From 9227020f8e41ae303ce94009286675adfb75189d Mon Sep 17 00:00:00 2001 From: gojimmypi Date: Tue, 21 Nov 2023 16:22:49 -0800 Subject: [PATCH] code review updates for ESP32 C3/C6/S2 HW Acceleration --- IDE/Espressif/ESP-IDF/README.md | 1 - IDE/Espressif/ESP-IDF/user_settings.h | 150 ++++++++++++++---- wolfcrypt/src/port/Espressif/README.md | 55 +++++-- wolfcrypt/src/port/Espressif/esp32_sha.c | 36 ++--- wolfcrypt/src/sha.c | 24 +-- wolfcrypt/src/sha256.c | 56 +------ .../wolfcrypt/port/Espressif/esp32-crypt.h | 4 +- 7 files changed, 199 insertions(+), 127 deletions(-) diff --git a/IDE/Espressif/ESP-IDF/README.md b/IDE/Espressif/ESP-IDF/README.md index 3c6608ed1..ea9dd16a1 100644 --- a/IDE/Espressif/ESP-IDF/README.md +++ b/IDE/Espressif/ESP-IDF/README.md @@ -14,7 +14,6 @@ Including the following examples: * Simple [TLS client](./examples/wolfssl_client/)/[server](./examples/wolfssl_server/) * Cryptographic [test](./examples/wolfssl_test/) * Cryptographic [benchmark](./examples/wolfssl_benchmark/) -* Bare-bones [template](./examples/template/) The *user_settings.h* file enables some of the hardened settings. diff --git a/IDE/Espressif/ESP-IDF/user_settings.h b/IDE/Espressif/ESP-IDF/user_settings.h index 2ac4ac9ec..db63349df 100644 --- a/IDE/Espressif/ESP-IDF/user_settings.h +++ b/IDE/Espressif/ESP-IDF/user_settings.h @@ -83,7 +83,7 @@ #define WOLFSSL_AES_DIRECT #endif -/* when you want to use aes counter mode */ +/* when you want to use AES counter mode */ /* #define WOLFSSL_AES_DIRECT */ /* #define WOLFSSL_AES_COUNTER */ @@ -102,10 +102,17 @@ /* Define USE_FAST_MATH and SMALL_STACK */ #define ESP32_USE_RSA_PRIMITIVE /* threshold for performance adjustment for HW primitive use */ + + /* NOTE HW unreliable for small values on older original ESP32!*/ + /* threshold for performance adjustment for HW primitive use */ /* X bits of G^X mod P greater than */ - #define EPS_RSA_EXPT_XBTIS 36 + #undef ESP_RSA_EXPT_XBITS + #define ESP_RSA_EXPT_XBITS 32 + /* X and Y of X * Y mod P greater than */ - #define ESP_RSA_MULM_BITS 2000 + #undef ESP_RSA_MULM_BITS + #define ESP_RSA_MULM_BITS 16 + #endif /* debug options */ @@ -123,46 +130,129 @@ /* adjust wait-timeout count if you see timeout in RSA HW acceleration */ #define ESP_RSA_TIMEOUT_CNT 0x249F00 +/* Default is HW enabled unless turned off. +** Uncomment these lines to force SW instead of HW acceleration */ + #if defined(CONFIG_IDF_TARGET_ESP32) - /* when you want not to use HW acceleration on ESP32 (below for S3, etc */ - /* #define NO_ESP32_CRYPT */ - /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ - /* #define NO_WOLFSSL_ESP32_CRYPT_AES */ - /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */ + /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */ + /* #define NO_ESP32_CRYPT */ + /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ + /* #define NO_WOLFSSL_ESP32_CRYPT_AES */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */ + + /* These are defined automatically in esp32-crypt.h, here for clarity: */ + #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */ + /* end CONFIG_IDF_TARGET_ESP32 */ + #undef ESP_RSA_MULM_BITS + #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */ + /***** END CONFIG_IDF_TARGET_ESP32 *****/ + #elif defined(CONFIG_IDF_TARGET_ESP32S2) - /* ESP32-S2 disabled by default; not implemented */ - #define NO_ESP32_CRYPT - #define NO_WOLFSSL_ESP32_CRYPT_HASH - #define NO_WOLFSSL_ESP32_CRYPT_AES - #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI + /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */ + /* #define NO_ESP32_CRYPT */ + /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ + /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */ + /* #define NO_WOLFSSL_ESP32_CRYPT_AES */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */ + /***** END CONFIG_IDF_TARGET_ESP32S2 *****/ + #elif defined(CONFIG_IDF_TARGET_ESP32S3) - /* when you want not to use HW acceleration on ESP32-S3 */ - /* #define NO_ESP32_CRYPT */ - /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ - /* #define NO_WOLFSSL_ESP32_CRYPT_AES */ - /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */ + /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */ + /* #define NO_ESP32_CRYPT */ + /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ + /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */ + /* #define NO_WOLFSSL_ESP32_CRYPT_AES */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */ + /***** END CONFIG_IDF_TARGET_ESP32S3 *****/ + #elif defined(CONFIG_IDF_TARGET_ESP32C3) - /* ESP32-C3 disabled by default, not implemented */ - #define NO_ESP32_CRYPT - #define NO_WOLFSSL_ESP32_CRYPT_HASH - #define NO_WOLFSSL_ESP32_CRYPT_AES - #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI + /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */ + + /* #define NO_ESP32_CRYPT */ + /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */ + + /* These are defined automatically in esp32-crypt.h, here for clarity: */ + #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */ + #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */ + + /* #define NO_WOLFSSL_ESP32_CRYPT_AES */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */ + /***** END CONFIG_IDF_TARGET_ESP32C3 *****/ + #elif defined(CONFIG_IDF_TARGET_ESP32C6) - /* ESP32-C6 disabled by default, not implemented */ - #define NO_ESP32_CRYPT - #define NO_WOLFSSL_ESP32_CRYPT_HASH - #define NO_WOLFSSL_ESP32_CRYPT_AES - #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI + /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */ + + /* #define NO_ESP32_CRYPT */ + /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ + /* These are defined automatically in esp32-crypt.h, here for clarity: */ + #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */ + #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */ + + /* #define NO_WOLFSSL_ESP32_CRYPT_AES */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */ + /***** END CONFIG_IDF_TARGET_ESP32C6 *****/ + #elif defined(CONFIG_IDF_TARGET_ESP32H2) - /* ESP32-H2 disabled by default, not implemented */ + /* wolfSSL Hardware Acceleration not yet implemented */ #define NO_ESP32_CRYPT #define NO_WOLFSSL_ESP32_CRYPT_HASH #define NO_WOLFSSL_ESP32_CRYPT_AES #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI + /***** END CONFIG_IDF_TARGET_ESP32H2 *****/ + #else - /* anything else unknown will have HW disabled by default */ + /* Anything else encountered, disable HW accleration */ #define NO_ESP32_CRYPT #define NO_WOLFSSL_ESP32_CRYPT_HASH #define NO_WOLFSSL_ESP32_CRYPT_AES #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI +#endif /* CONFIG_IDF_TARGET Check */ + +/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm +#define WOLFSSL_SM2 +#define WOLFSSL_SM3 +#define WOLFSSL_SM4 +*/ + +#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4) + #include + #define CTX_CA_CERT root_sm2 + #define CTX_CA_CERT_SIZE sizeof_root_sm2 + #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM + #define CTX_SERVER_CERT server_sm2 + #define CTX_SERVER_CERT_SIZE sizeof_server_sm2 + #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM + #define CTX_SERVER_KEY server_sm2_priv + #define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv + #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM + + #undef WOLFSSL_BASE16 + #define WOLFSSL_BASE16 +#else + #define USE_CERT_BUFFERS_2048 + #define USE_CERT_BUFFERS_256 + #define CTX_CA_CERT ca_cert_der_2048 + #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048 + #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 + #define CTX_SERVER_CERT server_cert_der_2048 + #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048 + #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1 + #define CTX_SERVER_KEY server_key_der_2048 + #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048 + #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1 #endif diff --git a/wolfcrypt/src/port/Espressif/README.md b/wolfcrypt/src/port/Espressif/README.md index d8978f538..5d2fa27e0 100644 --- a/wolfcrypt/src/port/Espressif/README.md +++ b/wolfcrypt/src/port/Espressif/README.md @@ -1,37 +1,66 @@ # ESP32 Port -Support for the ESP32-WROOM-32 on-board crypto hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod. +Support for the ESP32 on-board cryptographic hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod. + +* ESP32 - Supported +* ESP32S2 - Supported +* ESP32S3 - Supported +* ESP32C2 - Software only (contact support to request hardware acceleration) +* ESP32C3 - Supported +* ESP32C6 - Supported +* ESP32H2 - Software only (contact support to request hardware acceleration) ## ESP32 Acceleration -For detail about ESP32 HW Acceleration, you can find in [Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf) +More details about ESP32 HW Accelerationcan be found in: + +* [ESP32 Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf) +* [ESP32-S2 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-s2_technical_reference_manual_en.pdf) +* [ESP32-S3 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf) +* [ESP32-C2 (aka ESP8684 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp8684_technical_reference_manual_en.pdf) +* [ESP32-C3 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-c3_technical_reference_manual_en.pdf) +* [ESP32-C6 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-c6_technical_reference_manual_en.pdf) +* [ESP32-H2 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-h2_technical_reference_manual_en.pdf) ### Building -``` -git clone --recurse-submodules -j8 https://github.com/espressif/esp-idf master -``` +Simply run `ESP-IDF.py` in any of the [Espressif/ESP-IDF/Examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples). +See the respective project README files. Examples are also available using wolfssl as a [Managed Component](https://components.espressif.com/components/wolfssl/wolfssl). -Hardware acceleration is enabled by default. +Hardware acceleration is enabled by default. All settings should be adjusted in the respective project component +`user_settings.h` file. See the example in [template example](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h). +In particular, comment out the `NO_[feature_name]` macros to enable hardware encryption: -To disable portions of the hardware acceleration you can optionally define: + /* #define NO_ESP32_CRYPT */ + /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ + /* #define NO_WOLFSSL_ESP32_CRYPT_AES */ + /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */ + +To disable specific portions of the hardware acceleration you can optionally define: ```c -/* Disabled SHA, AES and RSA acceleration */ +/* Disable all SHA, AES and RSA acceleration */ #define NO_ESP32_CRYPT -/* Disabled AES acceleration */ + +/* Disable only AES acceleration */ #define NO_WOLFSSL_ESP32_CRYPT_AES -/* Disabled SHA acceleration */ + +/* Disabled only SHA acceleration */ #define NO_WOLFSSL_ESP32_CRYPT_HASH -/* Disabled RSA Primitive acceleration */ + +/* Disabled only RSA Primitive acceleration */ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI ``` +See the [wolfcrypt/port/Espressif/esp32-crypt.h](https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h) +for more details on fine tuning and debugging options. + ### Coding In your application you must include `` before any other wolfSSL headers. -If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` and adding your own -`user_settings.h` file. You can find a good reference for this in `IDE/GCC-ARM/Header/user_settings.h`. +If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` (typically defined in the `CMakeLists.txt`) +and adding your own `user_settings.h` file. You can find a good reference in the [Espressif examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) +as well as other examples such as [IDE/GCC-ARM/Header/user_settings.h](https://github.com/wolfSSL/wolfssl/blob/master/IDE/GCC-ARM/Header/user_settings.h). To view disassembly, add `__attribute__((section(".iram1")))` decorator. Foe example: diff --git a/wolfcrypt/src/port/Espressif/esp32_sha.c b/wolfcrypt/src/port/Espressif/esp32_sha.c index 99a7ffb71..12607d3e7 100644 --- a/wolfcrypt/src/port/Espressif/esp32_sha.c +++ b/wolfcrypt/src/port/Espressif/esp32_sha.c @@ -95,7 +95,7 @@ static const char* TAG = "wolf_hw_sha"; static wolfSSL_Mutex sha_mutex = NULL; #endif -#ifdef DEBUG_WOLFSSL_SHA_MUTEX +#ifdef WOLFSSL_DEBUG_MUTEX #ifndef WOLFSSL_TEST_STRAY /* unless turned on, we won't be testing for strays */ #define WOLFSSL_TEST_STRAY 0 @@ -119,7 +119,7 @@ static const char* TAG = "wolf_hw_sha"; #if defined(ESP_MONITOR_HW_TASK_LOCK) static void * mutex_ctx_owner = 0; static TaskHandle_t mutex_ctx_task = 0; - #ifdef DEBUG_WOLFSSL_SHA_MUTEX + #ifdef WOLFSSL_DEBUG_MUTEX static portMUX_TYPE sha_crit_sect = portMUX_INITIALIZER_UNLOCKED; WC_ESP32SHA* stray_ctx; /* each ctx keeps track of the intializer for HW. when debugging @@ -608,7 +608,7 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst) int ret; if (src->ctx.mode == ESP32_SHA_HW) { /* Get a copy of the HW digest, but don't process it. */ - #ifdef DEBUG_WOLFSSL_SHA_MUTEX + #ifdef WOLFSSL_DEBUG_MUTEX { ESP_LOGI(TAG, "esp_sha256_ctx_copy esp_sha512_digest_process"); } @@ -990,7 +990,7 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx) int esp_sha_set_stray(WC_ESP32SHA* ctx) { int ret = 0; -#ifdef DEBUG_WOLFSSL_SHA_MUTEX +#ifdef WOLFSSL_DEBUG_MUTEX stray_ctx = ctx; ret= (int)stray_ctx; #endif @@ -1000,13 +1000,13 @@ int esp_sha_set_stray(WC_ESP32SHA* ctx) /* ** return HW lock owner, otherwise zero if not locked. ** -** When DEBUG_WOLFSSL_SHA_MUTEX is defined, additional +** When WOLFSSL_DEBUG_MUTEX is defined, additional ** debugging capabilities are available. */ int esp_sha_hw_islocked(WC_ESP32SHA* ctx) { int ret = 0; -#ifdef DEBUG_WOLFSSL_SHA_MUTEX +#ifdef WOLFSSL_DEBUG_MUTEX taskENTER_CRITICAL(&sha_crit_sect); { ret = (int)mutex_ctx_owner; @@ -1037,7 +1037,7 @@ int esp_sha_hw_islocked(WC_ESP32SHA* ctx) #endif -#ifdef DEBUG_WOLFSSL_SHA_MUTEX +#ifdef WOLFSSL_DEBUG_MUTEX if (ret == 0) { ESP_LOGV(TAG, ">> NOT LOCKED esp_sha_hw_islocked"); } @@ -1072,7 +1072,7 @@ int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx) ESP_LOGE(TAG, "ERROR: esp_sha_release_unfinished_lock for %x" " but found %x", ret, (int)(ctx->initializer)); } - #ifdef DEBUG_WOLFSSL_SHA_MUTEX + #ifdef WOLFSSL_DEBUG_MUTEX ESP_LOGE(TAG, "\n>>>> esp_sha_release_unfinished_lock %x\n", ret); #endif /* unlock only if this ctx is the intializer of the lock */ @@ -1109,7 +1109,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx) ESP_LOGI(TAG, "enter esp_sha_hw_lock for %x", (int)ctx->initializer); #endif - #ifdef DEBUG_WOLFSSL_SHA_MUTEX + #ifdef WOLFSSL_DEBUG_MUTEX taskENTER_CRITICAL(&sha_crit_sect); { /* let's keep track of how many times we call this */ @@ -1168,7 +1168,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx) /* created, but not yet locked */ ret = esp_CryptHwMutexInit(&sha_mutex); if (ret == 0) { - #ifdef DEBUG_WOLFSSL_SHA_MUTEX + #ifdef WOLFSSL_DEBUG_MUTEX ESP_LOGI(TAG, "esp_CryptHwMutexInit sha_mutex init success."); mutex_ctx_owner = 0; #endif @@ -1179,7 +1179,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx) ESP_LOGI(TAG, "Revert to ctx->mode = ESP32_SHA_SW."); - #ifdef DEBUG_WOLFSSL_SHA_MUTEX + #ifdef WOLFSSL_DEBUG_MUTEX ESP_LOGI(TAG, "Current mutext owner = %x", (int)esp_sha_mutex_ctx_owner()); #endif @@ -1241,7 +1241,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx) mutex_ctx_task = xTaskGetCurrentTaskHandle(); #endif - #ifdef DEBUG_WOLFSSL_SHA_MUTEX + #ifdef WOLFSSL_DEBUG_MUTEX if (esp_sha_call_count() == 8 && WOLFSSL_TEST_STRAY) { /* once we've locked 10 times here, * we'll force a fallback to SW until other thread unlocks */ @@ -1258,7 +1258,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx) } taskEXIT_CRITICAL(&sha_crit_sect); if (stray_ctx == NULL) { - ESP_LOGW(TAG, "DEBUG_WOLFSSL_SHA_MUTEX on, but stray_ctx " + ESP_LOGW(TAG, "WOLFSSL_DEBUG_MUTEX on, but stray_ctx " "is NULL; are you running the peek task to " "set the stay test?"); } @@ -1267,7 +1267,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx) ESP_LOGI(TAG, "%x", (int)&stray_ctx); ESP_LOGW(TAG, "\n\nLocking with stray\n\n" - "DEBUG_WOLFSSL_SHA_MUTEX call count 8, " + "WOLFSSL_DEBUG_MUTEX call count 8, " "ctx->mode = ESP32_SHA_SW %x\n\n", (int)mutex_ctx_owner); ctx->task_owner = xTaskGetCurrentTaskHandle(); @@ -1287,7 +1287,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx) ESP_LOGI(TAG, "Hardware Mode Active, lock depth = %d, for %x", ctx->lockDepth, (int)ctx->initializer); #endif - #ifdef DEBUG_WOLFSSL_SHA_MUTEX + #ifdef WOLFSSL_DEBUG_MUTEX taskENTER_CRITICAL(&sha_crit_sect); { mutex_ctx_owner = (void*)ctx->initializer; @@ -1308,7 +1308,7 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx) else { /* We should have otherwise anticipated this; how did we get here? ** This code should rarely, ideally never be reached. */ - #ifdef DEBUG_WOLFSSL_SHA_MUTEX + #ifdef WOLFSSL_DEBUG_MUTEX ESP_LOGI(TAG, "\nHardware in use by %x; " "Mode REVERT to ESP32_SHA_SW for %x\n", (int)esp_sha_mutex_ctx_owner(), @@ -1418,7 +1418,7 @@ int esp_sha_hw_unlock(WC_ESP32SHA* ctx) #endif #endif - #ifdef DEBUG_WOLFSSL_SHA_MUTEX + #ifdef WOLFSSL_DEBUG_MUTEX taskENTER_CRITICAL(&sha_crit_sect); { mutex_ctx_owner = 0; @@ -1993,7 +1993,7 @@ int esp_sha256_process(struct wc_Sha256* sha, const byte* data) WC_SHA256_BLOCK_SIZE); break; -#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 +#if defined(WOLFSSL_SHA224) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224) case SHA2_224: #if defined(DEBUG_WOLFSSL_VERBOSE) ESP_LOGV(TAG, " confirmed SHA224 type call match"); diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c index afad7dbfd..4a5f3e184 100644 --- a/wolfcrypt/src/sha.c +++ b/wolfcrypt/src/sha.c @@ -634,7 +634,7 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len) if (sha->buffLen == WC_SHA_BLOCK_SIZE) { #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) if (sha->ctx.mode == ESP32_SHA_INIT) { - #if defined(DEBUG_WOLFSSL_SHA_MUTEX) + #if defined(WOLFSSL_DEBUG_MUTEX) { ESP_LOGI(TAG, "wc_ShaUpdate try hardware"); } @@ -656,7 +656,7 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len) #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) if (sha->ctx.mode == ESP32_SHA_SW) { - #if defined(DEBUG_WOLFSSL_SHA_MUTEX) + #if defined(WOLFSSL_DEBUG_MUTEX) { ESP_LOGI(TAG, "wc_ShaUpdate process software"); } @@ -664,7 +664,7 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len) ret = XTRANSFORM(sha, (const byte*)local); } else { - #if defined(DEBUG_WOLFSSL_SHA_MUTEX) + #if defined(WOLFSSL_DEBUG_MUTEX) { ESP_LOGI(TAG, "wc_ShaUpdate process hardware"); } @@ -905,18 +905,20 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash) #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \ defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) if (sha->ctx.mode == ESP32_SHA_HW) { - /* TODO is this the proper way to reverse endianness for the 64bit Espressif value? - * see also ByteReverseWord64() */ -#if defined(WOLFSSL_SUPER_VERBOSE_DEBUG) - ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness."); -#endif + #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG) + { + ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness."); + } + #endif ByteReverseWords(&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* out */ &sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* in */ 2 * sizeof(word32) /* byte count to reverse */ ); -#if defined(WOLFSSL_SUPER_VERBOSE_DEBUG) - ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness."); -#endif + #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG) + { + ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness."); + } + #endif } /* end if (sha->ctx.mode == ESP32_SHA_HW) */ #endif diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index 54b08f091..50e5b1cca 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -700,52 +700,6 @@ static int InitSha256(wc_Sha256* sha256) /* HW may fail since there's only one, so we still need SW */ #define NEED_SOFT_SHA256 - /* - * we'll set the digest at the last minute, - * just before computing hash. - * - * Reminder that ESP32-C3 does NOT need initial digest. - * - * see page 337 of C3 spec: 16.4.1.3 Setting the Initial Hash Value - * - * "Before hash task begins for any secure hash algorithms, the initial - * Hash value H(0) must be set based on different algorithms. However, - * the SHA accelerator uses the initial Hash values (constant C) stored - * in the hardware for hash tasks" - */ - static int set_default_digest256(wc_Sha256* sha256) - { - return 0; /* TODO not used? */ - int ret = 0; -#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 - - if (sha256->ctx.mode == ESP32_SHA_SW) { - ret = 1; - } -#endif - - /* when not ESP32-C3, we'll need digest for SW or HW */ - #if !defined(CONFIG_IDF_TARGET_ESP32C3) && \ - !defined(CONFIG_IDF_TARGET_ESP32C6) - ret = 1; - #endif - -#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 - if ((ret == 1) && (sha256->ctx.isfirstblock == 1)) { - XMEMSET(sha256->digest, 0, sizeof(sha256->digest)); - sha256->digest[0] = 0x6A09E667L; - sha256->digest[1] = 0xBB67AE85L; - sha256->digest[2] = 0x3C6EF372L; - sha256->digest[3] = 0xA54FF53AL; - sha256->digest[4] = 0x510E527FL; - sha256->digest[5] = 0x9B05688CL; - sha256->digest[6] = 0x1F83D9ABL; - sha256->digest[7] = 0x5BE0CD19L; - } -#endif - return ret; - } - /* ** An Espressif-specific InitSha256() ** @@ -759,9 +713,8 @@ static int InitSha256(wc_Sha256* sha256) return BAD_FUNC_ARG; } - /* we may or may not need initial digest. - * always needed for SW-only. - * See set_default_digest256() for HW/SW */ + /* We may or may not need initial digest for HW. + * Always needed for SW-only. */ sha256->digest[0] = 0x6A09E667L; sha256->digest[1] = 0xBB67AE85L; sha256->digest[2] = 0x3C6EF372L; @@ -1111,7 +1064,6 @@ static int InitSha256(wc_Sha256* sha256) ESP_LOGV(TAG, "Sha256Update try hardware"); esp_sha_try_hw_lock(&sha256->ctx); } - set_default_digest256(sha256); #endif @@ -1138,7 +1090,7 @@ static int InitSha256(wc_Sha256* sha256) !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) if (sha256->ctx.mode == ESP32_SHA_SW) { - #if defined(DEBUG_WOLFSSL_SHA_MUTEX) + #if defined(WOLFSSL_DEBUG_MUTEX) { ESP_LOGI(TAG, "Sha256Update process software"); } @@ -1152,7 +1104,7 @@ static int InitSha256(wc_Sha256* sha256) ret = XTRANSFORM(sha256, (const byte*)local); } else { - #if defined(DEBUG_WOLFSSL_SHA_MUTEX) + #if defined(WOLFSSL_DEBUG_MUTEX) { ESP_LOGI(TAG, "Sha256Update process hardware"); } diff --git a/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h b/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h index bf938383d..b459d9b2b 100644 --- a/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h +++ b/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h @@ -147,7 +147,7 @@ enum { ** Turns on development testing. Validates HW accelerated results to software ** - Automatically turns on WOLFSSL_HW_METRICS ** -** DEBUG_WOLFSSL_SHA_MUTEX +** WOLFSSL_DEBUG_MUTEX ** Turns on diagnostic messages for SHA mutex. Note that given verbosity, ** there may be TLS timing issues encountered. Use with caution. ** @@ -589,7 +589,7 @@ extern "C" byte blockprocess); WOLFSSL_LOCAL int esp_sha_process(struct wc_Sha* sha, const byte* data); -#ifdef DEBUG_WOLFSSL_SHA_MUTEX +#ifdef WOLFSSL_DEBUG_MUTEX /* testing HW release in task that did not lock */ extern WC_ESP32SHA* stray_ctx; #endif