diff --git a/IDE/Renesas/e2studio/DK-S7G2/README.md b/IDE/Renesas/e2studio/DK-S7G2/README.md index 4c999418e..211a054e0 100644 --- a/IDE/Renesas/e2studio/DK-S7G2/README.md +++ b/IDE/Renesas/e2studio/DK-S7G2/README.md @@ -1,27 +1,29 @@ - -## Building wolfSSL For DK-S7G2 - -- First physically toggle the ENET1 and JTAG switch to on with the DK-S7G2 board. -- Open e2studio and set the workspace to be wolfssl-X.X.X/IDE/Renesas/e2studio/DK-S7G2/ -- Create a Synergy library project named wolfssl "File->New->Synergy C/C++ Project", "Renesas Synergy C Library Project" then "Next", set wolfssl as the "Project Name" then "Next", set Board to "S7G2 DK" then "Next", finally select the BSP radius and click "Finish" -- Copy configuration.xml and .project from wolfssl-X.X.X/IDE/Renesas/e2studio/DK-S7G2/wolfssl-template-project/ into the wolfssl-X.X.X/IDE/Renesas/e2studio/DK-S7G2/wolfssl directory -- (optional but necessary for production) Add TRNG support by clicking on Threads tab and highlight HAL/Common click "New Stack > Driver > Crypto > TRNG Driver on r_sce_trng". Then uncomment WOLFSSL_SCE define in wolfssl project src/user_settings.h -- Generate the changes by clicking on "Generate Project Content" -- Exclude src/wolfcrypt/port and all src/wolfcrypt/*.S and src/wolfcrypt/*.asm files from the build -- Exclude src/wolfcrypt/evp.c, src/wolfcrypt/misc.c and src/wolfssl/bio.c -- Set the Preprocessor define in wolfssl proejct to have WOLFSSL_USER_SETTINGS. Right click on wolfssl project "Properties -> C/C++ Build -> GNU ARM Cross C Compiler -> Preprocessor" add WOLFSSL_USER_SETTINGS under "Defined symbols" -- Set include to wolfssl directory. Right click on project "Properties -> C/C++Build -> GNU ARM Cross Compiler -> Includes". Add "${ProjDirPath}/../../../../.." and "${ProjDirPath}/../" -- Build wolfssl by right clicking on wolfssl project and selecting "Build Project" - -## Example Projects and Building - -- Create a new Synergy project "Renesas Synergy C Project Using Synergy Library" -- Set it to use the wolfssl library -- Copy in the .cproject, .project and source file from the template desired i.e. wolfssl-X.X.X/IDE/Renesas/e2studio/DK-S7G2/wolfcrypttest-template/ -- Right click on the created project and select "Build Project" - -The example_server loops looking to accept connections and closes immediatly after a successful connection was made. - -The benchmark example tries to do a TCP connection to SERVER_IP on port 11112 and a TLS connection to SERVER_IP on port 11111 then does wolfCrypt benchmark collection. - + +## Building wolfSSL For DK-S7G2 + +- First physically toggle the ENET1 and JTAG switch to on with the DK-S7G2 board. +- Open e2studio and set the workspace to be wolfssl-X.X.X/IDE/Renesas/e2studio/DK-S7G2/ +- Create a Synergy library project named wolfssl "File->New->Synergy C/C++ Project", "Renesas Synergy C Library Project" then "Next", set wolfssl as the "Project Name" then "Next", set Board to "S7G2 DK" then "Next", finally select the BSP radius and click "Finish" +- Copy configuration.xml and .project from wolfssl-X.X.X/IDE/Renesas/e2studio/DK-S7G2/wolfssl-template-project/ into the wolfssl-X.X.X/IDE/Renesas/e2studio/DK-S7G2/wolfssl directory +- (optional but necessary for production) Add TRNG support by clicking on Threads tab and highlight HAL/Common click "New Stack > Driver > Crypto > TRNG Driver on r_sce_trng". Then comment out WOLFSSL_SCE_NO_TRNG define in wolfssl project src/user_settings.h +- (optional SHA acceleration) Add HASH support by clicking on Threads tab and highlight HAL/Common click "New Stack > Driver > Crypto > HASH Driver on r_sce_hash". Then uncomment WOLFSSL_SCE_NO_HASH define in wolfssl project src/user_settings.h +- (optional AES acceleration) Add the stacks for AES128, AES192, and AES256. Click on Threads tab and highlight HAL/Common click "New Stack > Driver > Crypto > AES Driver on r_sce_aes". Add three one for each key size and rename them to g_sce_aes_256, g_sce_aes_192, and g_sce_aes_128. Changing each to ECB chaining mode and the key length that matches the name. +- Generate the changes by clicking on "Generate Project Content" +- Exclude src/wolfcrypt/port and all src/wolfcrypt/*.S and src/wolfcrypt/*.asm files from the build +- Exclude src/wolfcrypt/evp.c, src/wolfcrypt/misc.c and src/wolfssl/bio.c +- Set the Preprocessor define in wolfssl proejct to have WOLFSSL_USER_SETTINGS. Right click on wolfssl project "Properties -> C/C++ Build -> GNU ARM Cross C Compiler -> Preprocessor" add WOLFSSL_USER_SETTINGS under "Defined symbols" +- Set include to wolfssl directory. Right click on project "Properties -> C/C++Build -> GNU ARM Cross Compiler -> Includes". Add "${ProjDirPath}/../../../../.." and "${ProjDirPath}/../" +- Build wolfssl by right clicking on wolfssl project and selecting "Build Project" + +## Example Projects and Building + +- Create a new Synergy project "Renesas Synergy C Project Using Synergy Library" +- Set it to use the wolfssl library +- Copy in the .cproject, .project and source file from the template desired i.e. wolfssl-X.X.X/IDE/Renesas/e2studio/DK-S7G2/wolfcrypttest-template/ +- Right click on the created project and select "Build Project" + +The example_server loops looking to accept connections and closes immediatly after a successful connection was made. + +The benchmark example tries to do a TCP connection to SERVER_IP on port 11112 and a TLS connection to SERVER_IP on port 11111 then does wolfCrypt benchmark collection. + The wolfcryptest runs through all of the unit tests from wolfcrypt/test/test.c \ No newline at end of file diff --git a/IDE/Renesas/e2studio/DK-S7G2/user_settings.h b/IDE/Renesas/e2studio/DK-S7G2/user_settings.h index ad58cd67f..cdebbd445 100644 --- a/IDE/Renesas/e2studio/DK-S7G2/user_settings.h +++ b/IDE/Renesas/e2studio/DK-S7G2/user_settings.h @@ -12,9 +12,19 @@ #define SYNERGY_CYCLE_COUNT #define BENCH_EMBEDDED -/* Use TRNG */ -//#define WOLFSSL_SCE -#ifndef WOLFSSL_SCE +/* Use turn on all SCE acceleration */ +#define WOLFSSL_SCE + +/* Used to turn off TRNG */ +#define WOLFSSL_SCE_NO_TRNG + +/* Used to turn off AES hardware acc. */ +#define WOLFSSL_SCE_NO_AES + +/* Used to turn off HASH hardware acc. */ +#define WOLFSSL_SCE_NO_HASH + +#if defined(WOLFSSL_SCE_NO_TRNG) /* use unsafe test seed if TRNG not used (not for production) */ #define WOLFSSL_GENSEED_FORTEST #endif @@ -27,6 +37,9 @@ #define HAVE_ONE_TIME_AUTH #define HAVE_AESGCM +#define HAVE_AES_ECB +#define WOLFSSL_AES_DIRECT + #define USE_FAST_MATH #define TFM_TIMING_RESISTANT diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 946fae4fe..10a46ce12 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -772,6 +772,132 @@ #elif defined(WOLFSSL_AFALG) #elif defined(WOLFSSL_DEVCRYPTO_AES) + +#elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES) + #include "hal_data.h" + + #ifndef WOLFSSL_SCE_AES256_HANDLE + #define WOLFSSL_SCE_AES256_HANDLE g_sce_aes_256 + #endif + + #ifndef WOLFSSL_SCE_AES192_HANDLE + #define WOLFSSL_SCE_AES192_HANDLE g_sce_aes_192 + #endif + + #ifndef WOLFSSL_SCE_AES128_HANDLE + #define WOLFSSL_SCE_AES128_HANDLE g_sce_aes_128 + #endif + + static int AES_ECB_encrypt(Aes* aes, const byte* inBlock, byte* outBlock, int sz) + { + uint32_t ret; + + if (g_sce.p_cfg->endian_flag == CRYPTO_WORD_ENDIAN_BIG) { + ByteReverseWords((word32*)inBlock, (word32*)inBlock, sz); + } + + switch (aes->keylen) { + #ifdef WOLFSSL_AES_128 + case AES_128_KEY_SIZE: + ret = WOLFSSL_SCE_AES128_HANDLE.p_api->encrypt(WOLFSSL_SCE_AES128_HANDLE.p_ctrl, aes->key, + NULL, (sz / sizeof(word32)), + (word32*)inBlock, (word32*)outBlock); + break; + #endif + #ifdef WOLFSSL_AES_192 + case AES_192_KEY_SIZE: + ret = WOLFSSL_SCE_AES192_HANDLE.p_api->encrypt(WOLFSSL_SCE_AES192_HANDLE.p_ctrl, aes->key, + NULL, (sz / sizeof(word32)), + (word32*)inBlock, (word32*)outBlock); + break; + #endif + #ifdef WOLFSSL_AES_256 + case AES_256_KEY_SIZE: + ret = WOLFSSL_SCE_AES256_HANDLE.p_api->encrypt(WOLFSSL_SCE_AES256_HANDLE.p_ctrl, aes->key, + NULL, (sz / sizeof(word32)), + (word32*)inBlock, (word32*)outBlock); + break; + #endif + default: + WOLFSSL_MSG("Unknown key size"); + return BAD_FUNC_ARG; + } + + if (ret != SSP_SUCCESS) { + ByteReverseWords((word32*)inBlock, (word32*)inBlock, sz); /* revert input*/ + return WC_HW_E; + } + + if (g_sce.p_cfg->endian_flag == CRYPTO_WORD_ENDIAN_BIG) { + ByteReverseWords((word32*)outBlock, (word32*)outBlock, sz); + if (inBlock != outBlock) { + ByteReverseWords((word32*)inBlock, (word32*)inBlock, sz); /* revert input*/ + } + } + return 0; + } + + #if defined(HAVE_AES_DECRYPT) + static int AES_ECB_decrypt(Aes* aes, const byte* inBlock, byte* outBlock, int sz) + { + uint32_t ret; + + if (g_sce.p_cfg->endian_flag == CRYPTO_WORD_ENDIAN_BIG) { + ByteReverseWords((word32*)inBlock, (word32*)inBlock, sz); + } + + switch (aes->keylen) { + #ifdef WOLFSSL_AES_128 + case AES_128_KEY_SIZE: + ret = WOLFSSL_SCE_AES128_HANDLE.p_api->decrypt(WOLFSSL_SCE_AES128_HANDLE.p_ctrl, aes->key, aes->reg, + (sz / sizeof(word32)), (word32*)inBlock, (word32*)outBlock); + break; + #endif + #ifdef WOLFSSL_AES_192 + case AES_192_KEY_SIZE: + ret = WOLFSSL_SCE_AES192_HANDLE.p_api->decrypt(WOLFSSL_SCE_AES192_HANDLE.p_ctrl, aes->key, aes->reg, + (sz / sizeof(word32)), (word32*)inBlock, (word32*)outBlock); + break; + #endif + #ifdef WOLFSSL_AES_256 + case AES_256_KEY_SIZE: + ret = WOLFSSL_SCE_AES256_HANDLE.p_api->decrypt(WOLFSSL_SCE_AES256_HANDLE.p_ctrl, aes->key, aes->reg, + (sz / sizeof(word32)), (word32*)inBlock, (word32*)outBlock); + break; + #endif + default: + WOLFSSL_MSG("Unknown key size"); + return BAD_FUNC_ARG; + } + if (ret != SSP_SUCCESS) { + return WC_HW_E; + } + + if (g_sce.p_cfg->endian_flag == CRYPTO_WORD_ENDIAN_BIG) { + ByteReverseWords((word32*)outBlock, (word32*)outBlock, sz); + if (inBlock != outBlock) { + ByteReverseWords((word32*)inBlock, (word32*)inBlock, sz); /* revert input*/ + } + } + + return 0; + } + + #endif + + #if defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) + static int wc_AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock) + { + return AES_ECB_encrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE); + } + #endif + + #if defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT) + static int wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) + { + return AES_ECB_decrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE); + } + #endif #else /* using wolfCrypt software implementation */ @@ -1455,6 +1581,10 @@ static void wc_AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock) #endif } #endif +#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES) + AES_ECB_encrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE); + return; +#endif /* * map byte array block to cipher state @@ -1653,6 +1783,9 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) #endif } #endif /* WOLFSSL_AESNI */ +#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES) + return AES_ECB_decrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE); +#endif /* * map byte array block to cipher state @@ -2280,6 +2413,13 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) #endif /* HAVE_AES_DECRYPT */ #endif /* NEED_AES_TABLES */ +#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES) + XMEMCPY((byte*)aes->key, userKey, keylen); + if (g_sce.p_cfg->endian_flag == CRYPTO_WORD_ENDIAN_BIG) { + ByteReverseWords(aes->key, aes->key, 32); + } +#endif + return wc_AesSetIV(aes, iv); } @@ -5705,7 +5845,7 @@ int AES_GCM_encrypt_C(Aes* aes, byte* out, const byte* in, word32 sz, #if defined(HAVE_AES_ECB) && !defined(WOLFSSL_PIC32MZ_CRYPT) /* some hardware acceleration can gain performance from doing AES encryption * of the whole buffer at once */ - if (c != p) { /* can not handle inline encryption */ + if (c != p && blocks > 0) { /* can not handle inline encryption */ while (blocks--) { IncrementGcmCounter(ctr); XMEMCPY(c, ctr, AES_BLOCK_SIZE); @@ -6157,7 +6297,7 @@ int AES_GCM_decrypt_C(Aes* aes, byte* out, const byte* in, word32 sz, #if defined(HAVE_AES_ECB) && !defined(WOLFSSL_PIC32MZ_CRYPT) /* some hardware acceleration can gain performance from doing AES encryption * of the whole buffer at once */ - if (c != p) { /* can not handle inline decryption */ + if (c != p && blocks > 0) { /* can not handle inline decryption */ while (blocks--) { IncrementGcmCounter(ctr); XMEMCPY(p, ctr, AES_BLOCK_SIZE); @@ -6166,6 +6306,7 @@ int AES_GCM_decrypt_C(Aes* aes, byte* out, const byte* in, word32 sz, /* reset number of blocks and then do encryption */ blocks = sz / AES_BLOCK_SIZE; + wc_AesEcbEncrypt(aes, out, out, AES_BLOCK_SIZE * blocks); xorbuf(out, c, AES_BLOCK_SIZE * blocks); c += AES_BLOCK_SIZE * blocks; @@ -7034,6 +7175,26 @@ int wc_AesGetKeySize(Aes* aes, word32* keySize) #elif defined(WOLFSSL_DEVCRYPTO_AES) /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */ +#elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES) + +/* Software AES - ECB */ +int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) +{ + if ((in == NULL) || (out == NULL) || (aes == NULL)) + return BAD_FUNC_ARG; + + return AES_ECB_encrypt(aes, in, out, sz); +} + + +int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) +{ + if ((in == NULL) || (out == NULL) || (aes == NULL)) + return BAD_FUNC_ARG; + + return AES_ECB_decrypt(aes, in, out, sz); +} + #else /* Software AES - ECB */ diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index 860422fcb..d8279886f 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -230,8 +230,12 @@ int wolfCrypt_Init(void) #ifdef WOLFSSL_SCE ret = (int)g_sce.p_api->open(g_sce.p_ctrl, g_sce.p_cfg); - if (ret != SSP_SUCCESS && ret != SSP_ERR_CRYPTO_ALREADY_OPEN) { - WOLFSSL_MSG("Error opening SCE\n"); + if (ret == SSP_ERR_CRYPTO_SCE_ALREADY_OPEN) { + WOLFSSL_MSG("SCE already open"); + ret = 0; + } + if (ret != SSP_SUCCESS) { + WOLFSSL_MSG("Error opening SCE"); return -1; /* FATAL_ERROR */ } #endif