wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 12:44:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added AES IV retrieval from TROPIC01 and use of new R-Memory slot definitions

Browse Source
This commit is contained in:
Maxim Kostin
2025-06-09 16:06:56 +02:00
parent 2da1b4e6b2
commit 7b0b2e9f0c
2 changed files with 67 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
wolfcrypt/src/port/tropicsquare/tropic01.c
View File

@@ -107,10 +107,10 @@ static int Tropic01_GenerateKeyED25519(byte* pubkey, int keySlot, word32 sz)
#endif #endif
/* /*
* Retrive the AES key from the secure R memory of TROPIC01 * Retrieve the AES key from the secure R memory of TROPIC01
*/ */
static int Tropic01_GetKeyAES(Aes* aes, int keySlot, word32 keySz) static int Tropic01_GetKeyAES(byte* aesKey, int keySlot, word32 keySz)
{ {
lt_ret_t rett; lt_ret_t rett;
@@ -119,7 +119,7 @@ static int Tropic01_GetKeyAES(Aes* aes, int keySlot, word32 keySz)
keySlot keySlot
); );
if (aes == NULL || keySlot < 0 || keySlot >= 511) if (aesKey == NULL || keySlot < 0 || keySlot >= 511)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@@ -134,7 +134,7 @@ static int Tropic01_GetKeyAES(Aes* aes, int keySlot, word32 keySz)
/* Retrieve key from TROPIC01 */ /* Retrieve key from TROPIC01 */
rett = lt_r_mem_data_read(&g_h, keySlot, (byte*)aes->key, keySz); rett = lt_r_mem_data_read(&g_h, keySlot, aesKey, keySz);
if (rett != LT_OK) { if (rett != LT_OK) {
WOLFSSL_MSG_EX( WOLFSSL_MSG_EX(
"TROPIC01: Get AES Key: Failed to retrieve key, ret=%d", "TROPIC01: Get AES Key: Failed to retrieve key, ret=%d",
@@ -149,7 +149,7 @@ static int Tropic01_GetKeyAES(Aes* aes, int keySlot, word32 keySz)
} }
/* /*
* Retrive the ECC key from the secure R memory of TROPIC01 * Retrieve the ECC key from the secure R memory of TROPIC01
*/ */
static int Tropic01_GetKeyECC(byte* ecckey, int keySlot, word32 keySz) static int Tropic01_GetKeyECC(byte* ecckey, int keySlot, word32 keySz)
{ {
@@ -195,7 +195,8 @@ static int Tropic01_GetKeyECC(byte* ecckey, int keySlot, word32 keySz)
int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx) int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
{ {
int ret = CRYPTOCB_UNAVAILABLE; int ret = CRYPTOCB_UNAVAILABLE;
byte lt_key[TROPIC01_AES_MAX_KEY_SIZE] = {0};
byte lt_iv[TROPIC01_AES_MAX_KEY_SIZE] = {0};
if (info == NULL) if (info == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@@ -296,11 +297,9 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
#if !defined(NO_AES) #if !defined(NO_AES)
#ifdef HAVE_AESGCM #ifdef HAVE_AESGCM
if (info->cipher.type == WC_CIPHER_AES_GCM) { if (info->cipher.type == WC_CIPHER_AES_GCM) {
if (info->cipher.enc) {
ret = Tropic01_GetKeyAES( ret = Tropic01_GetKeyAES(
info->cipher.aesgcm_enc.aes, lt_key,
TROPIC01_AES_RMEM_SLOT_DEFAULT, TROPIC01_AES_KEY_RMEM_SLOT,
TROPIC01_AES_MAX_KEY_SIZE); TROPIC01_AES_MAX_KEY_SIZE);
if (ret != 0) { if (ret != 0) {
WOLFSSL_MSG_EX( WOLFSSL_MSG_EX(
@@ -308,6 +307,25 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
ret); ret);
return ret; return ret;
} }
ret = Tropic01_GetKeyAES(
lt_iv,
TROPIC01_AES_IV_RMEM_SLOT,
TROPIC01_AES_MAX_KEY_SIZE);
if (ret != 0) {
WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: Failed to get AES IV, ret=%d",
ret);
return ret;
}
if (info->cipher.enc) {
ret = wc_AesSetKey(info->cipher.aesgcm_enc.aes, lt_key,
WC_AES_BLOCK_SIZE, lt_iv, AES_ENCRYPTION);
if (ret != 0) {
WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: Failed to set AES key, ret=%d",
ret);
return ret;
}
/* set devId to invalid, so software is used */ /* set devId to invalid, so software is used */
info->cipher.aesgcm_enc.aes->devId = INVALID_DEVID; info->cipher.aesgcm_enc.aes->devId = INVALID_DEVID;
ret = wc_AesGcmEncrypt( ret = wc_AesGcmEncrypt(
@@ -327,13 +345,11 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
} }
else { else {
ret = Tropic01_GetKeyAES( ret = wc_AesSetKey(info->cipher.aesgcm_dec.aes, lt_key,
info->cipher.aesgcm_dec.aes, WC_AES_BLOCK_SIZE, lt_iv, AES_DECRYPTION);
TROPIC01_AES_RMEM_SLOT_DEFAULT,
TROPIC01_AES_MAX_KEY_SIZE);
if (ret != 0) { if (ret != 0) {
WOLFSSL_MSG_EX( WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: Failed to get AES key,ret=%d", "TROPIC01: CryptoCB: Failed to set AES key, ret=%d",
ret); ret);
return ret; return ret;
} }
@@ -358,15 +374,30 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
#endif /* HAVE_AESGCM */ #endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC #ifdef HAVE_AES_CBC
if (info->cipher.type == WC_CIPHER_AES_CBC) { if (info->cipher.type == WC_CIPHER_AES_CBC) {
if (info->cipher.enc) {
ret = Tropic01_GetKeyAES( ret = Tropic01_GetKeyAES(
info->cipher.aescbc.aes, lt_key,
TROPIC01_AES_RMEM_SLOT_DEFAULT, TROPIC01_AES_KEY_RMEM_SLOT,
TROPIC01_AES_MAX_KEY_SIZE); TROPIC01_AES_MAX_KEY_SIZE);
if (ret != 0) { if (ret != 0) {
WOLFSSL_MSG_EX( WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: Failed to get AES key, ret=%d", "TROPIC01: CryptoCB: Failed to get AES key,ret=%d", ret);
return ret;
}
ret = Tropic01_GetKeyAES(
lt_iv,
TROPIC01_AES_IV_RMEM_SLOT,
TROPIC01_AES_MAX_KEY_SIZE);
if (ret != 0) {
WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: Failed to get AES IV, ret=%d", ret);
return ret;
}
if (info->cipher.enc) {
ret = wc_AesSetKey(info->cipher.aescbc.aes, lt_key,
WC_AES_BLOCK_SIZE, lt_iv, AES_ENCRYPTION);
if (ret != 0) {
WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: Failed to set AES key, ret=%d",
ret); ret);
return ret; return ret;
} }
@@ -383,13 +414,11 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
} }
else { else {
ret = Tropic01_GetKeyAES( ret = wc_AesSetKey(info->cipher.aescbc.aes, lt_key,
info->cipher.aescbc.aes, WC_AES_BLOCK_SIZE, lt_iv, AES_DECRYPTION);
TROPIC01_AES_RMEM_SLOT_DEFAULT,
TROPIC01_AES_MAX_KEY_SIZE);
if (ret != 0) { if (ret != 0) {
WOLFSSL_MSG_EX( WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: Failed to get AES key, ret=%d", "TROPIC01: CryptoCB: Failed to set AES key, ret=%d",
ret); ret);
return ret; return ret;
} }

10
wolfssl/wolfcrypt/port/tropicsquare/tropic01.h
View File

@@ -50,13 +50,17 @@
#define TROPIC01_AES_MAX_KEY_SIZE 32 #define TROPIC01_AES_MAX_KEY_SIZE 32
#define TROPIC01_AES_RMEM_SLOT_DEFAULT 1
/* R-Memory slots allocation */
#define TROPIC01_AES_KEY_RMEM_SLOT 0
#define TROPIC01_AES_IV_RMEM_SLOT 1
#define TROPIC01_ED25519_PUB_RMEM_SLOT_DEFAULT 2
#define TROPIC01_ED25519_PRIV_RMEM_SLOT_DEFAULT 3
#define TROPIC01_ED25519_PRIV_KEY_SIZE 32 #define TROPIC01_ED25519_PRIV_KEY_SIZE 32
#define TROPIC01_ED25519_PUB_KEY_SIZE 32 #define TROPIC01_ED25519_PUB_KEY_SIZE 32
#define TROPIC01_ED25519_PUB_RMEM_SLOT_DEFAULT 2
#define TROPIC01_ED25519_PRIV_RMEM_SLOT_DEFAULT 3
#define TROPIC01_ED25519_ECC_SLOT_DEFAULT 1 #define TROPIC01_ED25519_ECC_SLOT_DEFAULT 1
#define PAIRING_KEY_SLOT_INDEX_0 0 #define PAIRING_KEY_SLOT_INDEX_0 0