wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Support for Renesas RX TSIP with ECDSA and Crypto Callbacks.

Browse Source 
Fix building ECC with NO_ASN (`./configure --enable-cryptonly --disable-rsa --disable-asn --disable-examples`).
This commit is contained in:
David Garske
2024-06-25 16:16:05 -07:00
parent 7b029d3447
commit e81e18859b
9 changed files with 104 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
configure.ac
View File

@@ -4742,11 +4742,6 @@ then
AC_MSG_ERROR([please disable dsa if disabling asn.])
fi
if test "x$ENABLED_ECC" != "xno" && test "x$ENABLED_ASN" = "xno"
then
AC_MSG_ERROR([please disable ecc if disabling asn.])
fi
# No Big Int (ASN, DSA, RSA, DH, ECC and compatibility layer need bigint)
if test "$ENABLED_ASN" = "no" && test "$ENABLED_DSA" = "no" && \
test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" = "no" && \

6
wolfcrypt/benchmark/benchmark.c
View File

@@ -10617,11 +10617,15 @@ void bench_ecc(int useDeviceID, int curveId)
BENCH_MAX_PENDING, MAX_ECC_BYTES, HEAP_HINT);
#endif
#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
/* old scan-build misfires -Wmaybe-uninitialized on these. */
XMEMSET(sig, 0, sizeof(sig));
XMEMSET(digest, 0, sizeof(digest));
XMEMSET(shared, 0, sizeof(shared));
#endif
#ifdef HAVE_ECC_DHE
XMEMSET(shared, 0, sizeof(shared));
#endif
WC_CALLOC_ARRAY(genKey, ecc_key, BENCH_MAX_PENDING,
sizeof(ecc_key), HEAP_HINT);

73
wolfcrypt/src/ecc.c
View File

@@ -6395,9 +6395,6 @@ static int wc_ecc_get_curve_order_bit_count(const ecc_set_type* dp)
#ifdef HAVE_ECC_SIGN
#ifndef NO_ASN
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL) || \
defined(WOLFSSL_SILABS_SE_ACCEL) || defined(WOLFSSL_KCAPI_ECC) || \
@@ -6722,6 +6719,9 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
DECL_MP_INT_SIZE_DYN(r, ECC_KEY_MAX_BITS(key), MAX_ECC_BITS_USE);
DECL_MP_INT_SIZE_DYN(s, ECC_KEY_MAX_BITS(key), MAX_ECC_BITS_USE);
#endif
#ifdef NO_ASN
word32 keySz;
#endif
if (in == NULL || out == NULL || outlen == NULL || key == NULL) {
return ECC_BAD_ARG_E;
@@ -6758,17 +6758,17 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
#else
NEW_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC);
#ifdef MP_INT_SIZE_CHECK_NULL
#ifdef MP_INT_SIZE_CHECK_NULL
if (r == NULL)
return MEMORY_E;
#endif
#endif
NEW_MP_INT_SIZE(s, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC);
#ifdef MP_INT_SIZE_CHECK_NULL
#ifdef MP_INT_SIZE_CHECK_NULL
if (s == NULL) {
FREE_MP_INT_SIZE(r, key->heap, DYNAMIC_TYPE_ECC);
return MEMORY_E;
}
#endif
#endif
err = INIT_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key));
if (err != 0) {
@@ -6800,8 +6800,26 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
return err;
}
#ifndef NO_ASN
/* encoded with DSA header */
err = StoreECC_DSA_Sig(out, outlen, r, s);
#else
/* No support for DSA ASN.1 header.
* Signature will be r+s directly. */
keySz = 0;
if (key->dp != NULL) {
keySz = (word32)key->dp->size;
}
if (keySz <= 0) {
WOLFSSL_MSG("Error: ECDSA sign raw signature size");
return WC_NO_ERR_TRACE(ECC_BAD_ARG_E);
}
*outlen = keySz * 2;
/* Export signature into r,s */
mp_to_unsigned_bin_len(r, out, keySz);
mp_to_unsigned_bin_len(s, out + keySz, keySz);
#endif /* !NO_ASN */
/* cleanup */
mp_clear(r);
@@ -6813,7 +6831,6 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
return err;
#endif /* !WOLF_CRYPTO_CB_ONLY_ECC */
}
#endif /* !NO_ASN */
#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
@@ -8423,7 +8440,6 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
#ifdef HAVE_ECC_VERIFY
#ifndef NO_ASN
/* verify
*
* w = s^-1 mod n
@@ -8461,6 +8477,9 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
#ifdef WOLFSSL_ASYNC_CRYPT
int isPrivateKeyOnly = 0;
#endif
#ifdef NO_ASN
word32 keySz;
#endif
if (sig == NULL || hash == NULL || res == NULL || key == NULL) {
return ECC_BAD_ARG_E;
@@ -8493,18 +8512,20 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
r = key->r;
s = key->s;
#else
NEW_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC);
#ifdef MP_INT_SIZE_CHECK_NULL
NEW_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap,
DYNAMIC_TYPE_ECC);
#ifdef MP_INT_SIZE_CHECK_NULL
if (r == NULL)
return MEMORY_E;
#endif
NEW_MP_INT_SIZE(s, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC);
#ifdef MP_INT_SIZE_CHECK_NULL
#endif
NEW_MP_INT_SIZE(s, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap,
DYNAMIC_TYPE_ECC);
#ifdef MP_INT_SIZE_CHECK_NULL
if (s == NULL) {
FREE_MP_INT_SIZE(r, key->heap, DYNAMIC_TYPE_ECC);
return MEMORY_E;
}
#endif
#endif
err = INIT_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key));
if (err != 0) {
FREE_MP_INT_SIZE(s, key->heap, DYNAMIC_TYPE_ECC);
@@ -8527,6 +8548,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
/* default to invalid signature */
*res = 0;
#ifndef NO_ASN
/* Decode ASN.1 ECDSA signature. */
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
/* Note, DecodeECC_DSA_Sig() calls mp_init() on r and s.
@@ -8541,6 +8563,24 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
if (err < 0) {
break;
}
#else
/* No support for DSA ASN.1 header.
* Signature must be r+s directly. */
keySz = 0;
if (key->dp != NULL) {
keySz = (word32)key->dp->size;
}
if (siglen != keySz * 2) {
WOLFSSL_MSG("Error: ECDSA Verify raw signature size");
return WC_NO_ERR_TRACE(ECC_BAD_ARG_E);
}
/* Import signature into r,s */
mp_init(r);
mp_init(s);
mp_read_unsigned_bin(r, sig, keySz);
mp_read_unsigned_bin(s, sig + keySz, keySz);
#endif /* !NO_ASN */
FALL_THROUGH;
case ECC_STATE_VERIFY_DO:
@@ -8600,7 +8640,6 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
return err;
#endif /* !WOLF_CRYPTO_CB_ONLY_ECC */
}
#endif /* !NO_ASN */
#ifndef WOLF_CRYPTO_CB_ONLY_ECC
@@ -9089,7 +9128,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
keySz = (word32)key->dp->size;
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
defined(WOLFSSL_ASYNC_CRYPT_SW)
defined(WOLFSSL_ASYNC_CRYPT_SW)
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_ECC_VERIFY)) {
WC_ASYNC_SW* sw = &key->asyncDev.sw;

8
wolfcrypt/src/port/Renesas/renesas_common.c
View File

@@ -172,8 +172,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->algo_type, cbInfo->session_key_set);
#endif
#if defined(WOLFSSL_RENESAS_TSIP) \
|| defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
#if defined(WOLFSSL_RENESAS_TSIP) || \
defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
ret = CRYPTOCB_UNAVAILABLE;
if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
@@ -273,8 +273,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
}
#endif /* HAVE_ECC */
}
#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
if (info->algo_type == WC_ALGO_TYPE_CIPHER) {

6
wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c
View File

@@ -209,11 +209,11 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
}
if (ret == 0) {
if (tuc->sing_hash_type == md5_mac)
if (tuc->sign_hash_type == md5_mac)
tsip_hash_type = R_TSIP_RSA_HASH_MD5;
else if (tuc->sing_hash_type == sha_mac)
else if (tuc->sign_hash_type == sha_mac)
tsip_hash_type = R_TSIP_RSA_HASH_SHA1;
else if (tuc->sing_hash_type == sha256_mac)
else if (tuc->sign_hash_type == sha256_mac)
tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
else
ret = CRYPTOCB_UNAVAILABLE;

6
wolfcrypt/src/port/Renesas/renesas_tsip_util.c
View File

@@ -3652,11 +3652,11 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
(void)ssl;
if (ret == 0) {
if (tuc->sing_hash_type == md5_mac)
if (tuc->sign_hash_type == md5_mac)
tsip_hash_type = R_TSIP_RSA_HASH_MD5;
else if (tuc->sing_hash_type == sha_mac)
else if (tuc->sign_hash_type == sha_mac)
tsip_hash_type = R_TSIP_RSA_HASH_SHA1;
else if (tuc->sing_hash_type == sha256_mac)
else if (tuc->sign_hash_type == sha256_mac)
tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
else
ret = CRYPTOCB_UNAVAILABLE;

47
wolfcrypt/test/test.c
View File

@@ -28679,12 +28679,10 @@ typedef struct eccVector {
const char* curveName;
word32 msgLen;
word32 keySize;
#ifndef NO_ASN
const byte* r;
word32 rSz;
const byte* s;
word32 sSz;
#endif
} eccVector;
#if !defined(WOLF_CRYPTO_CB_ONLY_ECC)
@@ -28736,13 +28734,14 @@ static wc_test_ret_t ecc_test_vector_item(const eccVector* vector)
if (ret != 0)
goto done;
#if !defined(NO_ASN)
XMEMSET(sig, 0, ECC_SIG_SIZE);
sigSz = ECC_SIG_SIZE;
ret = wc_ecc_rs_to_sig(vector->R, vector->S, sig, &sigSz);
if (ret != 0)
goto done;
#if !defined(NO_ASN) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_SELFTEST)
XMEMSET(sigRaw, 0, ECC_SIG_SIZE);
sigRawSz = ECC_SIG_SIZE;
ret = wc_ecc_rs_raw_to_sig(vector->r, vector->rSz, vector->s, vector->sSz,
@@ -28762,7 +28761,17 @@ static wc_test_ret_t ecc_test_vector_item(const eccVector* vector)
ret = WC_TEST_RET_ENC_NC;
goto done;
}
#endif
#endif /* !HAVE_SELFTEST */
#else
/* Signature will be R+S directly */
/* Make sure and zero pad if r or s is less than key size */
XMEMSET(sig, 0, ECC_SIG_SIZE);
sigSz = vector->keySize * 2;
XMEMCPY(sig + (vector->keySize - vector->rSz),
vector->r, vector->rSz);
XMEMCPY(sig + vector->keySize + (vector->keySize - vector->sSz),
vector->s, vector->sSz);
#endif /* !NO_ASN */
#ifdef HAVE_ECC_VERIFY
do {
@@ -28850,14 +28859,12 @@ static wc_test_ret_t ecc_test_vector(int keySize)
vec.R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
vec.S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
vec.curveName = "SECP192R1";
#ifndef NO_ASN
vec.r = (byte*)"\x69\x94\xd9\x62\xbd\xd0\xd7\x93\xff\xdd\xf8\x55"
"\xec\x5b\xf2\xf9\x1a\x96\x98\xb4\x62\x58\xa6\x3e";
vec.rSz = 24;
vec.s = (byte*)"\x02\xba\x64\x65\xa2\x34\x90\x37\x44\xab\x02\xbc"
"\x85\x21\x40\x5b\x73\xcf\x5f\xc0\x0e\x1a\x9f\x41";
vec.sSz = 24;
#endif
break;
#endif /* HAVE_ECC192 */
@@ -28886,7 +28893,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
vec.R = "147b33758321e722a0360a4719738af848449e2c1d08defebc1671a7";
vec.S = "24fc7ed7f1352ca3872aa0916191289e2e04d454935d50fe6af3ad5b";
vec.curveName = "SECP224R1";
#ifndef NO_ASN
vec.r = (byte*)"\x14\x7b\x33\x75\x83\x21\xe7\x22\xa0\x36\x0a\x47"
"\x19\x73\x8a\xf8\x48\x44\x9e\x2c\x1d\x08\xde\xfe"
"\xbc\x16\x71\xa7";
@@ -28895,7 +28901,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
"\x61\x91\x28\x9e\x2e\x04\xd4\x54\x93\x5d\x50\xfe"
"\x6a\xf3\xad\x5b";
vec.sSz = 28;
#endif
break;
#endif /* HAVE_ECC224 */
@@ -28928,7 +28933,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
vec.d = "be34baa8d040a3b991f9075b56ba292f755b90e4b6dc10dad36715c33cfdac25";
vec.R = "2b826f5d44e2d0b6de531ad96b51e8f0c56fdfead3c236892e4d84eacfc3b75c";
vec.S = "a2248b62c03db35a7cd63e8a120a3521a89d3d2f61ff99035a2148ae32e3a248";
#ifndef NO_ASN
vec.r = (byte*)"\x2b\x82\x6f\x5d\x44\xe2\xd0\xb6\xde\x53\x1a\xd9"
"\x6b\x51\xe8\xf0\xc5\x6f\xdf\xea\xd3\xc2\x36\x89"
"\x2e\x4d\x84\xea\xcf\xc3\xb7\x5c";
@@ -28937,7 +28941,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
"\x12\x0a\x35\x21\xa8\x9d\x3d\x2f\x61\xff\x99\x03"
"\x5a\x21\x48\xae\x32\xe3\xa2\x48";
vec.sSz = 32;
#endif
vec.curveName = "SECP256R1";
break;
#endif /* !NO_ECC256 */
@@ -28972,7 +28975,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
vec.R = "6820b8585204648aed63bdff47f6d9acebdea62944774a7d14f0e14aa0b9a5b99545b2daee6b3c74ebf606667a3f39b7";
vec.S = "491af1d0cccd56ddd520b233775d0bc6b40a6255cc55207d8e9356741f23c96c14714221078dbd5c17f4fdd89b32a907";
vec.curveName = "SECP384R1";
#ifndef NO_ASN
vec.r = (byte*)"\x68\x20\xb8\x58\x52\x04\x64\x8a\xed\x63\xbd\xff"
"\x47\xf6\xd9\xac\xeb\xde\xa6\x29\x44\x77\x4a\x7d"
"\x14\xf0\xe1\x4a\xa0\xb9\xa5\xb9\x95\x45\xb2\xda"
@@ -28983,7 +28985,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
"\x8e\x93\x56\x74\x1f\x23\xc9\x6c\x14\x71\x42\x21"
"\x07\x8d\xbd\x5c\x17\xf4\xfd\xd8\x9b\x32\xa9\x07";
vec.sSz = 48;
#endif
break;
#endif /* HAVE_ECC384 */
@@ -29017,7 +29018,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
vec.R = "0bd117b4807710898f9dd7778056485777668f0e78e6ddf5b000356121eb7a220e9493c7f9a57c077947f89ac45d5acb6661bbcd17abb3faea149ba0aa3bb1521be";
vec.S = "019cd2c5c3f9870ecdeb9b323abdf3a98cd5e231d85c6ddc5b71ab190739f7f226e6b134ba1d5889ddeb2751dabd97911dff90c34684cdbe7bb669b6c3d22f2480c";
vec.curveName = "SECP521R1";
#ifndef NO_ASN
vec.r = (byte*)"\xbd\x11\x7b\x48\x07\x71\x08\x98\xf9\xdd\x77\x78"
"\x05\x64\x85\x77\x76\x68\xf0\xe7\x8e\x6d\xdf\x5b"
"\x00\x03\x56\x12\x1e\xb7\xa2\x20\xe9\x49\x3c\x7f"
@@ -29032,7 +29032,6 @@ static wc_test_ret_t ecc_test_vector(int keySize)
"\xdf\xf9\x0c\x34\x68\x4c\xdb\xe7\xbb\x66\x9b\x6c"
"\x3d\x22\xf2\x48\x0c";
vec.sSz = 65;
#endif
break;
#endif /* HAVE_ECC521 */
default:
@@ -29625,6 +29624,15 @@ static wc_test_ret_t ecc_test_make_pub(WC_RNG* rng)
#ifdef HAVE_ECC_VERIFY
int verify = 0;
#endif
#ifdef NO_ASN
/* private d for eccKeyDerFile / ecc_key_der_256 */
const byte keyPriv[] = {
0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85,
0xA1, 0x38, 0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC,
0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04, 0xFA, 0x6C,
0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C
};
#endif
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if ((key == NULL) ||
@@ -29679,6 +29687,7 @@ static wc_test_ret_t ecc_test_make_pub(WC_RNG* rng)
ERROR_OUT(WC_TEST_RET_ENC_NC, done);
}
#ifndef NO_ASN
x = 0;
ret = wc_EccPrivateKeyDecode(tmp, &x, key, tmpSz);
if (ret != 0)
@@ -29704,6 +29713,10 @@ static wc_test_ret_t ecc_test_make_pub(WC_RNG* rng)
}
#endif /* HAVE_ECC_KEY_EXPORT */
#else
/* Load raw private d directly */
ret = wc_ecc_import_private_key(keyPriv, sizeof(keyPriv), NULL, 0, key);
#endif /* !NO_ASN */
ret = wc_ecc_make_pub(NULL, NULL);
if (ret == 0) {
@@ -29723,7 +29736,7 @@ static wc_test_ret_t ecc_test_make_pub(WC_RNG* rng)
#endif
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
#endif
#endif /* !WOLFSSL_CRYPTOCELL */
TEST_SLEEP();
#ifdef HAVE_ECC_KEY_EXPORT
@@ -31183,7 +31196,7 @@ static wc_test_ret_t ecc_def_curve_test(WC_RNG *rng)
#else
ecc_key key[1];
#endif
#if !defined(NO_ECC_SECP) && \
#if !defined(NO_ECC_SECP) && !defined(NO_ASN) && \
((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
(defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)))
word32 idx = 0;
@@ -31236,7 +31249,7 @@ static wc_test_ret_t ecc_def_curve_test(WC_RNG *rng)
(void)rng;
#endif /* !WC_NO_RNG */
#if !defined(NO_ECC_SECP) && \
#if !defined(NO_ECC_SECP) && !defined(NO_ASN) && \
((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
(defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)))
/* Use test ECC key - ensure real private "d" exists */

2
wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h
View File

@@ -260,7 +260,7 @@ typedef struct TsipUserCtx {
/* sign/verify hash type :
* md5, sha1 or sha256
*/
int sing_hash_type;
int sign_hash_type;
/* flags shows status if tsip keys are installed */
union {

2
wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h
View File

@@ -60,8 +60,10 @@ typedef wolfssl_TSIP_Hash wc_Sha256;
typedef enum {
TSIP_RSA2048,
TSIP_RSA3072,
TSIP_RSA4096,
TSIP_ECCP256,
TSIP_ECCP384,
} TSIP_KEY_TYPE;