wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 03:07:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added slot callbacks. Improvements for the Atmel time support. Fix to make sure read encryption key is cleared from stack buffer.

Browse Source
This commit is contained in:
David Garske
2018-09-06 12:40:17 -07:00
parent e78ddfce75
commit 7074625048
2 changed files with 85 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
wolfcrypt/src/port/atmel/atmel.c
View File

@ -32,7 +32,15 @@
#include <wolfssl/ssl.h> #include <wolfssl/ssl.h>
#include <wolfssl/internal.h> #include <wolfssl/internal.h>
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
#else
#define WOLFSSL_MISC_INCLUDED
#include <wolfcrypt/src/misc.c>
#endif
#ifdef WOLFSSL_ATMEL #ifdef WOLFSSL_ATMEL
/* remap name conflicts */
#define Aes Aes_Remap #define Aes Aes_Remap
#define Gmac Gmac_Remap #define Gmac Gmac_Remap
#include "asf.h" #include "asf.h"
@ -46,7 +54,9 @@ static bool mAtcaInitDone = 0;
#ifdef WOLFSSL_ATECC508A #ifdef WOLFSSL_ATECC508A
/* List of available key slots */ /* Free slot handling */
static atmel_slot_alloc_cb mSlotAlloc;
static atmel_slot_dealloc_cb mSlotDealloc;
static int mSlotList[ATECC_MAX_SLOT+1]; static int mSlotList[ATECC_MAX_SLOT+1];
/** /**
@ -60,9 +70,6 @@ t_atcert atcert = {
.end_user = { 0 }, .end_user = { 0 },
.end_user_pubkey = { 0 } .end_user_pubkey = { 0 }
}; };
static int atmel_init_enc_key(void);
#endif /* WOLFSSL_ATECC508A */ #endif /* WOLFSSL_ATECC508A */
@ -94,7 +101,7 @@ int atmel_get_random_number(uint32_t count, uint8_t* rand_out)
} }
atcab_printbin_label((const char*)"\r\nRandom Number", rand_out, count); atcab_printbin_label((const char*)"\r\nRandom Number", rand_out, count);
#else #else
// TODO: Use on-board TRNG /* TODO: Use on-board TRNG */
#endif #endif
return ret; return ret;
} }
@ -104,33 +111,67 @@ int atmel_get_random_block(unsigned char* output, unsigned int sz)
return atmel_get_random_number((uint32_t)sz, (uint8_t*)output); return atmel_get_random_number((uint32_t)sz, (uint8_t*)output);
} }
#ifdef WOLFSSL_ATMEL_TIME #if defined(WOLFSSL_ATMEL) && defined(WOLFSSL_ATMEL_TIME)
extern struct rtc_module *_rtc_instance[RTC_INST_NUM]; extern struct rtc_module *_rtc_instance[RTC_INST_NUM];
#endif #endif
long atmel_get_curr_time_and_date(long* tm) long atmel_get_curr_time_and_date(long* tm)
{ {
(void)tm; long rt = 0;
#if defined(WOLFSSL_ATMEL) && defined(WOLFSSL_ATMEL_TIME)
#ifdef WOLFSSL_ATMEL_TIME
/* Get current time */ /* Get current time */
struct rtc_calendar_time rtcTime;
const int monthDay[] = {0,31,59,90,120,151,181,212,243,273,304,334};
int month, year, yearLeap;
//struct rtc_calendar_time rtcTime; rtc_calendar_get_time(_rtc_instance[0], &rtcTime);
//rtc_calendar_get_time(_rtc_instance[0], &rtcTime);
/* Convert rtc_calendar_time to seconds since UTC */ /* Convert rtc_calendar_time to seconds since UTC */
#endif month = rtcTime.month % 12;
year = rtcTime.year + rtcTime.month / 12;
return 0; if (month < 0) {
month += 12;
year--;
}
yearLeap = (month > 1) ? year + 1 : year;
rt = rtcTime.second
+ 60 * (rtcTime.minute
+ 60 * (rtcTime.hour
+ 24 * (monthDay[month] + rtcTime.day - 1
+ 365 * (year - 70)
+ (yearLeap - 69) / 4
- (yearLeap - 1) / 100
+ (yearLeap + 299) / 400
)
)
);
#endif /* WOLFSSL_ATMEL_TIME */
(void)tm;
return rt;
} }
#ifdef WOLFSSL_ATECC508A #ifdef WOLFSSL_ATECC508A
/* Function to set the slot allocator and deallocator */
int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc,
atmel_slot_dealloc_cb dealloc)
{
mSlotAlloc = alloc;
mSlotDealloc = dealloc;
return 0;
}
/* Function to allocate new slot number */ /* Function to allocate new slot number */
int atmel_ecc_alloc(void) int atmel_ecc_alloc(void)
{ {
int i, slot = -1; int slot = ATECC_INVALID_SLOT;
if (mSlotAlloc) {
slot = mSlotAlloc();
}
else {
int i;
for (i=0; i <= ATECC_MAX_SLOT; i++) { for (i=0; i <= ATECC_MAX_SLOT; i++) {
/* Find free slot */ /* Find free slot */
if (mSlotList[i] == ATECC_INVALID_SLOT) { if (mSlotList[i] == ATECC_INVALID_SLOT) {
@ -139,15 +180,19 @@ int atmel_ecc_alloc(void)
break; break;
} }
} }
}
return slot; return slot;
} }
/* Function to return slot number to avail list */ /* Function to return slot number to available list */
void atmel_ecc_free(int slot) void atmel_ecc_free(int slot)
{ {
if (slot >= 0 && slot <= ATECC_MAX_SLOT) { if (mSlotDealloc) {
/* Mark slot of free */ mSlotDealloc(slot);
}
else if (slot >= 0 && slot <= ATECC_MAX_SLOT) {
/* Mark slot free */
mSlotList[slot] = ATECC_INVALID_SLOT; mSlotList[slot] = ATECC_INVALID_SLOT;
} }
} }
@ -158,15 +203,15 @@ void atmel_ecc_free(int slot)
#ifndef ATCA_TLS_GET_ENC_KEY #ifndef ATCA_TLS_GET_ENC_KEY
#define ATCA_TLS_GET_ENC_KEY atmel_get_enc_key #define ATCA_TLS_GET_ENC_KEY atmel_get_enc_key
/** /**
* \brief Give enc key to read pms. * \brief Callback function for getting the current encryption key
*/ */
static ATCA_STATUS atmel_get_enc_key(uint8_t* enckey, int16_t keysize) static ATCA_STATUS atmel_get_enc_key(uint8_t* enckey, int16_t keysize)
{ {
if (enckey == NULL || keysize != ATECC_KEY_SIZE) { if (enckey == NULL || keysize != ATECC_KEY_SIZE) {
return -1; return ATCA_BAD_PARAM;
} }
XMEMSET(enckey, 0xFF, keysize); // use default values XMEMSET(enckey, 0xFF, keysize); /* use default value */
return ATCA_SUCCESS; return ATCA_SUCCESS;
} }
@ -180,9 +225,10 @@ static int atmel_init_enc_key(void)
uint8_t ret = 0; uint8_t ret = 0;
uint8_t read_key[ATECC_KEY_SIZE]; uint8_t read_key[ATECC_KEY_SIZE];
/* get encryption key */
ATCA_TLS_GET_ENC_KEY(read_key, sizeof(read_key)); ATCA_TLS_GET_ENC_KEY(read_key, sizeof(read_key));
ret = atcatls_set_enckey(read_key, TLS_SLOT_ENC_PARENT, 0); ret = atcatls_set_enckey(read_key, TLS_SLOT_ENC_PARENT, 0);
ForceZero(read_key, sizeof(read_key));
if (ret != ATCA_SUCCESS) { if (ret != ATCA_SUCCESS) {
WOLFSSL_MSG("Failed to write key"); WOLFSSL_MSG("Failed to write key");
return -1; return -1;
@ -190,7 +236,7 @@ static int atmel_init_enc_key(void)
ret = atcatlsfn_set_get_enckey(ATCA_TLS_GET_ENC_KEY); ret = atcatlsfn_set_get_enckey(ATCA_TLS_GET_ENC_KEY);
if (ret != ATCA_SUCCESS) { if (ret != ATCA_SUCCESS) {
WOLFSSL_MSG("Failed to set enckey"); WOLFSSL_MSG("Failed to set enckey cb");
return -1; return -1;
} }
@ -199,7 +245,7 @@ static int atmel_init_enc_key(void)
static void atmel_show_rev_info(void) static void atmel_show_rev_info(void)
{ {
#if 0 #ifdef WOLFSSL_ATECC508A_DEBUG
uint32_t revision = 0; uint32_t revision = 0;
atcab_info((uint8_t*)&revision); atcab_info((uint8_t*)&revision);
printf("ATECC508A Revision: %x\n", (unsigned int)revision); printf("ATECC508A Revision: %x\n", (unsigned int)revision);

8
wolfssl/wolfcrypt/port/atmel/atmel.h
View File

@ -48,7 +48,7 @@
struct WOLFSSL; struct WOLFSSL;
struct WOLFSSL_X509_STORE_CTX; struct WOLFSSL_X509_STORE_CTX;
// Cert Structure /* Cert Structure */
typedef struct t_atcert { typedef struct t_atcert {
uint32_t signer_ca_size; uint32_t signer_ca_size;
uint8_t signer_ca[512]; uint8_t signer_ca[512];
@ -60,7 +60,6 @@ typedef struct t_atcert {
extern t_atcert atcert; extern t_atcert atcert;
/* Amtel port functions */ /* Amtel port functions */
void atmel_init(void); void atmel_init(void);
void atmel_finish(void); void atmel_finish(void);
@ -70,6 +69,11 @@ long atmel_get_curr_time_and_date(long* tm);
int atmel_ecc_alloc(void); int atmel_ecc_alloc(void);
void atmel_ecc_free(int slot); void atmel_ecc_free(int slot);
typedef int (*atmel_slot_alloc_cb)(void);
typedef void (*atmel_slot_dealloc_cb)(int);
int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc,
atmel_slot_dealloc_cb dealloc);
#include <wolfssl/wolfcrypt/ecc.h> #include <wolfssl/wolfcrypt/ecc.h>
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS