Fixes for build warnings for CryptoCell with ECC and RSA.

IDE/CRYPTOCELL/user_settings.h

@@ -138,6 +138,9 @@ extern "C" {
 #if 1
     #define HAVE_ECC
 
+    #include <strings.h>
+    /* strings.h required for strncasecmp */
+
     /* Manually define enabled curves */
     #undef  ECC_USER_CURVES
     #define ECC_USER_CURVES

wolfcrypt/src/ecc.c

@@ -1178,7 +1178,8 @@ static int wc_ecc_export_x963_compressed(ecc_key*, byte* out, word32* outLen);
 
 
 #if (defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || !defined(WOLFSSL_SP_MATH)) && \
-    !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
+    !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
+    !defined(WOLFSSL_CRYPTOCELL)
 static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a,
         mp_int* prime, mp_int* order);
 #endif
@@ -3824,7 +3825,7 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
     err = CRYS_ECDH_SVDP_DH(&public_key->ctx.pubKey,
                             &private_key->ctx.privKey,
                             out,
-                            outlen,
+                            (uint32_t*)outlen,
                             &tempBuff);
 
     if (err != SA_SILIB_RET_OK){
@@ -4563,7 +4564,7 @@ int wc_ecc_make_key_ex2(WC_RNG* rng, int keysize, ecc_key* key, int curve_id,
     err = CRYS_ECPKI_ExportPublKey(&key->ctx.pubKey,
                                    CRYS_EC_PointUncompressed,
                                    &ucompressed_key[0],
-                                   &raw_size);
+                                   (uint32_t*)&raw_size);
 
     if (err == SA_SILIB_RET_OK && key->pubkey.x && key->pubkey.y) {
         err = mp_read_unsigned_bin(key->pubkey.x,
@@ -4577,7 +4578,7 @@ int wc_ecc_make_key_ex2(WC_RNG* rng, int keysize, ecc_key* key, int curve_id,
     if (err == MP_OKAY) {
         err = CRYS_ECPKI_ExportPrivKey(&key->ctx.privKey,
                                        ucompressed_key,
-                                       &raw_size);
+                                       (uint32_t*)&raw_size);
     }
 
     if (err == SA_SILIB_RET_OK) {
@@ -4993,7 +4994,7 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen,
                                (byte*)in,
                                msgLenInBytes,
                                out,
-                               &raw_sig_size);
+                               (uint32_t*)&raw_sig_size);
 
         if (err != SA_SILIB_RET_OK){
             WOLFSSL_MSG("CRYS_ECDSA_Sign failed");
@@ -7656,7 +7657,8 @@ int wc_ecc_check_key(ecc_key* key)
 #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
     defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL)
 
-    err = 0; /* consider key check success on ATECC508/608A */
+    err = 0; /* consider key check success on ATECC508/608A and CryptoCell */
+    (void)err;
 
 #else
     #ifdef USE_ECC_B_PARAM
@@ -7751,9 +7753,8 @@ int wc_ecc_check_key(ecc_key* key)
 #endif
 
     FREE_CURVE_SPECS();
-
-    return err;
 #endif /* WOLFSSL_ATECC508A */
+    return err;
 #else
     return WC_KEY_SIZE_E;
 #endif /* !WOLFSSL_SP_MATH */
@@ -8095,7 +8096,6 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
     int ret;
 #ifdef WOLFSSL_CRYPTOCELL
     const CRYS_ECPKI_Domain_t* pDomain;
-    CRYS_ECPKI_BUILD_TempData_t tempBuff;
 #endif
     if (key == NULL || priv == NULL)
         return BAD_FUNC_ARG;

wolfcrypt/src/signature.c

@@ -48,6 +48,13 @@
 /* Signature wrapper disabled check */
 #ifndef NO_SIG_WRAPPER
 
+#ifdef WOLFSSL_CRYPTOCELL
+extern int cc310_RsaSSL_Verify(const byte* in, word32 inLen, byte* sig,
+                            RsaKey* key, CRYS_RSA_HASH_OpMode_t mode);
+extern int cc310_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
+                word32 outLen, RsaKey* key, CRYS_RSA_HASH_OpMode_t mode);
+#endif
+
 #if !defined(NO_RSA) && !defined(NO_ASN)
 static int wc_SignatureDerEncode(enum wc_HashType hash_type, byte* hash_data,
     word32 hash_len, word32* hash_enc_len)
@@ -178,12 +185,12 @@ int wc_SignatureVerifyHash(
 #ifndef NO_RSA
     #ifdef WOLFSSL_CRYPTOCELL
         if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
-            ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig, key,
-                                              cc310_hashModeRSA(hash_type, 0));
+            ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig,
+                (RsaKey*)key, cc310_hashModeRSA(hash_type, 0));
         }
         else {
-            ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig, key,
-                                              cc310_hashModeRSA(hash_type, 1));
+            ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig,
+                (RsaKey*)key, cc310_hashModeRSA(hash_type, 1));
         }
     #else
 
@@ -400,12 +407,12 @@ int wc_SignatureGenerateHash_ex(
             /* use expected signature size (incoming sig_len could be larger buffer */
             *sig_len = wc_SignatureGetSize(sig_type, key, key_len);
             if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
-                ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, key,
-                                        cc310_hashModeRSA(hash_type, 0));
+                ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len,
+                    (RsaKey*)key, cc310_hashModeRSA(hash_type, 0));
             }
             else {
-                ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, key,
-                                        cc310_hashModeRSA(hash_type, 1));
+                ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len,
+                    (RsaKey*)key, cc310_hashModeRSA(hash_type, 1));
            }
     #else
             /* Create signature using provided RSA key */

wolfcrypt/test/test.c

@@ -7621,9 +7621,11 @@ static int aes_key_size_test(void)
 #endif
     byte   key16[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
                        0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 };
+#ifndef WOLFSSL_CRYPTOCELL
     byte   key24[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
                        0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
                        0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 };
+#endif
     byte   key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
                        0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
                        0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
@@ -7700,7 +7702,7 @@ static int aes_key_size_test(void)
     if (ret != 0 || keySize != sizeof(key16))
         ERROR_OUT(-5310, out);
 #endif
-#if !defined(WOLFSSL_CRYPTOCELL)
+#ifndef WOLFSSL_CRYPTOCELL
 /* Cryptocell only supports AES-128 key size */
     ret = wc_AesSetKey(aes, key24, sizeof(key24), iv, AES_ENCRYPTION);
 #ifdef WOLFSSL_AES_192
@@ -14435,7 +14437,9 @@ static int rsa_keygen_test(WC_RNG* rng)
 #endif
     int    ret;
     byte*  der = NULL;
+#ifndef WOLFSSL_CRYPTOCELL
     word32 idx = 0;
+#endif
     int    derSz = 0;
 #if !defined(WOLFSSL_SP_MATH) && !defined(HAVE_FIPS)
     int    keySz = 1024;
@@ -14495,8 +14499,9 @@ static int rsa_keygen_test(WC_RNG* rng)
     if (ret != 0) {
         ERROR_OUT(-7875, exit_rsa);
     }
+
+#ifndef WOLFSSL_CRYPTOCELL
     idx = 0;
-#if !defined(WOLFSSL_CRYPTOCELL)
     /* The private key part of the key gen pairs from cryptocell can't be exported */
     ret = wc_RsaPrivateKeyDecode(der, &idx, genKey, derSz);
     if (ret != 0) {