wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 02:37:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Espressif wolfcrypt updates

Browse Source
This commit is contained in:
gojimmypi
2023-12-06 10:05:31 -08:00
parent 7753e3db8a
commit ca1eba0919
6 changed files with 390 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
wolfcrypt/benchmark/benchmark.c
View File

@ -309,7 +309,7 @@
defined(CONFIG_IDF_TARGET_ESP32S3)
#include <xtensa/hal.h>
#else
#error "CONFIG_IDF_TARGET not implemented"
/* Other platform */
#endif
#include <esp_log.h>
#endif /* WOLFSSL_ESPIDF */
@ -1259,12 +1259,16 @@ static const char* bench_result_words3[][5] = {
/* reminder: unsigned long long max = 18,446,744,073,709,551,615 */
/* the currently observed clock counter value */
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
uint64_t thisVal = 0;
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer, &thisVal));
#else
/* reminder unsupported CONFIG_IDF_TARGET captured above */
uint64_t thisVal = xthal_get_ccount();
#ifndef __XTENSA__
thisVal = esp_cpu_get_cycle_count();
#else
thisVal = xthal_get_ccount(); /* or esp_cpu_get_cycle_count(); */
#endif
#endif
/* if the current value is less than the previous value,
** we likely overflowed at least once.
@ -1296,7 +1300,11 @@ static const char* bench_result_words3[][5] = {
ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer,
&_xthal_get_ccount_last));
#else
_xthal_get_ccount_last = xthal_get_ccount();
#ifndef __XTENSA__
thisVal = esp_cpu_get_cycle_count();
#else
thisVal = xthal_get_ccount(); /* or esp_cpu_get_cycle_count(); */
#endif
#endif
return _xthal_get_ccount_ex;
}

21
wolfcrypt/src/port/Espressif/esp32_mp.c
View File

@ -90,7 +90,7 @@
#endif
#ifndef ESP_RSA_EXPT_YBITS
#define ESP_RSA_EXPT_YBITS 8
#define ESP_RSA_EXPT_YBITS 8
#endif
#define ESP_TIMEOUT(cnt) (cnt >= ESP_RSA_TIMEOUT_CNT)
@ -140,12 +140,14 @@ static portMUX_TYPE wc_rsa_reg_lock = portMUX_INITIALIZER_UNLOCKED;
/* usage metrics can be turned on independently of debugging */
#ifdef WOLFSSL_HW_METRICS
static unsigned long esp_mp_max_used = 0;
static unsigned long esp_mp_max_used = 0;
static unsigned long esp_mp_mulmod_small_x_ct = 0;
static unsigned long esp_mp_mulmod_small_y_ct = 0;
#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
static unsigned long esp_mp_max_timeout = 0;
#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
static unsigned long esp_mp_mul_usage_ct = 0;
static unsigned long esp_mp_mul_error_ct = 0;
#endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
@ -236,6 +238,13 @@ static int esp_mp_hw_wait_clean(void)
/* no HW timeout if we don't know the platform. assumes no HW */
#endif
#if defined(WOLFSSL_HW_METRICS)
{
esp_mp_max_timeout = (timeout > esp_mp_max_timeout) ? timeout :
esp_mp_max_timeout;
}
#endif
if (ESP_TIMEOUT(timeout)) {
ESP_LOGE(TAG, "esp_mp_hw_wait_clean waiting HW ready timed out.");
ret = WC_HW_WAIT_E; /* hardware is busy, MP_HW_BUSY; */
@ -1016,7 +1025,7 @@ int esp_mp_montgomery_init(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M,
}
if ((X == NULL) || (Y == NULL) || (M == NULL) ) {
/* if a bad operand passed, we cannot use HW */
ESP_LOGE(TAG, "ERROR: Bad montgomery operand, falling back to SW");
ESP_LOGE(TAG, "ERROR: Bad Montgomery operand, falling back to SW");
return MP_HW_FALLBACK;
}
XMEMSET(mph, 0, sizeof(struct esp_mp_helper));
@ -1298,7 +1307,7 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
resultWords_sz = bits2words(Xs + Ys);
/* sanity check */
if((hwWords_sz << 5) > ESP_HW_MULTI_RSAMAX_BITS) {
if ( (hwWords_sz << 5) > ESP_HW_MULTI_RSAMAX_BITS) {
ESP_LOGW(TAG, "exceeds max bit length(2048) (a)");
ret = MP_HW_FALLBACK; /* Error: value is not able to be used. */
}
@ -3060,6 +3069,8 @@ int esp_hw_show_mp_metrics(void)
#endif /* EXPTMOD not disabled !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
ESP_LOGI(TAG, "Max N->used: esp_mp_max_used = %lu", esp_mp_max_used);
ESP_LOGI(TAG, "Max timeout: esp_mp_max_timeout = %lu", esp_mp_max_timeout);
#else
/* no HW math, no HW math metrics */
ret = ESP_OK;

212
wolfcrypt/src/port/Espressif/esp32_sha.c
View File

@ -50,7 +50,10 @@
#if defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
#include <hal/sha_hal.h>
#include <hal/sha_ll.h>
@ -72,13 +75,16 @@
#include <wolfcrypt/src/misc.c>
#endif
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
static const char* TAG = "wolf_hw_sha";
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
/* keep track of the currently active SHA hash object for interleaving */
const static word32 ** _active_digest_address = 0;
#endif
static const char* TAG = "wolf_hw_sha";
#ifdef NO_SHA
#define WC_SHA_DIGEST_SIZE 20
#endif
@ -158,11 +164,16 @@ static const char* TAG = "wolf_hw_sha";
/*
** The wolfCrypt functions for LITTLE_ENDIAN_ORDER typically
** reverse the byte order. Except when the hardware doesn't expect it.
**
** Returns 0 (FALSE) or 1 (TRUE); see wolfSSL types.h
*/
int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx)
{
int ret = 1; /* assume we'll need reversal, look for exceptions */
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
int ret = TRUE; /* assume we'll need reversal, look for exceptions */
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
if (ctx == NULL) {
ESP_LOGE(TAG, " ctx is null");
/* return true for bad params */
@ -175,10 +186,10 @@ int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx)
#endif
if (ctx->mode == ESP32_SHA_HW) {
ESP_LOGV(TAG, " No reversal, ESP32_SHA_HW");
ret = 0;
ret = FALSE;
}
else {
ret = 1;
ret = TRUE;
ESP_LOGV(TAG, " Need byte reversal, %d", ctx->mode);
/* return true for SW; only HW C3 skips reversal at this time. */
#ifdef WOLFSSL_HW_METRICS
@ -276,7 +287,10 @@ int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type)
ESP_LOGW(TAG, "Unexpected hash_type in esp_sha_init");
break;
}
#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
switch (hash_type) { /* check each wolfSSL hash type WC_[n] */
#ifndef NO_SHA
case WC_HASH_TYPE_SHA:
@ -312,7 +326,9 @@ int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type)
/* other chipsets will be implemented here */
ESP_LOGW(TAG, "SW Fallback; CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
ctx->mode = ESP32_SHA_SW;
#endif /* CONFIG_IDF_TARGET_ESP32 || x_ESP32S2 || x_ESP32S3 */
#endif /* CONFIG_IDF_TARGET_ESP32 ||
* CONFIG_IDF_TARGET_ESP32S2 ||
* CONFIG_IDF_TARGET_ESP32S3 */
return ret;
}
@ -541,9 +557,12 @@ int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst)
}
if (dst->ctx.mode == ESP32_SHA_SW) {
#if defined(CONFIG_IDF_TARGET_ESP32C3) || \
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
/* Reverse digest for C3 when HW enabled but fallback to SW. */
/* Reverse digest for C2/C3/C6 RISC-V platform
* only when HW enabled but fallback to SW. */
ByteReverseWords(dst->digest, dst->digest, WC_SHA_DIGEST_SIZE);
#ifdef WOLFSSL_HW_METRICS
esp_sha_reverse_words_ct++;
@ -613,7 +632,7 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
ESP_LOGI(TAG, "esp_sha256_ctx_copy esp_sha512_digest_process");
}
#endif
ret = esp_sha256_digest_process(dst, 0);
ret = esp_sha256_digest_process(dst, 0); /* TODO Use FALSE*/
if (ret == 0) {
/* provide init hint to possibly SW revert */
@ -624,7 +643,9 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
}
if (dst->ctx.mode == ESP32_SHA_SW) {
#if defined(CONFIG_IDF_TARGET_ESP32C3) || \
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
{
/* Reverse digest byte order for C3 fallback to SW. */
@ -665,9 +686,16 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
{
int ret = 0;
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
ESP_LOGW(TAG, "Warning: esp_sha384_ctx_copy() called for ESP32-C3!");
ESP_LOGW(TAG, "There's no SHA384 HW for the ESP32-C3");
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
{
/* We should ever be calling the HW sHA384 copy for this target. */
ESP_LOGW(TAG, "Warning: esp_sha384_ctx_copy() called for %s!",
CONFIG_IDF_TARGET);
ESP_LOGW(TAG, "There's no SHA384 HW for this CONFIG_IDF_TARGET");
}
#else
if (src->ctx.mode == ESP32_SHA_HW) {
/* Get a copy of the HW digest, but don't process it. */
@ -723,8 +751,16 @@ int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
*/
int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
{
int ret = 0;
#if !defined(CONFIG_IDF_TARGET_ESP32C3) && !defined(CONFIG_IDF_TARGET_ESP32C6)
int ret = ESP_OK; /* Assume success (zero) */
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
/* there's no SHA512 HW on the RISC-V SoC so there's nothing to do. */
#elif defined(CONFIG_IDF_TARGET_ESP32) || \
defined(CONFIG_IDF_TARGET_ESP32S2) || \
defined(CONFIG_IDF_TARGET_ESP32S3)
if (src->ctx.mode == ESP32_SHA_HW) {
/* Get a copy of the HW digest, but don't process it. */
ESP_LOGI(TAG, "esp_sha512_ctx_copy esp_sha512_digest_process");
@ -752,7 +788,9 @@ int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
/* reminder this happened in XMEMCOPY, above: dst->ctx = src->ctx;
** No special HW init needed when not in active HW mode.
** but we need to set our initializer breadcrumb: */
#if !defined(CONFIG_IDF_TARGET_ESP32C3) && \
/* TODO: instead of what is NOT supported, gate on what IS known to be supported */
#if !defined(CONFIG_IDF_TARGET_ESP32C2) && \
!defined(CONFIG_IDF_TARGET_ESP32C3) && \
!defined(CONFIG_IDF_TARGET_ESP32C6)
dst->ctx.initializer = &dst->ctx; /*breadcrumb is this ctx address */
#endif
@ -764,6 +802,7 @@ int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
#endif
}
#endif
return ret;
} /* esp_sha512_ctx_copy */
#endif
@ -821,7 +860,7 @@ static word32 wc_esp_sha_digest_size(WC_ESP_SHA_TYPE type)
break;
}
#else
/* Xtnsa */
/* Xtensa */
switch (type) {
#ifndef NO_SHA
case SHA1: /* typically 20 bytes */
@ -871,7 +910,10 @@ static int wc_esp_wait_until_idle(void)
int ret = 0; /* assume success */
int loop_ct = 10000;
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
/* ESP32-C3 and ESP32-C6 RISC-V */
while ((sha_ll_busy() == true) && (loop_ct > 0)) {
loop_ct--;
@ -925,16 +967,20 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
return BAD_FUNC_ARG;
}
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
/* RISC-V Architecture */
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
/************* RISC-V Architecture *************/
(void)max_unroll_count;
(void)_active_digest_address;
ets_sha_disable();
/* We don't check for unroll as done below, for Xtensa*/
#else
/* Xtensa Architecture */
/************* Xtensa Architecture *************/
/* unwind prior calls to THIS ctx. decrement ref_counts[periph] */
/* only when ref_counts[periph] == 0 does something actually happen */
/* unwind prior calls to THIS ctx. decrement ref_counts[periph]
** only when ref_counts[periph] == 0 does something actually happen. */
/* once the value we read is a 0 in the DPORT_PERI_CLK_EN_REG bit
* then we have fully unrolled the enables via ref_counts[periph]==0 */
@ -1243,8 +1289,8 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
#ifdef WOLFSSL_DEBUG_MUTEX
if (esp_sha_call_count() == 8 && WOLFSSL_TEST_STRAY) {
/* once we've locked 10 times here,
* we'll force a fallback to SW until other thread unlocks */
/* Once we've locked 10 times here,
* we'll force a fallback to SW until other thread unlocks. */
taskENTER_CRITICAL(&sha_crit_sect);
{
(void)stray_ctx;
@ -1329,10 +1375,15 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
}
#endif /* not defined(SINGLE_THREADED) */
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
{
ESP_LOGV(TAG, "ets_sha_enable for RISC-V");
ets_sha_enable();
ctx->mode = ESP32_SHA_HW;
}
#else
if (ret == 0) {
ctx->lockDepth++; /* depth for THIS ctx (there could be others!) */
@ -1361,14 +1412,15 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
*/
int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
{
int ret;
int ret = ESP_OK; /* assume success (zero) */
#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
ESP_LOGV(TAG, "enter esp_sha_hw_unlock");
#endif
ret = 0;
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
/* ESP32-C3 and ESP32-C6 RISC-V */
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
ets_sha_disable(); /* disable also resets active, ongoing hash */
ESP_LOGV(TAG, "ets_sha_disable in esp_sha_hw_unlock()");
#else
@ -1431,9 +1483,10 @@ int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
ESP_LOGE(TAG, "ERROR unlock lockDepth not zero");
ret = ESP_FAIL;
}
#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
ESP_LOGI(TAG, "leave esp_sha_hw_unlock, %x", (int)ctx->initializer);
#endif
#endif
return ret;
} /* esp_sha_hw_unlock */
@ -1442,8 +1495,13 @@ int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
* Assumes register already loaded.
* Returns a negative value error code upon failure.
*/
#if !defined(CONFIG_IDF_TARGET_ESP32C3) && !defined(CONFIG_IDF_TARGET_ESP32C6)
/* the ESP32-C3 HAL has built-in process start, everything else uses: */
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
/* ESP32-C3 HAL has built-in process start, nothing to declare here. */
#else
/* Everything else uses esp_sha_start_process() */
static int esp_sha_start_process(WC_ESP32SHA* sha)
{
int ret = 0;
@ -1457,7 +1515,10 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
ESP_LOGV(TAG, " enter esp_sha_start_process");
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
ESP_LOGV(TAG, "SHA1 SHA_START_REG");
if (sha->isfirstblock) {
sha_ll_start_block(SHA2_256);
@ -1477,7 +1538,9 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
ESP_LOGV(TAG, " continue block #%d", this_block_num);
#endif
} /* not first block */
/***** END CONFIG_IDF_TARGET_ESP32C3 or CONFIG_IDF_TARGET_ESP32C6 *****/
/***** END CONFIG_IDF_TARGET_ESP32C2 aka ESP8684 or
* CONFIG_IDF_TARGET_ESP32C3 or
* CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
/* Translate from Wolf SHA type to hardware algorithm. */
@ -1667,8 +1730,13 @@ static int wc_esp_process_block(WC_ESP32SHA* ctx, /* see ctx->sha_type */
ret = esp_sha_start_process(ctx);
/***** END CONFIG_IDF_TARGET_ESP32 */
#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
/* SHA_M_1_REG is not a macro:
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
/************* RISC-V Architecture *************
*
* SHA_M_1_REG is not a macro:
* DPORT_REG_WRITE(SHA_M_1_REG + (i*sizeof(word32)), *(data + i));
*
* but we have this HAL: sha_ll_fill_text_block
@ -1710,7 +1778,10 @@ static int wc_esp_process_block(WC_ESP32SHA* ctx, /* see ctx->sha_type */
ctx->isfirstblock);
ctx->isfirstblock = 0; /* once we hash a block,
* we're no longer at the first */
/***** END CONFIG_IDF_TARGET_ESP32C3 or CONFIG_IDF_TARGET_ESP32C6 */
/***** END CONFIG_IDF_TARGET_ESP32C2 or
* CONFIG_IDF_TARGET_ESP8684 or
* CONFIG_IDF_TARGET_ESP32C3 or
* CONFIG_IDF_TARGET_ESP32C6 */
#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
MessageSource = (word32*)data;
@ -1785,7 +1856,9 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
/* sanity check */
#if defined(CONFIG_IDF_TARGET_ESP32)
if (ctx->sha_type == SHA_INVALID) {
#elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32S2) || \
defined(CONFIG_IDF_TARGET_ESP32S3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
@ -1805,6 +1878,7 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
ESP_LOGE(TAG, "unexpected error. sha_type is invalid.");
return ESP_FAIL;
}
#if defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
if (ctx->isfirstblock == true) {
/* no hardware use yet. Nothing to do yet */
@ -1837,20 +1911,34 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
} /* not (ctx->sha_type == SHA2_512) */
/* end if CONFIG_IDF_TARGET_ESP32S3 */
#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
sha_ll_read_digest(ctx->sha_type,
(void *)hash,
wc_esp_sha_digest_size(ctx->sha_type) / sizeof(word32));
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
wc_esp_wait_until_idle();
sha_ll_read_digest(
ctx->sha_type,
(void *)hash,
wc_esp_sha_digest_size(ctx->sha_type) / sizeof(word32)
);
#elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
wc_esp_wait_until_idle();
sha_ll_read_digest(
ctx->sha_type,
(void *)hash,
wc_esp_sha_digest_size(ctx->sha_type) / sizeof(word32)
);
#else
/* not CONFIG_IDF_TARGET_ESP32S3 */
/* wait until idle */
wc_esp_wait_until_idle();
/* each sha_type register is at a different location */
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
/* nothing here for S2 */
#else
switch (ctx->sha_type) {
case SHA1:
@ -2051,7 +2139,13 @@ int esp_sha512_block(struct wc_Sha512* sha, const word32* data, byte isfinal)
int ret = 0; /* assume success */
ESP_LOGV(TAG, "enter esp_sha512_block");
/* start register offset */
#if !defined(CONFIG_IDF_TARGET_ESP32C3) && !defined(CONFIG_IDF_TARGET_ESP32C6)
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
/* No SHA-512 HW on RISC-V SoC, so nothing to do. */
#else
/* note that in SW mode, wolfSSL uses 64 bit words */
if (sha->ctx.mode == ESP32_SHA_SW) {
ByteReverseWords64(sha->buffer,
@ -2107,8 +2201,14 @@ int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc)
{
int ret = 0;
ESP_LOGV(TAG, "enter esp_sha512_digest_process");
#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
ESP_LOGW(TAG, "Warning: no SHA512 HW to digest on ESP32-C3");
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
{
ESP_LOGW(TAG, "Warning: no SHA512 HW to digest on %s",
CONFIG_IDF_TARGET);
}
#else
if (blockproc) {
word32* data = (word32*)sha->buffer;
@ -2171,6 +2271,6 @@ int esp_hw_show_sha_metrics(void)
return ret;
}
#endif /* WOLFSSL_HW_METRICS */
#endif /* WOLFSSL_ESP32_CRYPT and WOLFSSL_HW_METRICS */
#endif /* WOLFSSL_ESPIDF */
#endif /* WOLFSSL_ESPIDF (exclude entire contents for non-Espressif projects */

119
wolfcrypt/src/port/Espressif/esp32_util.c
View File

@ -200,7 +200,11 @@ static int ShowExtendedSystemInfo_platform_espressif(void)
WOLFSSL_VERSION_PRINTF("Xthal_have_ccount = %u",
Xthal_have_ccount);
#elif CONFIG_IDF_TARGET_ESP32C6
/* not supported at this time */
/* TODO find Xthal for C6 */
#elif CONFIG_IDF_TARGET_ESP32C2
/* TODO find Xthal for C6 */
#elif defined(CONFIG_IDF_TARGET_ESP8684)
/* TODO find Xthal for C6 */
#elif CONFIG_IDF_TARGET_ESP32C3
/* not supported at this time */
#elif CONFIG_IDF_TARGET_ESP32S3
@ -227,6 +231,9 @@ static int ShowExtendedSystemInfo_platform_espressif(void)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-S2.");
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-S3.");
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C2.");
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C3.");
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
@ -234,7 +241,7 @@ static int ShowExtendedSystemInfo_platform_espressif(void)
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-H2.");
#else
/* this should have been detected & disabled in user_settins.h */
/* This should have been detected & disabled in user_settins.h */
#error "ESP32_CRYPT not yet supported on this IDF TARGET"
#endif
@ -245,12 +252,12 @@ static int ShowExtendedSystemInfo_platform_espressif(void)
#endif
#if defined(NO_WOLFSSL_ESP32_CRYPT_AES)
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_AES is defined!"
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_AES is defined! "
"(disabled HW AES).");
#endif
#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_RSA_PRI defined!"
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_RSA_PRI defined! "
"(disabled HW RSA)");
#endif
#endif
@ -375,7 +382,7 @@ int esp_current_boot_count(void)
}
/* See macro helpers above; not_defined is macro name when *not* defined */
static int esp_ShowMacroStatus(char* s, char* not_defined)
static int show_macro(char* s, char* not_defined)
{
char hd1[] = "Macro Name Defined Not Defined";
char hd2[] = "------------------------- --------- -------------";
@ -396,9 +403,11 @@ static int esp_ShowMacroStatus(char* s, char* not_defined)
/* Depending on if defined, put an "x" in the appropriate column */
if (not_defined == NULL || not_defined[0] == '\0') {
msg[ESP_SMS_ENA_POS] = 'X';
msg[ESP_SMS_ENA_POS+1] = 0; /* end of line to eliminate space pad */
}
else {
msg[ESP_SMS_DIS_POS] = 'X';
msg[ESP_SMS_DIS_POS+1] = 0; /* end of line to eliminate space pad */
}
/* do we need a header? */
@ -414,35 +423,78 @@ static int esp_ShowMacroStatus(char* s, char* not_defined)
}
/* Show some interesting settings */
int esp_ShowHardwareAcclerationSettings(void)
int ShowExtendedSystemInfo_config(void)
{
esp_ShowMacroStatus_need_header = 1;
esp_ShowMacroStatus("HW_MATH_ENABLED", STR_IFNDEF(HW_MATH_ENABLED));
esp_ShowMacroStatus("RSA_LOW_MEM", STR_IFNDEF(RSA_LOW_MEM));
esp_ShowMacroStatus("WOLFSSL_SHA224", STR_IFNDEF(WOLFSSL_SHA224));
esp_ShowMacroStatus("WOLFSSL_SHA384", STR_IFNDEF(WOLFSSL_SHA384));
esp_ShowMacroStatus("WOLFSSL_SHA512", STR_IFNDEF(WOLFSSL_SHA512));
esp_ShowMacroStatus("WOLFSSL_SHA3", STR_IFNDEF(WOLFSSL_SHA3));
esp_ShowMacroStatus("HAVE_ED25519", STR_IFNDEF(HAVE_ED25519));
esp_ShowMacroStatus("USE_FAST_MATH", STR_IFNDEF(USE_FAST_MATH));
esp_ShowMacroStatus("WOLFSSL_SP_MATH_ALL", STR_IFNDEF(WOLFSSL_SP_MATH_ALL));
esp_ShowMacroStatus("WOLFSSL_SP_RISCV32", STR_IFNDEF(WOLFSSL_SP_RISCV32));
esp_ShowMacroStatus("SP_MATH", STR_IFNDEF(SP_MATH));
esp_ShowMacroStatus("WOLFSSL_HW_METRICS", STR_IFNDEF(WOLFSSL_HW_METRICS));
#ifdef USE_FAST_MATH
ESP_LOGI(TAG, "USE_FAST_MATH");
#endif /* USE_FAST_MATH */
show_macro("NO_ESPIDF_DEFAULT", STR_IFNDEF(NO_ESPIDF_DEFAULT));
#ifdef WOLFSSL_SP_MATH_ALL
#ifdef WOLFSSL_SP_RISCV32
ESP_LOGI(TAG, "WOLFSSL_SP_MATH_ALL + WOLFSSL_SP_RISCV32");
#else
ESP_LOGI(TAG, "WOLFSSL_SP_MATH_ALL");
#endif
#endif /* WOLFSSL_SP_MATH_ALL */
show_macro("HW_MATH_ENABLED", STR_IFNDEF(HW_MATH_ENABLED));
/* Features */
show_macro("WOLFSSL_SHA224", STR_IFNDEF(WOLFSSL_SHA224));
show_macro("WOLFSSL_SHA384", STR_IFNDEF(WOLFSSL_SHA384));
show_macro("WOLFSSL_SHA512", STR_IFNDEF(WOLFSSL_SHA512));
show_macro("WOLFSSL_SHA3", STR_IFNDEF(WOLFSSL_SHA3));
show_macro("HAVE_ED25519", STR_IFNDEF(HAVE_ED25519));
show_macro("HAVE_AES_ECB", STR_IFNDEF(HAVE_AES_ECB));
show_macro("HAVE_AES_DIRECT", STR_IFNDEF(HAVE_AES_DIRECT));
/* Math Library Selection */
show_macro("USE_FAST_MATH", STR_IFNDEF(USE_FAST_MATH));
show_macro("WOLFSSL_SP_MATH_ALL", STR_IFNDEF(WOLFSSL_SP_MATH_ALL));
#ifdef WOLFSSL_SP_RISCV32
show_macro("WOLFSSL_SP_RISCV32", STR_IFNDEF(WOLFSSL_SP_RISCV32));
#endif
show_macro("SP_MATH", STR_IFNDEF(SP_MATH));
/* Diagnostics */
show_macro("WOLFSSL_HW_METRICS", STR_IFNDEF(WOLFSSL_HW_METRICS));
/* Optimizations */
show_macro("RSA_LOW_MEM", STR_IFNDEF(RSA_LOW_MEM));
/* Security Hardening */
show_macro("WC_NO_HARDEN", STR_IFNDEF(WC_NO_HARDEN));
show_macro("TFM_TIMING_RESISTANT", STR_IFNDEF(TFM_TIMING_RESISTANT));
show_macro("ECC_TIMING_RESISTANT", STR_IFNDEF(ECC_TIMING_RESISTANT));
/* WC_NO_CACHE_RESISTANT is only important if another process can be
* run on the device. With embedded it is less likely to be exploitable.
* Timing attacks are usually by probe. So typically turn this on: */
show_macro("WC_NO_CACHE_RESISTANT", STR_IFNDEF(WC_NO_CACHE_RESISTANT));
/* Side channel bit slicing */
show_macro("WC_AES_BITSLICED", STR_IFNDEF(WC_AES_BITSLICED));
/* Unrolling will normally improve performance,
* so make sure WOLFSSL_AES_NO_UNROLL isn't defined unless you want it. */
show_macro("WOLFSSL_AES_NO_UNROLL", STR_IFNDEF(WOLFSSL_AES_NO_UNROLL));
show_macro("TFM_TIMING_RESISTANT", STR_IFNDEF(TFM_TIMING_RESISTANT));
show_macro("ECC_TIMING_RESISTANT", STR_IFNDEF(ECC_TIMING_RESISTANT));
show_macro("WC_RSA_BLINDING", STR_IFNDEF(WC_RSA_BLINDING));
show_macro("NO_WRITEV", STR_IFNDEF(NO_WRITEV));
/* Environment */
show_macro("FREERTOS", STR_IFNDEF(FREERTOS));
show_macro("NO_WOLFSSL_DIR", STR_IFNDEF(NO_WOLFSSL_DIR));
show_macro("WOLFSSL_NO_CURRDIR", STR_IFNDEF(WOLFSSL_NO_CURRDIR));
show_macro("WOLFSSL_LWIP", STR_IFNDEF(WOLFSSL_LWIP));
ESP_LOGI(TAG, "");
#if defined(CONFIG_COMPILER_OPTIMIZATION_DEFAULT)
ESP_LOGI(TAG, "Compiler Optimization: Default");
#elif defined(CONFIG_COMPILER_OPTIMIZATION_SIZE)
ESP_LOGI(TAG, "Compiler Optimization: Size");
#elif defined(CONFIG_COMPILER_OPTIMIZATION_PERF)
ESP_LOGI(TAG, "Compiler Optimization: Performance");
#elif defined(CONFIG_COMPILER_OPTIMIZATION_NONE)
ESP_LOGI(TAG, "Compiler Optimization: None");
#else
ESP_LOGI(TAG, "Compiler Optimization: Unknown");
#endif
ESP_LOGI(TAG, "");
return ESP_OK;
}
/*
@ -530,7 +582,7 @@ int ShowExtendedSystemInfo(void)
ESP_LOGW(TAG, "Warning: ESP_RSA_MULM_BITS not defined for ESP32");
#endif
#elif defined(CONFIG_IDF_TARGET_ESP32C2)
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || defined(CONFIG_IDF_TARGET_ESP8684)
ESP_LOGI(TAG, "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
);
@ -572,7 +624,7 @@ int ShowExtendedSystemInfo(void)
#endif
ESP_LOGI(TAG, "");
esp_ShowHardwareAcclerationSettings();
ShowExtendedSystemInfo_config();
ShowExtendedSystemInfo_git();
ShowExtendedSystemInfo_platform();
ShowExtendedSystemInfo_thread();
@ -726,18 +778,19 @@ int esp_hw_show_metrics(void)
#if defined(WOLFSSL_ESP32_CRYPT)
esp_hw_show_sha_metrics();
#else
ESP_LOGI(TAG, "WOLFSSL_ESP32_CRYPT");
ESP_LOGI(TAG, "WOLFSSL_ESP32_CRYPT not defined, "
"HW SHA hash not enabled");
#endif
#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI)
esp_hw_show_mp_metrics();
#else
ESP_LOGI(TAG, "WOLFSSL_ESP32_CRYPT_RSA_PRI not defined,"
ESP_LOGI(TAG, "WOLFSSL_ESP32_CRYPT_RSA_PRI not defined, "
"HW math not enabled");
#endif
#if defined(NO_WOLFSSL_ESP32_CRYPT_AES)
ESP_LOGI(TAG, "NO_WOLFSSL_ESP32_CRYPT_AES is defined,"
ESP_LOGI(TAG, "NO_WOLFSSL_ESP32_CRYPT_AES is defined, "
"HW AES not enabled");
#else
esp_hw_show_aes_metrics();

87
wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
View File

@ -22,9 +22,17 @@
#define __ESP32_CRYPT_H__
/* WOLFSSL_USER_SETTINGS must be defined, typically in the CMakeLists.txt:
*
* set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS") */
#include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
#ifndef WOLFSSL_USER_SETTINGS
#error "WOLFSSL_USER_SETTINGS must be defined for Espressif targts"
#endif
#include "sdkconfig.h" /* ensure ESP-IDF settings are available everywhere */
/* wolfSSL */
@ -72,6 +80,12 @@ enum {
**
** Primary Settings:
**
** WC_NO_HARDEN
** Disables some timing resistance / side-channel attack prevention.
**
** NO_ESPIDF_DEFAULT
** When defined, disables some default definitions. See wolfcrypt/settings.h
**
** NO_ESP32_CRYPT
** When defined, disables all hardware acceleration on the ESP32
**
@ -143,11 +157,15 @@ enum {
** WOLFSSL_HW_METRICS
** Enables metric counters for calls to HW, success, fall back, oddities.
**
** WOLFSSL_HAS_METRICS
** Indicates that we actually have metrics to show. Useful for old wolfSSL
** libraries tested with newer examples, or when all HW turned off.
**
** DEBUG_WOLFSSL
** Turns on development testing. Validates HW accelerated results to software
** - Automatically turns on WOLFSSL_HW_METRICS
**
** WOLFSSL_DEBUG_MUTEX
** DEBUG_WOLFSSL_SHA_MUTEX
** Turns on diagnostic messages for SHA mutex. Note that given verbosity,
** there may be TLS timing issues encountered. Use with caution.
**
@ -203,10 +221,12 @@ enum {
**
** CONFIG_IDF_TARGET_[SoC]
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32S2
** CONFIG_IDF_TARGET_ESP32S3
** CONFIG_IDF_TARGET_ESP32C2
** CONFIG_IDF_TARGET_ESP32C3
** CONFIG_IDF_TARGET_ESP32C6
** CONFIG_IDF_TARGET_ESP32S2
** CONFIG_IDF_TARGET_ESP32S3
** CONFIG_IDF_TARGET_ESP32H2
**
]*******************************************************************************
** Informative settings. Not meant to be edited:
@ -254,6 +274,60 @@ enum {
#define ESP_PROHIBIT_SMALL_X FALSE
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
* to both ESP32-C2 and ESP8684.
*
* Note there is not currently an expected CONFIG_IDF_TARGET_ESP8684.
* The ESP8684 is detected with CONFIG_IDF_TARGET_ESP32C2.
* The macro is included for clarity, and possible future rename. */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
#define NO_WOLFSSL_ESP32_CRYPT_AES /* No AES HW */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI /* No RSA HW*/
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL /* No RSA, so no mp_mul */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD /* No RSA, so no mp_mulmod */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD /* No RSA, no mp_exptmod */
#include <soc/dport_access.h>
#include <soc/hwcrypto_reg.h>
#if ESP_IDF_VERSION_MAJOR < 5
#include <soc/cpu.h>
#endif
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include <esp_private/periph_ctrl.h>
#else
#include <driver/periph_ctrl.h>
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
/* #include <esp32/rom/ets_sys.h> */
#else
#include <rom/ets_sys.h>
#endif
/* If for some reason there's a desire to disable specific HW on the C2: */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there is SHA HW on C2 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there is SHA224 HW on C2 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there is SHA256 HW on C2 */
/* Code will fall back to SW with warning if these are removed:
* Note there is no SHA384/SHA512 HW on ESP32-C3 */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
/***** END CONFIG_IDF_TARGET_ESP32C2 aka CONFIG_IDF_TARGET_ESP8684 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#include <soc/dport_access.h>
#include <soc/hwcrypto_reg.h>
@ -499,7 +573,8 @@ extern "C"
#if defined(CONFIG_IDF_TARGET_ESP32)
#include "esp32/rom/sha.h"
#define WC_ESP_SHA_TYPE enum SHA_TYPE
#elif defined(CONFIG_IDF_TARGET_ESP32C2)
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
#include "esp32c2/rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
@ -686,6 +761,8 @@ extern "C"
*******************************************************************************
*/
#ifdef WOLFSSL_HW_METRICS
#define WOLFSSL_HAS_METRICS
/* Allow sha256 code to keep track of SW fallback during active HW */
WOLFSSL_LOCAL int esp_sw_sha256_count_add();
@ -780,6 +857,6 @@ extern "C"
}
#endif
#endif /* WOLFSSL_ESPIDF */
#endif /* WOLFSSL_ESPIDF (entire contents excluded when not Espressif ESP-IDF) */
#endif /* __ESP32_CRYPT_H__ */

49
wolfssl/wolfcrypt/settings.h
View File

@ -378,16 +378,19 @@
#endif
#if defined(WOLFSSL_ESPIDF)
#define FREERTOS
#define WOLFSSL_LWIP
#define NO_WRITEV
#define SIZEOF_LONG_LONG 8
#define NO_WOLFSSL_DIR
#define WOLFSSL_NO_CURRDIR
#ifndef NO_ESPIDF_DEFAULT
#define FREERTOS
#define WOLFSSL_LWIP
#define NO_WRITEV
#define NO_WOLFSSL_DIR
#define WOLFSSL_NO_CURRDIR
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define WC_NO_CACHE_RESISTANT
#endif /* !WOLFSSL_ESPIDF_NO_DEFAULT */
#if defined(WOLFSSL_ESPWROOM32)
/* WOLFSSL_ESPWROOM32 is a legacy macro gate.
@ -396,6 +399,30 @@
#define WOLFSSL_ESP32
#endif
#if defined(NO_ESP32WROOM32_CRYPT)
#undef NO_ESP32WROOM32_CRYPT
#define NO_ESP32_CRYPT
#warning "Please use NO_ESP32_CRYPT not NO_ESP32WROOM32_CRYPT"
#endif
#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
#undef NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#warning "Please use NO_WOLFSSL_ESP32_CRYPT_HASH not NO_ESP32WROOM32_CRYPT"
#endif
#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
#undef NO_WOLFSSL_ESP32WROOM32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_AES
#warning "Please use NO_WOLFSSL_ESP32_CRYPT_AES not NO_WOLFSSL_ESP32WROOM32_CRYPT_AES"
#endif
#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
#undef NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#warning "Please use NO_WOLFSSL_ESP32_CRYPT_RSA_PRI not NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI"
#endif
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
#ifndef NO_ESP32_CRYPT
#define WOLFSSL_ESP32_CRYPT
@ -407,9 +434,9 @@
#endif
#if defined(WOLFSSL_SP_RISCV32)
#if defined(CONFIG_IDF_TARGET_ESP32C2) \
|| defined(CONFIG_IDF_TARGET_ESP32C3) \
|| defined(CONFIG_IDF_TARGET_ESP32C6)
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
/* ok, only the known C2, C3, C6 chips allowed */
#else
#error "WOLFSSL_SP_RISCV32 can only be used on RISC-V architecture"