Fixes for building WOLFSSL_RENESAS_TSIP_CRYPTONLY and NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH.

wolfcrypt/src/port/Renesas/renesas_common.c

@@ -21,34 +21,39 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 
-#if defined(WOLFSSL_RENESAS_FSPSM_TLS) \
-    || defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) \
-    || defined(WOLFSSL_RENESAS_TSIP_TLS) \
-    || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) || \
+    defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
 
 #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
     defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
-  #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
-  #define cmn_hw_lock    wc_fspsm_hw_lock
-  #define cmn_hw_unlock  wc_fspsm_hw_unlock
-#elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \
-    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
-  #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
-  #define cmn_hw_lock    tsip_hw_lock
-  #define cmn_hw_unlock  tsip_hw_unlock
 
-  #define FSPSM_ST       TsipUserCtx;
-  #define MAX_FSPSM_CBINDEX 5
+    #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+    #define cmn_hw_lock    wc_fspsm_hw_lock
+    #define cmn_hw_unlock  wc_fspsm_hw_unlock
+
+#elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+      defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+
+    #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
+    #define cmn_hw_lock    tsip_hw_lock
+    #define cmn_hw_unlock  tsip_hw_unlock
+
+    #define FSPSM_ST       TsipUserCtx;
+    #define MAX_FSPSM_CBINDEX 5
 #endif
 
 #include <wolfssl/wolfcrypt/wc_port.h>
 #include <wolfssl/wolfcrypt/types.h>
 #include <wolfssl/wolfcrypt/asn.h>
+#ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY
 #include <wolfssl/internal.h>
+#endif
 #include <wolfssl/error-ssl.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
-#include <wolfssl/wolfcrypt/port/renesas/renesas_cmn.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 
 uint32_t   g_CAscm_Idx = (uint32_t)-1; /* index of CM table    */
 static int gdevId = 7890;           /* initial dev Id for Crypt Callback */
@@ -59,7 +64,7 @@ static int gdevId = 7890;           /* initial dev Id for Crypt Callback */
     defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
 FSPSM_ST    *gCbCtx[MAX_FSPSM_CBINDEX];
 #elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \
-            defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+      defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
 #define FSPSM_ST       TsipUserCtx;
 #define MAX_FSPSM_CBINDEX 5
 TsipUserCtx *gCbCtx[MAX_FSPSM_CBINDEX];
@@ -426,7 +431,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
  */
 int Renesas_cmn_usable(const WOLFSSL* ssl, byte session_key_generated)
 {
-    int ret;
+    int ret = 0;
 
     #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         ret = tsip_usable(ssl, session_key_generated);

wolfcrypt/src/port/Renesas/renesas_tsip_util.c

@@ -34,11 +34,15 @@
     #define WOLFSSL_MISC_INCLUDED
     #include <wolfcrypt/src/misc.c>
 #endif
-#include <wolfssl/ssl.h>
-#include <wolfssl/internal.h>
-#include <wolfssl/error-ssl.h>
+
+#ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+    #include <wolfssl/ssl.h>
+    #include <wolfssl/internal.h>
+    #include <wolfssl/error-ssl.h>
+#endif
 #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
 #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
+
 #include <stdio.h>
 
 #define TSIP_SIGNING_DATA_PREFIX_SZ     64
@@ -171,6 +175,7 @@ WOLFSSL_API int tsip_use_PrivateKey_buffer_TLS(struct WOLFSSL* ssl,
     return ret;
 }
 #endif /* WOLFSSL_RENESAS_TSIP_TLS */
+
 #if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
 
 /* Set client encrypted public key data.
@@ -421,11 +426,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
     WOLFSSL_LEAVE("tsip_Tls13GenEccKeyPair", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 /* generate shared secret(pre-master secret)
  * get peer's raw ECDHE public key from KeyShareEntry.
  * The pre-master secret generated by TSIP is stored into
@@ -514,11 +515,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
     WOLFSSL_LEAVE("tsip_Tls13GenSharedSecret", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
 {
     int ret = 0;
@@ -543,11 +540,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
     WOLFSSL_LEAVE("tsip_Tls13DeriveEarlySecret", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 /* derive handshake secret.
  * get pre-master secret stored in TsipUserCtx.sharedSecret13Idx.
  * Derived handshake secret is stored into TsipUserCtx.handshakeSecret13Idx
@@ -621,11 +614,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl)
     WOLFSSL_LEAVE("tsip_Tls13DeriveHandshakeSecret", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl)
 {
     int ret = 0;
@@ -705,11 +694,7 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl)
     WOLFSSL_LEAVE("tsipTls13DeriveClientHandshakeKeys", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl)
 {
     int ret = 0;
@@ -789,11 +774,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl)
     WOLFSSL_LEAVE("tsipTls13DeriveServerHandshakeKeys", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl)
 {
     int ret = 0;
@@ -881,11 +862,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl)
     WOLFSSL_LEAVE("tsipTls13DeriveTrafficKeys", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl)
 {
     int ret     = 0;
@@ -953,11 +930,7 @@ static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl)
     WOLFSSL_LEAVE("tsipTls13UpdateClientTrafficKeys", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl)
 {
     int ret     = 0;
@@ -1025,11 +998,7 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl)
     WOLFSSL_LEAVE("tsipTls13UpdateServerTrafficKeys", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 /* Derive the keys for TLS v1.3.
  *
  * ssl    The WOLFSSL object.
@@ -1124,11 +1093,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveKeys(struct WOLFSSL* ssl,
     WOLFSSL_LEAVE("tsip_Tls13DeriveKeys", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
 {
     int ret = 0;
@@ -1198,11 +1163,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
     WOLFSSL_LEAVE("tsip_Tls13DeriveMasterSecret", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 /* verify handshake
  * ssl     WOLFSSL object
  * hash    buffer holding decrypted finished message content from server.
@@ -1288,11 +1249,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl,
     WOLFSSL_LEAVE("tsipTls13VerifyHandshake", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 /* handles finished message from server.
  * verify hmac in the message. Also output verify data to
  * TsipUserCtx.verifyDataIdx, which is used for deriving master secret.
@@ -1334,11 +1291,7 @@ WOLFSSL_LOCAL int tsip_Tls13HandleFinished(
     WOLFSSL_LEAVE("tsip_Tls13HandleFinished", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 /* Build TLS v1.3 Message and make it encrypted with AEAD algorithm.
  * TSIP supports AES-GCM and AES-CCM.
  * ssl         The WOLFSSL object.
@@ -1434,11 +1387,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl,
     WOLFSSL_LEAVE("tsip_Tls13BuildMessage", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-
-
-#if defined(WOLFSSL_TLS13)
 /* Send finished message to the server.
  *
  * ssl     WOLFSSL object
@@ -1501,9 +1450,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendFinished(
     WOLFSSL_LEAVE("tsip_Tls13SendFinished", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-#if defined(WOLFSSL_TLS13)
 /* Parse and handle a TLS v1.3 CertificateVerify message sent from a server.
  *
  * ssl       WOLFSSL object
@@ -1644,9 +1591,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
     WOLFSSL_LEAVE("tsip_Tls13CertificateVerify", ret);
     return ret;
 }
-#endif /* WOLFSSL_TLS13 */
 
-#if defined(WOLFSSL_TLS13)
 /* Send the TLS v1.3 CertificateVerify message. A part of the message is
  * processed by TSIP for acceleration.
  *
@@ -1927,6 +1872,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
 #endif /* WOLFSSL_TLS13 */
 #endif /* WOLFSSL_RENESAS_TSIP_TLS */
 
+
 #if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER >=109)
 
 static uint32_t GetTsipCipherSuite(
@@ -2545,41 +2491,7 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
     WOLFSSL_LEAVE("tsipImportPublicKey", ret);
     return ret;
 }
-/*
-* lock hw engine.
-* this should be called before using engine.
-*/
-WOLFSSL_LOCAL int tsip_hw_lock(void)
-{
-    int ret = 0;
 
-    if (tsip_CryptHwMutexInit_ == 0) {
-
-        ret = tsip_CryptHwMutexInit(&tsip_mutex);
-
-        if (ret == 0) {
-            tsip_CryptHwMutexInit_ = 1;
-        }
-        else {
-            WOLFSSL_MSG(" mutex initialization failed.");
-            return -1;
-        }
-    }
-    if (tsip_CryptHwMutexLock(&tsip_mutex) != 0) {
-        /* this should not happens */
-        return -1;
-    }
-
-    return ret;
-}
-
-/*
-* release hw engine
-*/
-WOLFSSL_LOCAL void tsip_hw_unlock(void)
-{
-    tsip_CryptHwMutexUnLock(&tsip_mutex);
-}
 #if defined(WOLFSSL_RENESAS_TSIP_TLS)
 /* check if tsip tls functions can be used for the cipher      */
 /* return  :1 when tsip can be used , 0 not be used.           */
@@ -2678,6 +2590,41 @@ int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated)
 }
 #endif /* WOLFSSL_RENESAS_TSIP_TLS */
 
+/*
+* lock hw engine.
+* this should be called before using engine.
+*/
+WOLFSSL_LOCAL int tsip_hw_lock(void)
+{
+    int ret = 0;
+
+    if (tsip_CryptHwMutexInit_ == 0) {
+
+        ret = tsip_CryptHwMutexInit(&tsip_mutex);
+
+        if (ret == 0) {
+            tsip_CryptHwMutexInit_ = 1;
+        }
+        else {
+            WOLFSSL_MSG(" mutex initialization failed.");
+            return -1;
+        }
+    }
+    if (tsip_CryptHwMutexLock(&tsip_mutex) != 0) {
+        /* this should not happens */
+        return -1;
+    }
+
+    return ret;
+}
+
+/*
+* release hw engine
+*/
+WOLFSSL_LOCAL void tsip_hw_unlock(void)
+{
+    tsip_CryptHwMutexUnLock(&tsip_mutex);
+}
 
 /* open TSIP driver
  * return 0 on success.

wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h

@@ -372,7 +372,7 @@ WOLFSSL_API int tsip_use_PrivateKey_buffer_TLS(struct WOLFSSL* ssl,
 #endif
 
 #if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
-WOLFSSL_API int tsip_use_PubicKey_buffer_crypt(TsipUserCtx *uc,
+WOLFSSL_API int tsip_use_PublicKey_buffer_crypt(TsipUserCtx *uc,
                                 const char* keyBuf, int keyBufLen, int keyType);
 WOLFSSL_API int tsip_use_PrivateKey_buffer_crypt(TsipUserCtx *uc,
                                 const char* keyBuf, int keyBufLen, int keyType);

wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h

@@ -21,6 +21,8 @@
 #ifndef __RENESAS_CMN_H__
 #define __RENESAS_CMN_H__
 
+#ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+
 #include <wolfssl/ssl.h>
 #include <wolfssl/internal.h>
 
@@ -69,8 +71,6 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig, unsigne
 
 /* Common Methods */
 WOLFSSL_LOCAL void* Renesas_cmn_GetCbCtxBydevId(int devId);
-int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx);
-void wc_CryptoCb_CleanupRenesasCmn(int* id);
 int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
         word32 key_n_start, word32 key_n_len, word32 key_e_start,
         word32 key_e_len, word32 cm_row);
@@ -80,4 +80,9 @@ WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
                             const byte *handshake_hash, word32 hashSz,
                             byte *hashes, void* ctx);
 WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx);
+#endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */
+
+int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx);
+void wc_CryptoCb_CleanupRenesasCmn(int* id);
+
 #endif /* __RENESAS_CMN_H__ */

wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h

@@ -33,12 +33,6 @@ typedef enum {
     TSIP_SHA256 = 1,
 } TSIP_SHA_TYPE;
 
-typedef enum {
-    TSIP_RSA2048,
-    TSIP_RSA4096,
-    TSIP_ECCP256,
-} TSIP_KEY_TYPE;
-
 typedef struct {
     byte*  msg;
     void*  heap;
@@ -54,16 +48,24 @@ typedef struct {
 /* RAW hash function APIs are not implemented with TSIP */
 #define WOLFSSL_NO_HASH_RAW
 
+#ifndef NO_SHA
 typedef wolfssl_TSIP_Hash wc_Sha;
-
-#if !defined(NO_SHA256)
+#endif
+#ifndef NO_SHA256
 typedef wolfssl_TSIP_Hash wc_Sha256;
 #endif
 
-#endif /* NO_SHA */
+#endif /* !NO_SHA || !NO_SHA256 */
 
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT) ||\
+typedef enum {
+    TSIP_RSA2048,
+    TSIP_RSA4096,
+    TSIP_ECCP256,
+} TSIP_KEY_TYPE;
+
+
+#if defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT) || \
     defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
 #include "r_tsip_rx_if.h"