
#endif /* !NO_ASN */
|
||||
|
||||
ret = wc_ecc_make_pub(NULL, NULL);
|
||||
if (ret == 0) {
|
||||
@ -29936,7 +29949,7 @@ static wc_test_ret_t ecc_test_make_pub(WC_RNG* rng)
|
||||
#endif
|
||||
if (ret != 0)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
|
||||
#endif
|
||||
#endif /* !WOLFSSL_CRYPTOCELL */
|
||||
TEST_SLEEP();
|
||||
|
||||
#ifdef HAVE_ECC_KEY_EXPORT
|
||||
@ -31396,7 +31409,7 @@ static wc_test_ret_t ecc_def_curve_test(WC_RNG *rng)
|
||||
#else
|
||||
ecc_key key[1];
|
||||
#endif
|
||||
#if !defined(NO_ECC_SECP) && \
|
||||
#if !defined(NO_ECC_SECP) && !defined(NO_ASN) && \
|
||||
((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
|
||||
(defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)))
|
||||
word32 idx = 0;
|
||||
@ -31449,7 +31462,7 @@ static wc_test_ret_t ecc_def_curve_test(WC_RNG *rng)
|
||||
(void)rng;
|
||||
#endif /* !WC_NO_RNG */
|
||||
|
||||
#if !defined(NO_ECC_SECP) && \
|
||||
#if !defined(NO_ECC_SECP) && !defined(NO_ASN) && \
|
||||
((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
|
||||
(defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)))
|
||||
/* Use test ECC key - ensure real private "d" exists */
|
||||
|
@ -31,7 +31,7 @@
|
||||
|
||||
#define FSPSM_W_KEYVAR renesas_sce_wrappedkey
|
||||
#define FSPSM_tls_flg_ST sce_keyflgs_tls
|
||||
#define FSPSM_key_flg_ST sce_keyflgs_cryt
|
||||
#define FSPSM_key_flg_ST sce_keyflgs_crypt
|
||||
#define FSPSM_tag_ST tagUser_SCEPKCbInfo
|
||||
#define FSPSM_ST User_SCEPKCbInfo
|
||||
#define FSPSM_ST_PKC SCE_PKCbInfo
|
||||
@ -171,7 +171,7 @@
|
||||
/* structure, type so on */
|
||||
#define FSPSM_W_KEYVAR renesas_rsip_wrappedkey
|
||||
#define FSPSM_tls_flg_ST rsip_keyflgs_tls
|
||||
#define FSPSM_key_flg_ST rsip_keyflgs_cryt
|
||||
#define FSPSM_key_flg_ST rsip_keyflgs_crypt
|
||||
#define FSPSM_tag_ST tagUser_RSIPPKCbInfo
|
||||
#define FSPSM_ST User_RSIPPKCbInfo
|
||||
#define FSPSM_ST_PKC RSIP_PKCbInfo
|
||||
|
@ -36,8 +36,16 @@
|
||||
#endif
|
||||
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
#include <wolfssl/wolfcrypt/types.h>
|
||||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
#include <wolfssl/wolfcrypt/hash.h>
|
||||
#ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY
|
||||
#include <wolfssl/ssl.h>
|
||||
#endif
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
#include <wolfssl/wolfcrypt/cryptocb.h>
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
@ -51,7 +59,7 @@ extern "C" {
|
||||
typedef enum {
|
||||
WOLFSSL_TSIP_NOERROR = 0,
|
||||
WOLFSSL_TSIP_ILLEGAL_CIPHERSUITE = 0xffffffff,
|
||||
}wolfssl_tsip_error_number;
|
||||
} wolfssl_tsip_error_number;
|
||||
|
||||
typedef enum {
|
||||
tsip_Key_SESSION = 1,
|
||||
@ -84,19 +92,24 @@ enum {
|
||||
TSIP_TLS_VERIFY_DATA_WD_SZ = 8,
|
||||
TSIP_TLS_MAX_SIGDATA_SZ = 130,
|
||||
TSIP_TEMP_WORK_SIZE = 128,
|
||||
|
||||
TSIP_MAX_ECC_BYTES = 48,
|
||||
};
|
||||
|
||||
typedef enum {
|
||||
TSIP_KEY_TYPE_RSA2048 = 0,
|
||||
TSIP_KEY_TYPE_RSA4096 = 1,
|
||||
TSIP_KEY_TYPE_ECDSAP256 = 2,
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
|
||||
TSIP_KEY_TYPE_RSA1024 = 3,
|
||||
TSIP_KEY_TYPE_RSA1024 = 1, /* TSIP_RSA1024 */
|
||||
#endif
|
||||
|
||||
TSIP_KEY_TYPE_RSA2048 = 2, /* TSIP_RSA2048 */
|
||||
TSIP_KEY_TYPE_RSA3072 = 3, /* TSIP_RSA3072 */
|
||||
TSIP_KEY_TYPE_RSA4096 = 4, /* TSIP_RSA4096 */
|
||||
TSIP_KEY_TYPE_ECDSAP256 = 5, /* TSIP_ECCP256 */
|
||||
TSIP_KEY_TYPE_ECDSAP384 = 6, /* TSIP_ECCP384 */
|
||||
} wolfssl_TSIP_KEY_TYPE;
|
||||
|
||||
|
||||
struct WOLFSSL;
|
||||
struct ecc_key;
|
||||
struct KeyShareEntry;
|
||||
|
||||
/* MsgBag stands for message bag and acts as a buffer for holding plain text
|
||||
@ -121,26 +134,33 @@ typedef struct MsgBag
|
||||
} MsgBag;
|
||||
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
|
||||
|
||||
typedef void* renesas_tsip_key;
|
||||
|
||||
/* flags Crypt Only */
|
||||
struct tsip_keyflgs_cryt {
|
||||
uint8_t aes256_key_set:1;
|
||||
uint8_t aes128_key_set:1;
|
||||
uint8_t rsapri2048_key_set:1;
|
||||
uint8_t rsapub2048_key_set:1;
|
||||
uint8_t rsapri1024_key_set:1;
|
||||
uint8_t rsapub1024_key_set:1;
|
||||
uint8_t message_type:1;/*message 0, hashed 1*/
|
||||
};
|
||||
/* flags Crypt Only */
|
||||
struct tsip_keyflgs_crypt {
|
||||
uint32_t aes256_key_set:1;
|
||||
uint32_t aes128_key_set:1;
|
||||
uint32_t rsapri2048_key_set:1;
|
||||
uint32_t rsapub2048_key_set:1;
|
||||
uint32_t rsapri1024_key_set:1;
|
||||
uint32_t rsapub1024_key_set:1;
|
||||
uint32_t eccpri_key_set:1;
|
||||
uint32_t eccpub_key_set:1;
|
||||
uint32_t message_type:1; /*message 0, hashed 1*/
|
||||
};
|
||||
#endif
|
||||
|
||||
/*
|
||||
* TsipUserCtx holds mainly keys used for TLS handshake in TSIP specific format.
|
||||
*/
|
||||
typedef struct TsipUserCtx {
|
||||
/* unique number for each session */
|
||||
int devId;
|
||||
|
||||
/* client key pair wrapped by provisioning key */
|
||||
byte* wrappedPrivateKey;
|
||||
byte* wrappedPublicKey;
|
||||
|
||||
int wrappedKeyType;
|
||||
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_TLS
|
||||
/* 0:working as a TLS client, 1: as a server */
|
||||
byte side;
|
||||
@ -159,24 +179,17 @@ typedef struct TsipUserCtx {
|
||||
|
||||
/* handle is used as work area for Tls13 handshake */
|
||||
tsip_tls13_handle_t handle13;
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_TLS */
|
||||
/* client key pair wrapped by provisioning key */
|
||||
byte* wrappedPrivateKey;
|
||||
byte* wrappedPublicKey;
|
||||
|
||||
int wrappedKeyType;
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_TLS
|
||||
#if !defined(NO_RSA)
|
||||
#if !defined(NO_RSA)
|
||||
/* RSA-2048bit private and public key-index for client authentication */
|
||||
tsip_rsa2048_private_key_index_t Rsa2048PrivateKeyIdx;
|
||||
tsip_rsa2048_public_key_index_t Rsa2048PublicKeyIdx;
|
||||
#endif /* !NO_RSA */
|
||||
|
||||
#if defined(HAVE_ECC)
|
||||
/* ECC P256 private and public key-index for client authentication */
|
||||
tsip_ecc_private_key_index_t EcdsaP256PrivateKeyIdx;
|
||||
tsip_ecc_public_key_index_t EcdsaP256PublicKeyIdx;
|
||||
#endif /* HAVE_ECC */
|
||||
#endif /* !NO_RSA */
|
||||
#if defined(HAVE_ECC)
|
||||
/* ECC private and public key-index for client authentication */
|
||||
tsip_ecc_private_key_index_t EcdsaPrivateKeyIdx;
|
||||
tsip_ecc_public_key_index_t EcdsaPublicKeyIdx;
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
/* ECDHE private key index for Tls13 handshake */
|
||||
tsip_tls_p256_ecc_key_index_t EcdhPrivKey13Idx;
|
||||
@ -226,7 +239,6 @@ typedef struct TsipUserCtx {
|
||||
/* signature data area for TLS1.3 CertificateVerify message */
|
||||
byte sigDataCertVerify[TSIP_TLS_MAX_SIGDATA_SZ];
|
||||
|
||||
|
||||
#if (WOLFSSL_RENESAS_TSIP_VER >=109)
|
||||
/* out from R_SCE_TLS_ServerKeyExchangeVerify */
|
||||
uint32_t encrypted_ephemeral_ecdh_public_key[ENCRYPTED_ECDHE_PUBKEY_SZ];
|
||||
@ -248,47 +260,19 @@ typedef struct TsipUserCtx {
|
||||
uint32_t tsip_masterSecret[TSIP_TLS_MASTERSECRET_SIZE/4];
|
||||
uint8_t tsip_clientRandom[TSIP_TLS_CLIENTRANDOM_SZ];
|
||||
uint8_t tsip_serverRandom[TSIP_TLS_SERVERRANDOM_SZ];
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_TLS */
|
||||
/* for tsip crypt only mode */
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
|
||||
|
||||
renesas_tsip_key rsa1024pri_keyIdx;
|
||||
renesas_tsip_key rsa1024pub_keyIdx;
|
||||
renesas_tsip_key rsa2048pri_keyIdx;
|
||||
renesas_tsip_key rsa2048pub_keyIdx;
|
||||
|
||||
/* sign/verify hash type :
|
||||
* md5, sha1 or sha256
|
||||
*/
|
||||
int sing_hash_type;
|
||||
|
||||
/* flags shows status if tsip keys are installed */
|
||||
union {
|
||||
uint8_t chr;
|
||||
struct tsip_keyflgs_cryt bits;
|
||||
} keyflgs_crypt;
|
||||
|
||||
#endif
|
||||
/* installed key handling */
|
||||
tsip_aes_key_index_t user_aes256_key_index;
|
||||
uint8_t user_aes256_key_set:1;
|
||||
tsip_aes_key_index_t user_aes128_key_index;
|
||||
uint8_t user_aes128_key_set:1;
|
||||
|
||||
/* TSIP defined cipher suite number */
|
||||
uint32_t tsip_cipher;
|
||||
|
||||
/* flags */
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_TLS
|
||||
#if !defined(NO_RSA)
|
||||
#if !defined(NO_RSA)
|
||||
uint8_t ClientRsa2048PrivKey_set:1;
|
||||
uint8_t ClientRsa2048PubKey_set:1;
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ECC)
|
||||
uint8_t ClientEccP256PrivKey_set:1;
|
||||
uint8_t ClientEccP256PubKey_set:1;
|
||||
#endif
|
||||
#endif
|
||||
#if defined(HAVE_ECC)
|
||||
uint8_t ClientEccPrivKey_set:1;
|
||||
uint8_t ClientEccPubKey_set:1;
|
||||
#endif
|
||||
|
||||
uint8_t HmacInitialized:1;
|
||||
uint8_t RootCAverified:1;
|
||||
@ -308,6 +292,39 @@ typedef struct TsipUserCtx {
|
||||
uint8_t session_key_set:1;
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_TLS */
|
||||
|
||||
/* installed key handling */
|
||||
tsip_aes_key_index_t user_aes256_key_index;
|
||||
uint8_t user_aes256_key_set:1;
|
||||
tsip_aes_key_index_t user_aes128_key_index;
|
||||
uint8_t user_aes128_key_set:1;
|
||||
|
||||
/* for tsip crypt only mode */
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
|
||||
#ifndef NO_RSA
|
||||
tsip_rsa1024_private_key_index_t* rsa1024pri_keyIdx;
|
||||
tsip_rsa1024_public_key_index_t* rsa1024pub_keyIdx;
|
||||
tsip_rsa2048_private_key_index_t* rsa2048pri_keyIdx;
|
||||
tsip_rsa2048_public_key_index_t* rsa2048pub_keyIdx;
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
#ifdef HAVE_ECC_SIGN
|
||||
tsip_ecc_private_key_index_t eccpri_keyIdx;
|
||||
#endif
|
||||
tsip_ecc_public_key_index_t eccpub_keyIdx;
|
||||
#endif
|
||||
|
||||
/* sign/verify hash type :
|
||||
* md5, sha1 or sha256
|
||||
*/
|
||||
int sign_hash_type;
|
||||
|
||||
/* flags shows status if tsip keys are installed */
|
||||
union {
|
||||
uint32_t chr;
|
||||
struct tsip_keyflgs_crypt bits;
|
||||
} keyflgs_crypt;
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */
|
||||
|
||||
} TsipUserCtx;
|
||||
|
||||
typedef TsipUserCtx RenesasUserCtx;
|
||||
@ -372,7 +389,7 @@ WOLFSSL_API int tsip_use_PrivateKey_buffer_TLS(struct WOLFSSL* ssl,
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
WOLFSSL_API int tsip_use_PubicKey_buffer_crypt(TsipUserCtx *uc,
|
||||
WOLFSSL_API int tsip_use_PublicKey_buffer_crypt(TsipUserCtx *uc,
|
||||
const char* keyBuf, int keyBufLen, int keyType);
|
||||
WOLFSSL_API int tsip_use_PrivateKey_buffer_crypt(TsipUserCtx *uc,
|
||||
const char* keyBuf, int keyBufLen, int keyType);
|
||||
@ -401,22 +418,29 @@ WOLFSSL_API void tsip_inform_user_keys(
|
||||
/*----------------------------------------------------*/
|
||||
/* internal use functions */
|
||||
/*----------------------------------------------------*/
|
||||
WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc);
|
||||
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
|
||||
WOLFSSL* ssl,
|
||||
struct WOLFSSL* ssl,
|
||||
unsigned char* sig, unsigned int sigSz,
|
||||
unsigned char** out,
|
||||
const unsigned char* keyDer, unsigned int keySz,
|
||||
void* ctx);
|
||||
|
||||
WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc);
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
|
||||
struct wc_CryptoInfo;
|
||||
|
||||
WOLFSSL_LOCAL int tsip_SignRsaPkcs(struct wc_CryptoInfo* info,
|
||||
TsipUserCtx* tuc);
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(struct wc_CryptoInfo* info,
|
||||
TsipUserCtx* tuc);
|
||||
|
||||
WOLFSSL_LOCAL int tsip_SignEcdsa(struct wc_CryptoInfo* info, TsipUserCtx* tuc);
|
||||
|
||||
WOLFSSL_LOCAL int tsip_VerifyEcdsa(struct wc_CryptoInfo* info, TsipUserCtx* tuc);
|
||||
|
||||
WOLFSSL_LOCAL int tsip_TlsCleanup(struct WOLFSSL* ssl);
|
||||
|
||||
WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data,
|
||||
@ -505,23 +529,23 @@ WOLFSSL_LOCAL int wc_tsip_generateMasterSecret(
|
||||
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_storeKeyCtx(
|
||||
WOLFSSL *ssl,
|
||||
struct WOLFSSL *ssl,
|
||||
TsipUserCtx *userCtx);
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_generateEncryptPreMasterSecret(
|
||||
WOLFSSL* ssl,
|
||||
struct WOLFSSL* ssl,
|
||||
byte* out,
|
||||
word32* outSz);
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_EccSharedSecret(
|
||||
WOLFSSL* ssl,
|
||||
struct WOLFSSL* ssl,
|
||||
struct ecc_key* otherKey,
|
||||
unsigned char* pubKeyDer, unsigned int* pubKeySz,
|
||||
unsigned char* out, unsigned int* outlen,
|
||||
int side, void* ctx);
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_RsaVerify(
|
||||
WOLFSSL* ssl,
|
||||
struct WOLFSSL* ssl,
|
||||
byte* sig,
|
||||
word32 sigSz,
|
||||
byte** out,
|
||||
@ -530,7 +554,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerify(
|
||||
void* ctx);
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_EccVerify(
|
||||
WOLFSSL* ssl,
|
||||
struct WOLFSSL* ssl,
|
||||
const byte* sig, word32 sigSz,
|
||||
const byte* hash, word32 hashSz,
|
||||
const byte* key, word32 keySz,
|
||||
@ -571,14 +595,14 @@ WOLFSSL_LOCAL int wc_tsip_AesGcmDecrypt(
|
||||
void* ctx);
|
||||
#endif /* NO_AES */
|
||||
WOLFSSL_LOCAL int wc_tsip_ShaXHmacVerify(
|
||||
const WOLFSSL *ssl,
|
||||
const struct WOLFSSL *ssl,
|
||||
const byte* message,
|
||||
word32 messageSz,
|
||||
word32 macSz,
|
||||
word32 content);
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_Sha1HmacGenerate(
|
||||
const WOLFSSL *ssl,
|
||||
const struct WOLFSSL *ssl,
|
||||
const byte* myInner,
|
||||
word32 innerSz,
|
||||
const byte* in,
|
||||
@ -586,7 +610,7 @@ WOLFSSL_LOCAL int wc_tsip_Sha1HmacGenerate(
|
||||
byte* digest);
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_Sha256HmacGenerate(
|
||||
const WOLFSSL *ssl,
|
||||
const struct WOLFSSL *ssl,
|
||||
const byte* myInner,
|
||||
word32 innerSz,
|
||||
const byte* in,
|
||||
@ -601,7 +625,7 @@ WOLFSSL_LOCAL int tsip_hw_lock();
|
||||
|
||||
WOLFSSL_LOCAL void tsip_hw_unlock( void );
|
||||
|
||||
WOLFSSL_LOCAL int tsip_usable(const WOLFSSL *ssl,
|
||||
WOLFSSL_LOCAL int tsip_usable(const struct WOLFSSL *ssl,
|
||||
uint8_t session_key_generated);
|
||||
|
||||
WOLFSSL_LOCAL void tsip_inform_sflash_signedcacert(
|
||||
@ -631,13 +655,11 @@ WOLFSSL_LOCAL int wc_tsip_generatePremasterSecret(
|
||||
word32 preSz);
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_generateSessionKey(
|
||||
WOLFSSL* ssl,
|
||||
struct WOLFSSL* ssl,
|
||||
TsipUserCtx* ctx,
|
||||
int devId);
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx);
|
||||
WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info,
|
||||
TsipUserCtx* tuc);
|
||||
|
||||
WOLFSSL_LOCAL int wc_tsip_GenerateRandBlock(byte* output, word32 size);
|
||||
|
||||
|
@ -21,9 +21,14 @@
|
||||
#ifndef __RENESAS_CMN_H__
|
||||
#define __RENESAS_CMN_H__
|
||||
|
||||
|
||||
|
||||
#include <wolfssl/ssl.h>
|
||||
|
||||
#ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY
|
||||
#include <wolfssl/internal.h>
|
||||
|
||||
|
||||
/* Common Callbacks */
|
||||
WOLFSSL_LOCAL int Renesas_cmn_RsaSignCb(WOLFSSL* ssl,
|
||||
const unsigned char* in, unsigned int inSz,
|
||||
@ -69,8 +74,6 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig, unsigne
|
||||
|
||||
/* Common Methods */
|
||||
WOLFSSL_LOCAL void* Renesas_cmn_GetCbCtxBydevId(int devId);
|
||||
int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx);
|
||||
void wc_CryptoCb_CleanupRenesasCmn(int* id);
|
||||
int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
|
||||
word32 key_n_start, word32 key_n_len, word32 key_e_start,
|
||||
word32 key_e_len, word32 cm_row);
|
||||
@ -80,4 +83,9 @@ WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
|
||||
const byte *handshake_hash, word32 hashSz,
|
||||
byte *hashes, void* ctx);
|
||||
WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx);
|
||||
#endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */
|
||||
|
||||
int wc_CryptoCb_CryptInitRenesasCmn(struct WOLFSSL* ssl, void* ctx);
|
||||
void wc_CryptoCb_CleanupRenesasCmn(int* id);
|
||||
|
||||
#endif /* __RENESAS_CMN_H__ */
|
||||
|
@ -25,6 +25,7 @@
|
||||
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
#include <wolfssl/wolfcrypt/types.h>
|
||||
|
||||
#if (!defined(NO_SHA) || !defined(NO_SHA256)) && \
|
||||
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
|
||||
@ -33,12 +34,6 @@ typedef enum {
|
||||
TSIP_SHA256 = 1,
|
||||
} TSIP_SHA_TYPE;
|
||||
|
||||
typedef enum {
|
||||
TSIP_RSA2048,
|
||||
TSIP_RSA4096,
|
||||
TSIP_ECCP256,
|
||||
} TSIP_KEY_TYPE;
|
||||
|
||||
typedef struct {
|
||||
byte* msg;
|
||||
void* heap;
|
||||
@ -54,16 +49,27 @@ typedef struct {
|
||||
/* RAW hash function APIs are not implemented with TSIP */
|
||||
#define WOLFSSL_NO_HASH_RAW
|
||||
|
||||
#ifndef NO_SHA
|
||||
typedef wolfssl_TSIP_Hash wc_Sha;
|
||||
|
||||
#if !defined(NO_SHA256)
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
typedef wolfssl_TSIP_Hash wc_Sha256;
|
||||
#endif
|
||||
|
||||
#endif /* NO_SHA */
|
||||
#endif /* !NO_SHA || !NO_SHA256 */
|
||||
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT) ||\
|
||||
typedef enum {
|
||||
TSIP_RSA1024 = 1,
|
||||
TSIP_RSA2048 = 2,
|
||||
TSIP_RSA3072 = 3,
|
||||
TSIP_RSA4096 = 4,
|
||||
TSIP_ECCP256 = 5,
|
||||
TSIP_ECCP384 = 6,
|
||||
} TSIP_KEY_TYPE;
|
||||
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT) || \
|
||||
defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
|
||||
#include "r_tsip_rx_if.h"
|
||||
|
||||
|
Reference in New Issue
Block a user