TA100: follow-up changes (squash after 4e64cb56)

This commit is contained in:
Tesfa Mae
2026-01-14 12:00:51 -08:00
committed by Daniele Lacamera
parent 00cca3e25b
commit dbf4aaa5be
9 changed files with 348 additions and 132 deletions
+109 -27
View File
@@ -3002,45 +3002,127 @@ then
esac
done
fi
# Microchip/Atmel CryptoAuthLib
ENABLED_CRYPTOAUTHLIB="no"
trylibatcadir=""
AC_ARG_WITH([cryptoauthlib],
[AS_HELP_STRING([--with-cryptoauthlib=PATH],[PATH to CryptoAuthLib install (default /usr)])],
[
AC_MSG_CHECKING([for cryptoauthlib])
LIBS="$LIBS -lcryptoauth -lwolfssl -lpthread -lrt"
[AS_HELP_STRING([--with-cryptoauthlib=PATH],
[PATH to CryptoAuthLib install (default: system paths)])],
[with_cryptoauthlib=$withval],
[with_cryptoauthlib=no])
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <cryptoauthlib.h>]], [[ atcab_init(0); ]])],[ libatca_linked=yes ],[ libatca_linked=no ])
AS_IF([test "x$with_cryptoauthlib" != "xno"], [
AC_MSG_CHECKING([for CryptoAuthLib])
if test "x$libatca_linked" = "xno" ; then
if test "x$withval" != "xno" ; then
trylibatcadir=$withval
fi
if test "x$withval" = "xyes" ; then
trylibatcadir="/usr"
libdir=""
incdir=""
cryptoauthlib_found="no"
saved_LIBS="$LIBS"
saved_LDFLAGS="$LDFLAGS"
saved_CPPFLAGS="$CPPFLAGS"
saved_CFLAGS="$CFLAGS"
# Method 1: Try pkg-config first (most reliable)
PKG_CHECK_MODULES([CRYPTOAUTHLIB], [cryptoauthlib], [
CPPFLAGS="$CRYPTOAUTHLIB_CFLAGS $CPPFLAGS"
CFLAGS="$CRYPTOAUTHLIB_CFLAGS $CFLAGS"
LDFLAGS="$CRYPTOAUTHLIB_LIBS $LDFLAGS"
LIBS="$CRYPTOAUTHLIB_LIBS $LIBS"
cryptoauthlib_found="pkg-config"
], [
# Method 2: Manual search
AS_IF([test "x$with_cryptoauthlib" = "xyes"], [
search_dirs="/usr /usr/local"
], [
search_dirs="$with_cryptoauthlib"
])
for trylibatcadir in $search_dirs; do
for try_libdir in "$trylibatcadir/lib" "$trylibatcadir/lib64"; do
if test -f "$try_libdir/libcryptoauth.so" || test -f "$try_libdir/libcryptoauth.a"; then
libdir="$try_libdir"
break
fi
done
if test -z "$libdir"; then
if test -x /usr/bin/dpkg-architecture; then
DEB_HOST_MULTIARCH=`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`
if test -n "$DEB_HOST_MULTIARCH"; then
try_libdir="$trylibatcadir/lib/$DEB_HOST_MULTIARCH"
if test -f "$try_libdir/libcryptoauth.so" || test -f "$try_libdir/libcryptoauth.a"; then
libdir="$try_libdir"
fi
fi
fi
fi
if test "$host_cpu" = "aarch64" ; then
LIB_SUFFIX="/aarch64-linux-gnu"
else
LIB_SUFFIX=""
for try_incdir in "$trylibatcadir/include/cryptoauthlib" "$trylibatcadir/include"; do
if test -f "$try_incdir/cryptoauthlib.h"; then
incdir="$try_incdir"
break
fi
done
if test -n "$libdir" && test -n "$incdir"; then
break
fi
libdir=""
incdir=""
done
LDFLAGS="$LDFLAGS -L$trylibatcadir/lib$LIB_SUFFIX"
CPPFLAGS="$CPPFLAGS -I$trylibatcadir/include/cryptoauthlib"
AM_LDFLAGS="$AM_LDFLAGS -L$trylibatcadir/lib$LIB_SUFFIX"
AM_CFLAGS="$AM_CFLAGS -I$trylibatcadir/include/cryptoauthlib"
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([yes])
if test -n "$libdir" && test -n "$incdir"; then
CPPFLAGS="-I$incdir $CPPFLAGS"
CFLAGS="-I$incdir $CFLAGS"
LDFLAGS="-L$libdir $LDFLAGS"
LIBS="-lcryptoauth $LIBS"
cryptoauthlib_found="$libdir"
fi
])
ENABLED_CRYPTOAUTHLIB="yes"
]
)
AS_IF([test "x$cryptoauthlib_found" != "xno"], [
wolfssl_include=""
AS_IF([test -f "${srcdir}/wolfssl/wolfcrypt/types.h"], [
wolfssl_include="-I${srcdir}"
], [test -f "${srcdir}/wolfssl.h"], [
wolfssl_include="-I${srcdir}"
])
test_CPPFLAGS="$wolfssl_include $CPPFLAGS"
test_CFLAGS="$wolfssl_include $CFLAGS"
saved_test_CPPFLAGS="$CPPFLAGS"
saved_test_CFLAGS="$CFLAGS"
CPPFLAGS="$test_CPPFLAGS"
CFLAGS="$test_CFLAGS"
AC_LINK_IFELSE([AC_LANG_PROGRAM(
[[#include <cryptoauthlib.h>]],
[[atcab_init(0); return 0;]])],
[
ENABLED_CRYPTOAUTHLIB="yes"
AC_MSG_RESULT([yes ($cryptoauthlib_found)])
AC_DEFINE([HAVE_CRYPTOAUTHLIB], [1], [CryptoAuthLib support])
CPPFLAGS="$saved_test_CPPFLAGS"
CFLAGS="$saved_test_CFLAGS"
],
[
LIBS="$saved_LIBS"
LDFLAGS="$saved_LDFLAGS"
CPPFLAGS="$saved_CPPFLAGS"
CFLAGS="$saved_CFLAGS"
AC_MSG_RESULT([no - compilation failed])
AC_MSG_ERROR([CryptoAuthLib found but test compilation failed. Check config.log for details.])
])
], [
AC_MSG_RESULT([no - library not found])
AC_MSG_ERROR([CryptoAuthLib not found. Install it or specify path with --with-cryptoauthlib=/path])
])
])
AM_CONDITIONAL([BUILD_CRYPTOAUTHLIB], [test "x$ENABLED_CRYPTOAUTHLIB" = "xyes"])
# TropicSquare TROPIC01
# Example: "./configure --with-tropic01=/home/pi/libtropic"
+3
View File
@@ -429,6 +429,7 @@ int test_wolfSSL_EC_POINT(void)
X, Y, ctx), 0);
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_MICROCHIP_TA100) && \
!defined(HAVE_SELFTEST) && !defined(WOLFSSL_SP_MATH) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
ExpectIntEQ(EC_POINT_add(NULL, NULL, NULL, NULL, ctx), 0);
@@ -520,6 +521,7 @@ int test_wolfSSL_EC_POINT(void)
ExpectIntEQ(EC_POINT_invert(group, new_point, ctx), 1);
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_MICROCHIP_TA100) && \
!defined(HAVE_SELFTEST) && !defined(WOLFSSL_SP_MATH) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
{
@@ -801,6 +803,7 @@ int test_wolfSSL_SPAKE(void)
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && !defined(WOLFSSL_ATECC508A) \
&& !defined(WOLFSSL_ATECC608A) && !defined(HAVE_SELFTEST) && \
!defined(WOLFSSL_MICROCHIP_TA100) && \
!defined(WOLFSSL_SP_MATH) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
BIGNUM* x = NULL; /* kdc priv */
BIGNUM* y = NULL; /* client priv */
+5 -1
View File
@@ -2081,6 +2081,10 @@ static const char* bench_result_words2[][6] = {
#endif
};
#endif /* !WC_NO_RNG || WOLFSSL_HAVE_MLKEM */
#endif
#if defined(WOLFSSL_MICROCHIP_TA100)
#include <wolfssl/wolfcrypt/port/atmel/atmel.h>
#endif
#ifdef WOLFSSL_CAAM
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
@@ -10713,7 +10717,7 @@ void bench_rsa(int useDeviceID)
/* Note: To benchmark public only define WOLFSSL_PUBLIC_MP */
rsaKeySz = 0;
#endif
#if defined(WOLFSSL_MICROCHIP_TA100)
#if defined(WOLFSSL_KEY_GEN) && defined(WOLFSSL_MICROCHIP_TA100)
/* Create new keys since you cannot import a private key to TA100 */
ret = wc_MakeRsaKey(rsaKey[i], rsaKeySz, WC_RSA_EXPONENT, &gRng);
if (ret) {
-3
View File
@@ -1979,7 +1979,6 @@ static void alt_fp_init(mp_int* a)
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_MICROCHIP_TA100) && \
!defined(WOLFSSL_CRYPTOCELL) && \
(!defined(WOLF_CRYPTO_CB_ONLY_ECC) || defined(WOLFSSL_QNX_CAAM) || \
defined(WOLFSSL_IMXRT1170_CAAM))
@@ -8099,11 +8098,9 @@ int wc_ecc_free(ecc_key* key)
}
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_MICROCHIP_TA100) && \
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SP_MATH) && \
(!defined(WOLF_CRYPTO_CB_ONLY_ECC) || defined(WOLFSSL_QNX_CAAM) || \
defined(WOLFSSL_IMXRT1170_CAAM))
/* Handles add failure cases:
*
* Before add:
+15
View File
@@ -98,6 +98,21 @@ ATECC508A HW accelerated implementation:
### Microchip Trust Anchor TA100 ECC/RSA
rm -rf build-shared
cmake -S . -B build-shared \
-DCMAKE_BUILD_TYPE=Debug \
-DATCA_BUILD_SHARED_LIBS=ON \
-DATCA_HAL_SPI=ON \
-DATCA_PRINTF=ON \
-DATCA_TA100_SUPPORT=ON \
-DATCA_TA100_AES_AUTH_SUPPORT=ON \
-DATCA_TA100_FCE_SUPPORT=ON \
-DATCA_WOLFSSL=ON \
-DBUILD_TESTS=ON
cmake --build build-shared -j
sudo cmake --install build-shared
sudo ldconfig
`./configure CFLAGS="-DWOLFSSL_CMAC -DHAVE_PK_CALLBACKS -DWOLFSSL_ATECC508A_NOIDLE -DECC_USER_CURVES -DWOLFSSL_ATECC_NO_ECDH_ENC -DWOLFSSL_ATECC_DEBUG" --enable-cmac --enable-microchip=100 --with-cryptoauthlib`
Supported Features:
+198 -96
View File
@@ -161,6 +161,52 @@ static int ateccx08a_cfg_initialized = 0;
static ATCAIfaceCfg* gCfg = &config_atmel_device[WOLFSSL_ATCA_DEVICE_NO];
#if defined(WOLFSSL_MICROCHIP_TA100)
/* TA100 device expects little-endian data for the property field.
* On big-endian hosts, we need to byte-swap the uint16_t property value.
* Use ATCA_UINT16_HOST_TO_LE if available from cryptoauthlib, otherwise
* define our own based on wolfSSL's endianness detection.
*/
#ifndef ATCA_UINT16_HOST_TO_LE
#ifdef BIG_ENDIAN_ORDER
#define ATCA_UINT16_HOST_TO_LE(x) \
((uint16_t)(((x) >> 8) | (((x) & 0xFF) << 8)))
#else
#define ATCA_UINT16_HOST_TO_LE(x) (x)
#endif
#endif
/* Helper function to fix property field endianness after talib_handle_init_*
* functions populate the ta_element_attributes_t structure.
* The talib functions build the property value in host byte order, but
* the TA100 device expects little-endian format.
*/
static WC_INLINE void ta100_fix_property_endian(ta_element_attributes_t* attr)
{
#ifdef BIG_ENDIAN_ORDER
if (attr != NULL) {
attr->property = ATCA_UINT16_HOST_TO_LE(attr->property);
}
#else
(void)attr; /* Suppress unused warning on little-endian */
#endif
}
/* The sharedData_attr property values need to be in LE format.
* On little-endian: 0x1600 stays as 0x1600 (bytes: 00 16)
* On big-endian: 0x1600 becomes 0x0016 (bytes: 00 16)
*
* Since we cannot use function calls in static initializers,
* we define the values directly for each endianness:
*/
#ifdef BIG_ENDIAN_ORDER
/* Big-endian: swap bytes so wire format is correct */
#define TA100_PROP_SHARED_DATA 0x0016
#else
/* Little-endian: use value as-is */
#define TA100_PROP_SHARED_DATA 0x1600
#endif
#ifndef SHARED_DATA_ADDR
#define SHARED_DATA_ADDR 0x8006
#endif
@@ -190,14 +236,14 @@ typedef struct
See Shared Data Element Attributes in the programming specifications
*/
static ta_element_attributes_t sharedData_attr[ATECC_MAX_SLOT] = {
{0x81, 0x1600, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, 0x1600, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, 0x1600, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, 0x1600, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, 0x1600, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, 0x1600, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, 0x1600, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, 0x1600, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, TA100_PROP_SHARED_DATA, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, TA100_PROP_SHARED_DATA, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, TA100_PROP_SHARED_DATA, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, TA100_PROP_SHARED_DATA, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, TA100_PROP_SHARED_DATA, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, TA100_PROP_SHARED_DATA, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, TA100_PROP_SHARED_DATA, 0x00, 0x00, 0x00, 0x41, 0x10},
{0x81, TA100_PROP_SHARED_DATA, 0x00, 0x00, 0x00, 0x41, 0x10},
};
static ta_element_attributes_t* gSharedDataAttr = sharedData_attr;
@@ -524,6 +570,9 @@ static int atmel_init_enc_key(void)
int atmel_get_rev_info(word32* revision)
{
int ret;
printf("Waking device...\n");
ret = atcab_wakeup();
printf("atcab_wakeup: %d\n", ret);
ret = atcab_info((uint8_t*)revision);
ret = atmel_ecc_translate_err(ret);
return ret;
@@ -656,115 +705,171 @@ int atmel_ecc_verify(const byte* message, const byte* signature,
#ifdef WOLFSSL_MICROCHIP_TA100
#ifndef NO_RSA
/*
* TA100 RSA Support - Sign/Verify AND Encrypt/Decrypt
*
*/
int wc_Microchip_rsa_create_key(struct RsaKey* key, int size, long e)
{
ATCA_STATUS ret;
ta_element_attributes_t rKeyA, uKeyA;
size_t uKey_len = WOLFSSL_TA_KEY_TYPE_RSA_SIZE;
size_t uKey_len = TA_KEY_TYPE_RSA2048_SIZE;
(void)size;
(void)e;
ret = talib_handle_init_private_key(&rKeyA, WOLFSSL_TA_KEY_TYPE_RSA,
TA_ALG_MODE_RSA_SSA_PSS,TA_PROP_SIGN_INT_EXT_DIGEST,
/* Private key for signing AND decryption */
ret = talib_handle_init_private_key(&rKeyA, TA_KEY_TYPE_RSA2048,
TA_ALG_MODE_RSA_SSA_1_5, TA_PROP_SIGN_INT_EXT_DIGEST,
TA_PROP_KEY_AGREEMENT_OUT_BUFF);
if (ret != ATCA_SUCCESS) return WC_HW_E;
if (ret != ATCA_SUCCESS)
return WC_HW_E;
ta100_fix_property_endian(&rKeyA);
ret = talib_create_element(atcab_get_device(), &rKeyA, &key->rKeyH);
if (ret != ATCA_SUCCESS) return WC_HW_E;
if (ret != ATCA_SUCCESS)
return WC_HW_E;
ret = talib_handle_init_public_key(&uKeyA, WOLFSSL_TA_KEY_TYPE_RSA,
TA_ALG_MODE_RSA_SSA_PSS, TA_PROP_VAL_NO_SECURE_BOOT_SIGN,
TA_PROP_ROOT_PUB_KEY_VERIFY);
if (ret != ATCA_SUCCESS) return WC_HW_E;
/* Public key - use 0, 0 for encryption support! */
ret = talib_handle_init_public_key(&uKeyA, TA_KEY_TYPE_RSA2048,
TA_ALG_MODE_RSA_SSA_1_5, 0, 0);
if (ret != ATCA_SUCCESS)
return WC_HW_E;
ta100_fix_property_endian(&uKeyA);
ret = talib_create_element(atcab_get_device(), &uKeyA, &key->uKeyH);
if (ret != ATCA_SUCCESS) return WC_HW_E;
if (ret != ATCA_SUCCESS)
return WC_HW_E;
ret = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY,
(uint32_t)key->rKeyH, key->uKey, &uKey_len);
if (ret != ATCA_SUCCESS) return WC_HW_E;
if (ret != ATCA_SUCCESS)
return WC_HW_E;
/* Write the RSA public key to the handle. */
ret = talib_write_pub_key(atcab_get_device(), key->uKeyH, (uint16_t)uKey_len,
key->uKey);
ret = atmel_ecc_translate_err(ret);
return ret;
/* Use talib_write_element, not talib_write_pub_key */
ret = talib_write_element(atcab_get_device(), key->uKeyH,
(uint16_t)uKey_len, key->uKey);
return atmel_ecc_translate_err(ret);
}
int wc_Microchip_rsa_sign(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key)
int wc_Microchip_rsa_encrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
int ret;
uint16_t sign_size = outLen; /* WOLFSSL_TA_KEY_TYPE_RSA_SIZE */
#ifdef WOLFSSL_ATECC_DEBUG
printf("WOLFSSL_TA_KEY_TYPE_RSA = %d\n", WOLFSSL_TA_KEY_TYPE_RSA);
printf("TA_KEY_TYPE_RSA2048 = %d\n", TA_KEY_TYPE_RSA2048);
printf("=== talib_rsaenc_encrypt debug ===\n");
printf("device: %p\n", atcab_get_device());
printf("uKeyH: 0x%08X (%u)\n", key->uKeyH, key->uKeyH);
printf("inLen: %u\n", inLen);
printf("in: %p\n", in);
printf("outLen: %u\n", outLen);
printf("out: %p\n", out);
#endif
/* Use the 2048-specific function */
ret = talib_rsaenc_encrypt2048(atcab_get_device(), key->uKeyH,
(uint16_t)inLen, in,
(uint16_t)outLen, out);
return atmel_ecc_translate_err(ret);
}
int wc_Microchip_rsa_decrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
int ret;
ret = talib_rsaenc_decrypt2048(atcab_get_device(), key->rKeyH,
(uint16_t)inLen, in,
(uint16_t)outLen, out);
return atmel_ecc_translate_err(ret);
}
int wc_Microchip_rsa_sign(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key)
{
int ret;
uint16_t sign_size = (uint16_t)outLen;
byte hash_data[WC_SHA256_DIGEST_SIZE];
if ((ret = wc_Sha256Hash(in, inLen, hash_data)) != 0) {
return ret;
if (in == NULL || out == NULL || key == NULL) {
return BAD_FUNC_ARG;
}
/* Hash the input message */
ret = wc_Sha256Hash(in, inLen, hash_data);
if (ret != 0) {
return ret;
}
/* Sign using the signing private key handle */
ret = talib_sign_external(atcab_get_device(), WOLFSSL_TA_KEY_TYPE_RSA,
key->rKeyH, TA_HANDLE_INPUT_BUFFER, hash_data,
WC_SHA256_DIGEST_SIZE, out, &sign_size);
ret = atmel_ecc_translate_err(ret);
return ret;
return atmel_ecc_translate_err(ret);
}
int wc_Microchip_rsa_verify(const byte* in, word32 inLen, byte* sig, word32 sigLen,
RsaKey* key, int* pVerified)
RsaKey* key, int* pVerified)
{
int ret;
bool verified = false;
byte hash_data[WC_SHA256_DIGEST_SIZE];
if ((ret = wc_Sha256Hash(in, inLen, hash_data)) != 0) {
return ret;
if (in == NULL || sig == NULL || key == NULL) {
return BAD_FUNC_ARG;
}
/* Hash the input message */
ret = wc_Sha256Hash(in, inLen, hash_data);
if (ret != 0) {
return ret;
}
/* Verify using the verification public key handle */
ret = talib_verify(atcab_get_device(), WOLFSSL_TA_KEY_TYPE_RSA,
TA_HANDLE_INPUT_BUFFER, key->uKeyH, sig,
sigLen, hash_data, WC_SHA256_DIGEST_SIZE, NULL,
sigLen, &verified);
TA_HANDLE_INPUT_BUFFER, key->uKeyH, sig,
sigLen, hash_data, WC_SHA256_DIGEST_SIZE, NULL,
sigLen, &verified);
ret = atmel_ecc_translate_err(ret);
if (pVerified)
if (pVerified != NULL) {
*pVerified = (int)verified;
}
return ret;
}
int wc_Microchip_rsa_encrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key)
{
int ret;
/* Encrypt the plaintext with the rsa public key in handle */
ret = talib_rsaenc_encrypt(atcab_get_device(), key->uKeyH,
inLen, in, outLen, out);
ret = atmel_ecc_translate_err(ret);
return ret;
}
int wc_Microchip_rsa_decrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
int ret;
/* Decrypt the ciphertext with the rsa private key in handle */
ret = talib_rsaenc_decrypt(atcab_get_device(), key->rKeyH,
inLen, in, outLen, out);
ret = atmel_ecc_translate_err(ret);
return ret;
}
void wc_Microchip_rsa_free(struct RsaKey* key)
{
if (key->rKeyH)
(void)talib_delete_handle(atcab_get_device(), (uint32_t)key->rKeyH);
if (key->uKeyH)
(void)talib_delete_handle(atcab_get_device(), (uint32_t)key->uKeyH);
if (key == NULL) {
return;
}
/* Free signing/encryption key handles */
if (key->rKeyH) {
(void)talib_delete_handle(atcab_get_device(), (uint32_t)key->rKeyH);
key->rKeyH = 0;
}
if (key->uKeyH) {
(void)talib_delete_handle(atcab_get_device(), (uint32_t)key->uKeyH);
key->uKeyH = 0;
}
}
#endif /* NO_RSA */
#ifdef WOLFSSL_ATECC_DEBUG
@@ -854,14 +959,20 @@ static void atmel_Handle_Attributes(void)
}
#endif
#define CHECK_STATUS(s) \
if (s != ATCA_SUCCESS) \
{ \
printf("Error: Line %d in File %s\r\n", __LINE__, __FILE__); \
printf("STATUS = %X\r\n", s); \
printf("See atca_status.h for error code \r\n"); \
return atmel_ecc_translate_err(s); \
}
#ifdef WOLFSSL_ATECC_DEBUG
#define CHECK_STATUS(s) \
if ((s) != ATCA_SUCCESS) { \
WOLFSSL_MSG("TA100 Error"); \
printf("Error: Line %d in File %s\r\n", __LINE__, __FILE__); \
printf("STATUS = %X\r\n", (unsigned int)(s)); \
return atmel_ecc_translate_err(s); \
}
#else
#define CHECK_STATUS(s) \
if ((s) != ATCA_SUCCESS) { \
return atmel_ecc_translate_err(s); \
}
#endif
static int atmel_createHandles(void)
{
ATCA_STATUS status;
@@ -1577,50 +1688,41 @@ void wc_Microchip_aes_free(Aes* aes)
(void)aes;
}
static int wc_Microchip_AesGcmCommon(Aes* aes, byte* out, const byte* in,
word32 sz, const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz, int dir)
{
ATCA_STATUS status;
atca_aes_gcm_ctx_t ctx;
(void)out;
(void)in;
(void)sz;
(void)iv;
(void)aes;
(void)ivSz;
(void)authTag;
(void)authTagSz;
(void)authIn;
(void)authInSz;
(void)dir;
(void)ctx;
if (aes == NULL) {
return BAD_FUNC_ARG;
}
if (dir != AES_ENCRYPTION &&
dir != AES_DECRYPTION) {
if (dir != AES_ENCRYPTION && dir != AES_DECRYPTION) {
return BAD_FUNC_ARG;
}
if (dir == AES_ENCRYPTION) {
/* Note: talib API takes non-const iv */
status = talib_aes_gcm_encrypt(atcab_get_device(), authIn,
authInSz, iv, in, sz, out, authTag);
CHECK_STATUS(status);
authInSz, (uint8_t*)iv, in, sz, out, authTag);
}
else {
status = talib_aes_gcm_decrypt(atcab_get_device(), authIn,
authInSz, iv, authTag, in, sz, out);
/* Add cipher to gcm */
status = atcab_aes_gcm_decrypt_update(&ctx, in, sz, out);
CHECK_STATUS(status);
authInSz, (uint8_t*)iv, authTag, in, sz, out);
}
return atmel_ecc_translate_err(status);
if (status != ATCA_SUCCESS) {
return atmel_ecc_translate_err(status);
}
return 0;
}
int wc_Microchip_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
+15 -1
View File
@@ -445,6 +445,10 @@ static const byte const_byte_array[] = "A+Gd\0\0\0";
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
#include <wolfssl/wolfcrypt/logging.h>
#endif
#if defined(WOLFSSL_MICROCHIP_TA100)
#include <wolfssl/wolfcrypt/port/atmel/atmel.h>
#endif
#ifdef WOLFSSL_CAAM
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
#endif
@@ -26747,7 +26751,17 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret >= 0) {
ret = wc_RsaPublicEncrypt(in, inLen, out, outSz, key, &rng);
#if defined(WOLFSSL_KEY_GEN) && defined(WOLFSSL_MICROCHIP_TA100)
/* Create new keys for TA100 */
ret = wc_MakeRsaKey(key, 2048, WC_RSA_EXPONENT, &rng);
if (ret) {
goto exit_rsa;
}
ret = wc_RsaPublicEncrypt(in, inLen, out, 256, key, &rng);
#else
ret = wc_RsaPublicEncrypt(in, inLen, out, outSz, key, &rng);
#endif
}
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
if (ret < 0)
+1 -2
View File
@@ -832,8 +832,7 @@ int wc_ecc_point_is_at_infinity(ecc_point *p);
WOLFSSL_API
int wc_ecc_point_is_on_curve(ecc_point *p, int curve_idx);
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_MICROCHIP_TA100)
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
WOLFSSL_API
int wc_ecc_mulmod(const mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map);
+2 -2
View File
@@ -109,8 +109,8 @@ enum atmelSlotType {
ATMEL_SLOT_ECDHE_BOB,
};
int atmel_ecc_alloc(int slotType);
void atmel_ecc_free(int slotId);
WOLFSSL_API int atmel_ecc_alloc(int slotType);
WOLFSSL_API void atmel_ecc_free(int slotId);
typedef int (*atmel_slot_alloc_cb)(int);
typedef void (*atmel_slot_dealloc_cb)(int);