Update Espressif sha, util, mem, time helpers

2025-07-31 11:17:29 +02:00 · 2024-09-06 16:33:04 -07:00
parent 80a63a3fce
commit b57fcd0bd8
6 changed files with 274 additions and 43 deletions
--- a/wolfcrypt/src/port/Espressif/esp32_sha.c
+++ b/wolfcrypt/src/port/Espressif/esp32_sha.c
@ -135,7 +135,11 @@ static const char* TAG = "wolf_hw_sha";
 #endif
    static uintptr_t mutex_ctx_owner = NULLPTR;
 #if (defined(ESP_MONITOR_HW_TASK_LOCK) && !defined(SINGLE_THREADED)) \
    || defined(WOLFSSL_DEBUG_MUTEX)
    static portMUX_TYPE sha_crit_sect = portMUX_INITIALIZER_UNLOCKED;
 #endif
 #if defined(ESP_MONITOR_HW_TASK_LOCK)
    #ifdef SINGLE_THREADED
@ -506,7 +510,7 @@ int esp_sha224_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
    dst->ctx.initializer = (uintptr_t)&dst->ctx;
    #if defined(ESP_MONITOR_HW_TASK_LOCK) && !defined(SINGLE_THREADED)
    {
-        /* not HW mode for copy, so we are not interested in task owner: */
+        /* Not HW mode for copy, so we are not interested in task owner: */
        dst->ctx.task_owner = 0;
    }
    #endif
@ -985,8 +989,10 @@ int esp_sha_hw_in_use()
 */
 uintptr_t esp_sha_hw_islocked(WC_ESP32SHA* ctx)
 {
    TaskHandle_t mutexHolder;
    uintptr_t ret = 0;
    #ifndef SINGLE_THREADED
        TaskHandle_t mutexHolder;
    #endif
    CTX_STACK_CHECK(ctx);
 #ifdef WOLFSSL_DEBUG_MUTEX
@ -1132,7 +1138,9 @@ uintptr_t esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx)
        ESP_LOGW(TAG, "esp_sha_release_unfinished_lock mode = %d", ctx->mode);
 #endif
        if (ctx->mode == ESP32_SHA_HW) {
 #if defined(DEBUG_WOLFSSL_ESP32_UNFINISHED_HW)
            ESP_LOGW(TAG, "esp_sha_release_unfinished_lock HW!");
 #endif
        }
    }
    return ret;
--- a/wolfcrypt/src/port/Espressif/esp32_util.c
+++ b/wolfcrypt/src/port/Espressif/esp32_util.c
@ -98,21 +98,44 @@ int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex) {
 }
 /*
- * call the ESP-IDF mutex lock; xSemaphoreTake
+ * Call the ESP-IDF mutex lock; xSemaphoreTake
 * this is a general mutex locker, used for different mutex objects for
 * different HW acclerators or other single-use HW features.
 *
 * We should already have known if the resource is in use or not.
 *
 * Return 0 (ESP_OK) on success, otherwise BAD_MUTEX_E
 */
 int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t block_time) {
    int ret;
    if (mutex == NULL) {
        WOLFSSL_ERROR_MSG("esp_CryptHwMutexLock called with null mutex");
        return BAD_MUTEX_E;
    }
 #ifdef SINGLE_THREADED
-    return wc_LockMutex(mutex); /* xSemaphoreTake take with portMAX_DELAY */
+    /* does nothing in single thread mode, always return 0 */
    ret = wc_LockMutex(mutex);
 #else
-    return ((xSemaphoreTake(*mutex, block_time) == pdTRUE) ? 0 : BAD_MUTEX_E);
+    ret = xSemaphoreTake(*mutex, block_time);
    ESP_LOGV(TAG, "xSemaphoreTake 0x%x = %d", (intptr_t)*mutex, ret);
    if (ret == pdTRUE) {
        ret = ESP_OK;
    }
    else {
        if (ret == pdFALSE) {
            ESP_LOGW(TAG, "xSemaphoreTake failed for 0x%x. Still busy?",
                           (intptr_t)*mutex);
            ret = ESP_ERR_NOT_FINISHED;
        }
        else {
            ESP_LOGE(TAG, "xSemaphoreTake 0x%x unexpected = %d",
                           (intptr_t)*mutex, ret);
            ret = BAD_MUTEX_E;
        }
    }
 #endif
    return ret;
 }
 /*
@ -120,17 +143,36 @@ int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t block_time) {
 *
 */
 esp_err_t esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
    int ret = pdTRUE;
    if (mutex == NULL) {
        WOLFSSL_ERROR_MSG("esp_CryptHwMutexLock called with null mutex");
        return BAD_MUTEX_E;
    }
 #ifdef SINGLE_THREADED
-    return wc_UnLockMutex(mutex);
+    ret = wc_UnLockMutex(mutex);
 #else
-    xSemaphoreGive(*mutex);
+    ESP_LOGV(TAG, ">> xSemaphoreGive 0x%x", (intptr_t)*mutex);
-    return ESP_OK;
+    TaskHandle_t mutexHolder = xSemaphoreGetMutexHolder(*mutex);
    if (mutexHolder == NULL) {
        ESP_LOGW(TAG, "esp_CryptHwMutexUnLock with no lock owner 0x%x",
                        (intptr_t)*mutex);
        ret = ESP_OK;
    }
    else {
        ret = xSemaphoreGive(*mutex);
        if (ret == pdTRUE) {
            ESP_LOGV(TAG, "Success: give mutex 0x%x", (intptr_t)*mutex);
            ret = ESP_OK;
        }
        else {
            ESP_LOGV(TAG, "Failed: give mutex 0x%x", (intptr_t)*mutex);
            ret = ESP_FAIL;
        }
    }
 #endif
    return ret;
 }
 #endif /* WOLFSSL_ESP32_CRYPT, etc. */
@ -168,6 +210,7 @@ static int ShowExtendedSystemInfo_platform_espressif(void)
    WOLFSSL_VERSION_PRINTF("Xthal_have_ccount: %u",
                           Xthal_have_ccount);
 #endif
    /* this is the legacy stack size */
 #if defined(CONFIG_MAIN_TASK_STACK_SIZE)
@ -205,24 +248,35 @@ static int ShowExtendedSystemInfo_platform_espressif(void)
 #endif
-#elif CONFIG_IDF_TARGET_ESP32S2
+/* Platform-specific attributes of interest*/
-    WOLFSSL_VERSION_PRINTF("Xthal_have_ccount = %u",
+#if CONFIG_IDF_TARGET_ESP32
    #if defined(CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ)
        WOLFSSL_VERSION_PRINTF("CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ: %u MHz",
                               CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ);
    #endif
    WOLFSSL_VERSION_PRINTF("Xthal_have_ccount: %u",
                           Xthal_have_ccount);
-#elif CONFIG_IDF_TARGET_ESP32C6
+
  /* TODO find Xthal for C6 */
 #elif CONFIG_IDF_TARGET_ESP32C2
-  /* TODO find Xthal for C6 */
+    /* TODO find Xthal for C2 */
 #elif defined(CONFIG_IDF_TARGET_ESP8684)
  /* TODO find Xthal for C6 */
 #elif CONFIG_IDF_TARGET_ESP32C3
    /* not supported at this time */
-#elif CONFIG_IDF_TARGET_ESP32S3
+#elif CONFIG_IDF_TARGET_ESP32C6
-    WOLFSSL_VERSION_PRINTF("Xthal_have_ccount = %u",
+    /* TODO find Xthal for C6 */
                           Xthal_have_ccount);
 #elif CONFIG_IDF_TARGET_ESP32H2
-    /* not supported at this time */
+    /* TODO find Xthal for H2 */
-#elif CONFIG_IDF_TARGET_ESP32C2
+#elif CONFIG_IDF_TARGET_ESP32S2
-    /* not supported at this time */
+    ESP_LOGI(TAG, "CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ = %u MHz",
                   CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
             );
    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
 #elif CONFIG_IDF_TARGET_ESP32S3
    ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
                   CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
             );
    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
 #elif defined(CONFIG_IDF_TARGET_ESP8684)
    /* TODO find Xthal for ESP8684 */
 #else
    /* not supported at this time */
 #endif
@ -438,6 +492,7 @@ esp_err_t ShowExtendedSystemInfo_config(void)
 {
    esp_ShowMacroStatus_need_header = 1;
    show_macro("NO_ESP32_CRYPT",            STR_IFNDEF(NO_ESP32_CRYPT));
    show_macro("NO_ESPIDF_DEFAULT",         STR_IFNDEF(NO_ESPIDF_DEFAULT));
    show_macro("HW_MATH_ENABLED",           STR_IFNDEF(HW_MATH_ENABLED));
@ -562,11 +617,11 @@ int ShowExtendedSystemInfo(void)
 #if defined(WOLFSSL_MULTI_INSTALL_WARNING)
    /* CMake may have detected undesired multiple installs, so give warning. */
-    WOLFSSL_VERSION_PRINTF("");
+    WOLFSSL_VERSION_PRINTF(WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
    WOLFSSL_VERSION_PRINTF("WARNING: Multiple wolfSSL installs found.");
    WOLFSSL_VERSION_PRINTF("Check ESP-IDF components and "
                           "local project [components] directory.");
-    WOLFSSL_VERSION_PRINTF("");
+    WOLFSSL_VERSION_PRINTF(WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
 #else
    #ifdef WOLFSSL_USER_SETTINGS_DIR
    {
@ -737,14 +792,11 @@ esp_err_t esp_EnabledWatchdog(void)
                      ESP_IDF_VERSION_MAJOR);
    #endif
 #endif
 #ifdef DEBUG_WOLFSSL
    ESP_LOGI(TAG, "Watchdog enabled.");
 #endif
    return ret;
 }
 /* Print a MATH_INT_T attribute list.
 *
 * Note with the right string parameters, the result can be pasted as
@ -904,4 +956,49 @@ esp_err_t esp_hw_show_metrics(void)
    return ESP_OK;
 }
 int show_binary(byte* theVar, size_t dataSz) {
    printf("*****************************************************\n");
    word32 i;
    for (i = 0; i < dataSz; i++)
        printf("%02X", theVar[i]);
    printf("\n");
    printf("******************************************************\n");
    return 0;
 }
 int hexToBinary(byte* toVar, const char* fromHexString, size_t szHexString ) {
    int ret = 0;
    /* Calculate the actual binary length of the hex string */
    size_t byteLen = szHexString / 2;
    if (toVar == NULL || fromHexString == NULL) {
        ESP_LOGE("ssh", " error");
        return -1;
    }
    if ((szHexString % 2 != 0)) {
        ESP_LOGE("ssh", "fromHexString length not even!");
    }
    ESP_LOGW(TAG, "Replacing %d bytes at %x", byteLen, (word32)toVar);
    memset(toVar, 0, byteLen);
    /* Iterate through the hex string and convert to binary */
    for (size_t i = 0; i < szHexString; i += 2) {
        /* Convert hex character to decimal */
        int decimalValue;
        sscanf(&fromHexString[i], "%2x", &decimalValue);
        size_t index = i / 2;
 #if (0)
        /* Optionall peek at new values */
        byte new_val =  (decimalValue & 0x0F) << ((i % 2) * 4);
        ESP_LOGI("hex", "Current char = %d", toVar[index]);
        ESP_LOGI("hex", "New val = %d", decimalValue);
 #endif
        toVar[index]  = decimalValue;
    }
    return ret;
 }
 #endif /* WOLFSSL_ESPIDF */
--- a/wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.c
+++ b/wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.c
@ -161,7 +161,7 @@ static const char* sdk_memory_segment_text[SDK_MEMORY_SEGMENT_COUNT + 1] = {
 int sdk_log_meminfo(enum sdk_memory_segment m, void* start, void* end)
 {
    const char* str;
-    int len = 0;
+    word32 len = 0;
    str = sdk_memory_segment_text[m];
    sdk_memory_segment_start[m] = start;
    sdk_memory_segment_end[m] = end;
@ -173,7 +173,7 @@ int sdk_log_meminfo(enum sdk_memory_segment m, void* start, void* end)
        ESP_LOGI(TAG, "                  Start         End          Length");
    }
    else {
-        len = (uint32_t)end - (uint32_t)start;
+        len = (word32)end - (word32)start;
        ESP_LOGI(TAG, "%s: %p ~ %p : 0x%05x (%d)", str, start, end, len, len );
    }
    return ESP_OK;
--- a/wolfcrypt/src/port/Espressif/esp_sdk_time_lib.c
+++ b/wolfcrypt/src/port/Espressif/esp_sdk_time_lib.c
@ -23,14 +23,19 @@
    #include <config.h>
 #endif
-/* Reminder: user_settings.h is needed and included from settings.h
+/* wolfSSL */
- * Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
+/* Always include wolfcrypt/settings.h before any other wolfSSL file.    */
-#include <wolfssl/wolfcrypt/settings.h>
+/* Reminder: settings.h pulls in user_settings.h; don't include it here. */
 #ifdef WOLFSSL_USER_SETTINGS
    #include <wolfssl/wolfcrypt/settings.h>
 #endif
 #if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
 #include "sdkconfig.h" /* programmatically generated from sdkconfig */
 #if defined(USE_WOLFSSL_ESP_SDK_TIME)
 /* Espressif */
 #include "sdkconfig.h" /* programmatically generated from sdkconfig */
 #include <esp_log.h>
 #include <esp_err.h>
@ -145,11 +150,11 @@ int set_fixed_default_time(void)
     * but let's set a default time, just in case */
    struct tm timeinfo = {
        .tm_year = 2024 - 1900,
-        .tm_mon  = 1,
+        .tm_mon  =  9 - 1, /* Month, where 0 = Jan */
-        .tm_mday = 05,
+        .tm_mday =  3 ,    /* Day of the month 30  */
        .tm_hour = 13,
-        .tm_min  = 01,
+        .tm_min  =  1,
-        .tm_sec  = 05
+        .tm_sec  =  5
    };
    struct timeval now;
    time_t interim_time;
--- a/wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h
+++ b/wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h
@ -148,9 +148,13 @@ WOLFSSL_LOCAL esp_err_t sdk_var_whereis(const char* v_name, void* v);
 WOLFSSL_LOCAL intptr_t esp_sdk_stack_pointer(void);
 #if defined(USE_WOLFSSL_ESP_SDK_TIME)
 /******************************************************************************
 * Time helpers
 ******************************************************************************/
 WOLFSSL_LOCAL esp_err_t esp_sdk_time_mem_init(void);
 WOLFSSL_LOCAL esp_err_t esp_sdk_time_lib_init(void);
 /* a function to show the current data and time */
@ -168,8 +172,9 @@ WOLFSSL_LOCAL esp_err_t set_time(void);
 /* wait NTP_RETRY_COUNT seconds before giving up on NTP time */
 WOLFSSL_LOCAL esp_err_t set_time_wait_for_ntp(void);
 #endif
-#ifndef NO_ESP_SDK_WIFI
+#if defined(USE_WOLFSSL_ESP_SDK_WIFI)
 /******************************************************************************
 * WiFi helpers
@ -201,8 +206,7 @@ WOLFSSL_LOCAL esp_err_t esp_sdk_wifi_init_sta(void);
 WOLFSSL_LOCAL esp_err_t esp_sdk_wifi_show_ip(void);
-#endif /* !NO_ESP_SDK_WIFI */
+#endif /* USE_WOLFSSL_ESP_SDK_WIFI */
 /******************************************************************************
 * Debug helpers
--- a/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
+++ b/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
@ -216,6 +216,10 @@ enum {
 **   Turns on diagnostic messages for SHA mutex. Note that given verbosity,
 **   there may be TLS timing issues encountered. Use with caution.
 **
 ** DEBUG_WOLFSSL_ESP32_UNFINISHED_HW
 **   This may be interesting in that HW may have been unnessearily locked
 **   for hash that was never completed. (typically encountered at `free1` time)
 **
 ** LOG_LOCAL_LEVEL
 **   Debugging. Default value is ESP_LOG_DEBUG
 **
@ -563,6 +567,95 @@ enum {
    defined(WOLFSSL_ESP32_CRYPT_DEBUG)
 #endif
 /*
 ******************************************************************************
 ** wolfssl component Kconfig file settings
 ******************************************************************************
 * Naming convention:
 *
 * CONFIG_
 *      This prefix indicates the setting came from the sdkconfig / Kconfig.
 *
 *      May or may not be related to wolfSSL.
 *
 *      The name after this prefix must exactly match that in the Kconfig file.
 *
 * WOLFSSL_
 *      Typical of many, but not all wolfSSL macro names.
 *
 *      Applies to all wolfSSL products such as wolfSSH, wolfMQTT, etc.
 *
 *      May or may not have a corresponding sdkconfig / Kconfig control.
 *
 * ESP_WOLFSSL_
 *      These are NOT valid wolfSSL macro names. These are names only used in
 *      the ESP-IDF Kconfig files. When parsed, they will have a "CONFIG_"
 *      suffix added. See next section.
 *
 * CONFIG_ESP_WOLFSSL_
 *      This is a wolfSSL-specific macro that has been defined in the ESP-IDF
 *      via the sdkconfig / menuconfig. Any text after this prefix should
 *      exactly match an existing wolfSSL macro name.
 *
 *      Applies to all wolfSSL products such as wolfSSH, wolfMQTT, etc.
 *
 *      These macros may also be specific to only the project or environment,
 *      and possibly not used anywhere else in the wolfSSL libraries.
 */
 /* Pre-set some hardware acceleration from Kconfig / menuconfig settings */
 #ifdef CONFIG_ESP_WOLFSSL_NO_ESP32_CRYPT
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_AES
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
 #endif
 #ifdef CONFIG_ESP_WOLFSSL_NO_HW_AES
    #define NO_WOLFSSL_ESP32_CRYPT_AES
 #endif
 #ifdef CONFIG_ESP_WOLFSSL_NO_HW_HASH
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
 #endif
 #ifdef CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
 #endif
 #ifdef CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
 #endif
 #ifdef CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
 #endif
 #ifdef CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
 #endif
 /* wolfCrypt test settings */
 #ifdef CONFIG_ESP_WOLFSSL_ENABLE_TEST
    #ifdef CONFIG_WOLFSSL_HAVE_WOLFCRYPT_TEST_OPTIONS
        #define HAVE_WOLFCRYPT_TEST_OPTIONS
    #endif
 #endif
 /* debug options */
 #if defined(CONFIG_ESP_WOLFSSL_DEBUG_WOLFSSL)
    /* wolfSSH debugging enabled via Kconfig / menuconfig */
    #define DEBUG_WOLFSSL
 #endif
 /*
 ******************************************************************************
 ** END wolfssl component Kconfig file settings
 ******************************************************************************
 */
 #ifdef __cplusplus
 extern "C"
 {
@ -623,7 +716,8 @@ extern "C"
    #elif defined(CONFIG_IDF_TARGET_ESP8266)
        /* no hardware includes for ESP8266*/
    #else
-        #include "rom/aes.h"
+        /* TODO: Confirm for older versions: */
        /* #include "rom/aes.h" */
    #endif
    typedef enum tagES32_AES_PROCESS /* TODO what's this ? */
@ -759,7 +853,7 @@ extern "C"
    #if defined(WOLFSSL_STACK_CHECK)
        word32 last_word;
    #endif
-    } WC_ESP32SHA;
+    } WC_ESP32SHA __attribute__((aligned(4)));
    WOLFSSL_LOCAL int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx);
    WOLFSSL_LOCAL int esp_sha_init(WC_ESP32SHA* ctx,
@ -986,6 +1080,29 @@ WOLFSSL_LOCAL int esp_sha_stack_check(WC_ESP32SHA* sha);
 }
 #endif
 /******************************************************************************
 ** Sanity Checks
 ******************************************************************************/
 #if defined(CONFIG_ESP_MAIN_TASK_STACK_SIZE)
    #if defined(WOLFCRYPT_HAVE_SRP)
        #if defined(FP_MAX_BITS)
            #if FP_MAX_BITS <  (8192 * 2)
                #define ESP_SRP_MINIMUM_STACK_8K (24 * 1024)
            #else
                #define ESP_SRP_MINIMUM_STACK_8K (28 * 1024)
            #endif
        #else
            #error "Please define FP_MAX_BITS when using WOLFCRYPT_HAVE_SRP."
        #endif
        #if (CONFIG_ESP_MAIN_TASK_STACK_SIZE < ESP_SRP_MINIMUM_STACK)
            #warning "WOLFCRYPT_HAVE_SRP enabled with small stack size"
        #endif
    #endif
 #else
    #warning "CONFIG_ESP_MAIN_TASK_STACK_SIZE not defined!"
 #endif
 #endif /* WOLFSSL_ESPIDF (entire contents excluded when not Espressif ESP-IDF) */
 #endif  /* __ESP32_CRYPT_H__ */