wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Espressif updates to fix Apple Homekit SRP.

Browse Source
This commit is contained in:
gojimmypi
2024-05-04 14:33:23 -07:00
parent 081731be8b
commit e90c6bcd24
10 changed files with 785 additions and 503 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
IDE/Espressif/ESP-IDF/examples/wolfssl_test/testAll.sh
View File

@ -15,53 +15,88 @@
# Run shell check to ensure this a good script. # Run shell check to ensure this a good script.
shellcheck "$0" shellcheck "$0"
if [[ "$PATH" == *"rtos-sdk"* ]]; then
echo "Error. Detected rtos-sdk in path."
echo "Need to start with clean path (no prior idf.py setup) "
exit 1
fi
# Save the current PATH to a temporary variable # Save the current PATH to a temporary variable
ORIGINAL_PATH="$PATH" ORIGINAL_PATH="$PATH"
echo "ORIGINAL_PATH=$PATH"
export ESPIDF_PUTTY_MONITOR="TRUE" export ESPIDF_PUTTY_MONITOR="TRUE"
THIS_SUFFIX="$1" THIS_SUFFIX="$1"
# Clear IDF path to ensure it is set by export.sh
IDF_PATH=
# set the path for this workspace IDF path (where export.sh is located) #******************************************************************************
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2 # ESP8266 uses rtos-sdk/v3.4 toolchain. Test this first, as it is slowest.
echo "Run ESP32 export.sh from ${WRK_IDF_PATH}"
# shell check should not follow into the ESP-IDF export.sh
# shellcheck disable=SC1091
. "${WRK_IDF_PATH}"/export.sh
echo "IDF_PATH = $IDF_PATH"
./testMonitor.sh wolfssl_test esp32 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32c2 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32c3 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32c6 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32s2 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32s3 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32h2 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp8684 "$THIS_SUFFIX" || exit 1
# ESP8266 uses a different toolchain
# Restore the original PATH
export PATH=$ORIGINAL_PATH
IDF_PATH=
WRK_IDF_PATH=/mnt/c/SysGCC/esp8266/rtos-sdk/v3.4 WRK_IDF_PATH=/mnt/c/SysGCC/esp8266/rtos-sdk/v3.4
#******************************************************************************
# Clear ESP-IDF environment variables to ensure clean start for export.sh
unset ESP_IDF_VERSION
unset ESP_ROM_ELF_DIR
unset IDF_DEACTIVATE_FILE_PATH
unset IDF_PATH
unset IDF_PYTHON_ENV_PATH
unset IDF_TOOLS_EXPORT_CMD
unset IDF_TOOLS_INSTALL_CMD
unset OPENOCD_SCRIPTS
echo "Run ESP8266 export.sh from ${WRK_IDF_PATH}" echo "Run ESP8266 export.sh from ${WRK_IDF_PATH}"
# shell check should not follow into the ESP-IDF export.sh # shell check should not follow into the ESP-IDF export.sh
# shellcheck disable=SC1091 # shellcheck disable=SC1091
. "$WRK_IDF_PATH"/export.sh . "$WRK_IDF_PATH"/export.sh
echo "IDF_PATH = $IDF_PATH" # Tensilica
./testMonitor.sh wolfssl_test esp8266 "$THIS_SUFFIX" || exit 1 # 2715073
./testMonitor.sh wolfssl_test esp8266 PR || exit 1
#******************************************************************************
# ESP32[-N] uses esp-idf/v5.2 toolchain
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2
#******************************************************************************
# Restore the original PATH
export PATH="$ORIGINAL_PATH"
# Clear ESP-IDF environment variables to ensure clean start
unset ESP_IDF_VERSION
unset ESP_ROM_ELF_DIR
unset IDF_DEACTIVATE_FILE_PATH
unset IDF_PATH
unset IDF_PYTHON_ENV_PATH
unset IDF_TOOLS_EXPORT_CMD
unset IDF_TOOLS_INSTALL_CMD
unset OPENOCD_SCRIPTS
echo "Run ESP32 export.sh from ${WRK_IDF_PATH}"
# shell check should not follow into the ESP-IDF export.sh
# shellcheck disable=SC1091
. "$WRK_IDF_PATH"/export.sh
# Comment numeric values are recently observed runtime durations.
# Different tests may be enabled for each device.
# This list is not indicative of relative performance.
# Limited hardware acceleration, test slowest first:
./testMonitor.sh wolfssl_test esp32h2 "$THIS_SUFFIX" || exit 1 # 1424084 esp32h2 COM31" ok
./testMonitor.sh wolfssl_test esp8684 "$THIS_SUFFIX" || exit 1 # 1065290 esp8684 COM49" ok
# RISC-V
./testMonitor.sh wolfssl_test esp32c2 "$THIS_SUFFIX" || exit 1 # 1133856 esp32c2 COM79" ok
./testMonitor.sh wolfssl_test esp32c3 "$THIS_SUFFIX" || exit 1 # 344677 esp32c3 COM35" NT
./testMonitor.sh wolfssl_test esp32c6 "$THIS_SUFFIX" || exit 1 # 346393 esp32c6 COM36" ok
# Xtensa
./testMonitor.sh wolfssl_test esp32 "$THIS_SUFFIX" || exit 1 # 259093 esp32 COM9" NT
./testMonitor.sh wolfssl_test esp32s2 "$THIS_SUFFIX" || exit 1 # 305004 esp32s2 COM30" NT
./testMonitor.sh wolfssl_test esp32s3 "$THIS_SUFFIX" || exit 1 # 267518 esp32s3 COM24" NT
# Restore the original PATH # Restore the original PATH
export PATH=$ORIGINAL_PATH export PATH="$ORIGINAL_PATH"
echo "Done!" echo "Done!"

7
IDE/Espressif/ESP-IDF/examples/wolfssl_test/testMonitor.sh
View File

@ -130,7 +130,7 @@ BUILD_LOG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_build_IDF_v5.1_${THIS_TARGET}_$
FLASH_LOG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_flash_IDF_v5.1_${THIS_TARGET}_${THIS_KEYWORD}.txt" FLASH_LOG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_flash_IDF_v5.1_${THIS_TARGET}_${THIS_KEYWORD}.txt"
THIS_LOG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_output_IDF_v5.1_${THIS_TARGET}_${THIS_KEYWORD}.txt" THIS_LOG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_output_IDF_v5.1_${THIS_TARGET}_${THIS_KEYWORD}.txt"
THIS_CFG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_user_settings_IDF_v5.1_${THIS_TARGET}_${THIS_KEYWORD}.txt" THIS_CFG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_user_settings_IDF_v5.1_${THIS_TARGET}_${THIS_KEYWORD}.txt"
THIS_WLOG="logs\\${THIS_TARGET}_output.log"
# cp ./components/wolfssl/include/user_settings.h "${THIS_CFG}" # cp ./components/wolfssl/include/user_settings.h "${THIS_CFG}"
echo "BUILD_LOG = ${BUILD_LOG}" echo "BUILD_LOG = ${BUILD_LOG}"
@ -180,6 +180,7 @@ else
THIS_ERROR_CODE=$? THIS_ERROR_CODE=$?
if [ $THIS_ERROR_CODE -ne 0 ]; then if [ $THIS_ERROR_CODE -ne 0 ]; then
echo "" echo ""
tail -n 5 "${BUILD_LOG}"
echo "Error during set-target" echo "Error during set-target"
exit 1 exit 1
fi fi
@ -193,6 +194,7 @@ idf.py build >> "${BUILD_LOG}" 2>&1
THIS_ERROR_CODE=$? THIS_ERROR_CODE=$?
if [ $THIS_ERROR_CODE -ne 0 ]; then if [ $THIS_ERROR_CODE -ne 0 ]; then
echo "" echo ""
tail -n 5 "${BUILD_LOG}"
echo "Error during build for $THIS_TARGET" echo "Error during build for $THIS_TARGET"
echo "" echo ""
echo "" echo ""
@ -207,6 +209,7 @@ idf.py flash -p "${THIS_TARGET_PORT}" -b 115200 2>&1 | tee -a "${FLASH_LOG}"
THIS_ERROR_CODE=$? THIS_ERROR_CODE=$?
if [ $THIS_ERROR_CODE -ne 0 ]; then if [ $THIS_ERROR_CODE -ne 0 ]; then
echo "" echo ""
tail -n 5 "${FLASH_LOG}"
echo "Error during flash" echo "Error during flash"
exit 1 exit 1
fi fi
@ -223,5 +226,5 @@ if [ -z "$ESPIDF_PUTTY_MONITOR" ]; then
else else
echo "Calling putty..." echo "Calling putty..."
echo "$PUTTY_EXE -load \"$THIS_TARGET_PUTTY\"" echo "$PUTTY_EXE -load \"$THIS_TARGET_PUTTY\""
$PUTTY_EXE -load "$THIS_TARGET_PUTTY" & $PUTTY_EXE -load "$THIS_TARGET_PUTTY" -logoverwrite -sessionlog "${THIS_WLOG}" &
fi fi

13
wolfcrypt/src/port/Espressif/esp32_aes.c
View File

@ -48,6 +48,9 @@ static const char* TAG = "wolf_hw_aes";
/* mutex */ /* mutex */
static wolfSSL_Mutex aes_mutex; static wolfSSL_Mutex aes_mutex;
/* Maximum time to wait for AES HW in FreeRTOS ticks */
#define WOLFSSL_AES_MUTEX_WAIT 5000
/* keep track as to whether esp aes is initialized */ /* keep track as to whether esp aes is initialized */
static int espaes_CryptHwMutexInit = 0; static int espaes_CryptHwMutexInit = 0;
@ -86,7 +89,13 @@ static int esp_aes_hw_InUse(void)
* of esp_CryptHwMutexLock(&aes_mutex ...) in code */ * of esp_CryptHwMutexLock(&aes_mutex ...) in code */
/* TODO - do we really want to wait? /* TODO - do we really want to wait?
* probably not */ * probably not */
ret = esp_CryptHwMutexLock(&aes_mutex, portMAX_DELAY); ret = esp_CryptHwMutexLock(&aes_mutex, WOLFSSL_AES_MUTEX_WAIT);
if (ret == ESP_OK) {
ESP_LOGV(TAG, "esp_CryptHwMutexLock aes success");
}
else {
ESP_LOGW(TAG, "esp_CryptHwMutexLock aes timeout! %d", ret);
}
} }
else { else {
ESP_LOGE(TAG, "aes engine lock failed."); ESP_LOGE(TAG, "aes engine lock failed.");
@ -597,9 +606,9 @@ int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
offset += AES_BLOCK_SIZE; offset += AES_BLOCK_SIZE;
} /* while (blocks--) */ } /* while (blocks--) */
esp_aes_hw_Leave();
} /* if Set Mode was successful (ret == ESP_OK) */ } /* if Set Mode was successful (ret == ESP_OK) */
esp_aes_hw_Leave();
ESP_LOGV(TAG, "leave wc_esp32AesCbcDecrypt"); ESP_LOGV(TAG, "leave wc_esp32AesCbcDecrypt");
return ret; return ret;
} /* wc_esp32AesCbcDecrypt */ } /* wc_esp32AesCbcDecrypt */

23
wolfcrypt/src/port/Espressif/esp32_mp.c
View File

@ -1839,8 +1839,12 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
/* do we have an even moduli? */ /* do we have an even moduli? */
if ((M->dp[0] & 1) == 0) { if ((M->dp[0] & 1) == 0) {
#ifndef NO_ESP_MP_MUL_EVEN_ALT_CALC #ifndef NO_ESP_MP_MUL_EVEN_ALT_CALC
/* Z = X * Y mod M in mixed HW & SW*/ /* Z = X * Y mod M in mixed HW & SW */
#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
ret = mp_mul(X, Y, tmpZ); /* SW X * Y */
#else
ret = esp_mp_mul(X, Y, tmpZ); /* HW X * Y */ ret = esp_mp_mul(X, Y, tmpZ); /* HW X * Y */
#endif
if (ret == MP_OKAY) { if (ret == MP_OKAY) {
/* z = tmpZ mod M, 0 <= Z < M */ /* z = tmpZ mod M, 0 <= Z < M */
ret = mp_mod(tmpZ, M, Z); /* SW mod M */ ret = mp_mod(tmpZ, M, Z); /* SW mod M */
@ -1940,7 +1944,6 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
/* lock HW for use, enable peripheral clock */ /* lock HW for use, enable peripheral clock */
if (ret == MP_OKAY) { if (ret == MP_OKAY) {
mulmod_lock_called = TRUE; /* Don't try to unlock unless we locked */
#ifdef WOLFSSL_HW_METRICS #ifdef WOLFSSL_HW_METRICS
{ {
/* Only track max values when using HW */ /* Only track max values when using HW */
@ -1954,6 +1957,12 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
#endif #endif
ret = esp_mp_hw_lock(); ret = esp_mp_hw_lock();
if (ret == ESP_OK) {
mulmod_lock_called = TRUE; /* Don't try to unlock unless locked */
}
else {
ret = WC_HW_WAIT_E;
}
} }
#if defined(CONFIG_IDF_TARGET_ESP32) #if defined(CONFIG_IDF_TARGET_ESP32)
@ -2441,14 +2450,14 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
esp_mp_mulmod_usage_ct); esp_mp_mulmod_usage_ct);
ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures", ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures",
esp_mp_mulmod_error_ct); esp_mp_mulmod_error_ct);
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
esp_show_mp("HW Z", Z); /* this is the HW result */ esp_show_mp("HW Z", Z); /* this is the HW result */
esp_show_mp("SW Z2", Z2); /* this is the SW result */ esp_show_mp("SW Z2", Z2); /* this is the SW result */
ESP_LOGI(TAG, "esp_mp_mulmod_usage_ct = %lu tries", ESP_LOGI(TAG, "esp_mp_mulmod_usage_ct = %lu tries",
esp_mp_mulmod_usage_ct); esp_mp_mulmod_usage_ct);
ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures", ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures",
esp_mp_mulmod_error_ct); esp_mp_mulmod_error_ct);
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
#ifndef NO_RECOVER_SOFTWARE_CALC #ifndef NO_RECOVER_SOFTWARE_CALC
@ -2991,7 +3000,7 @@ int esp_hw_show_mp_metrics(void)
"NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL"); "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL");
#else #else
/* Metrics: esp_mp_mul() */ /* Metrics: esp_mp_mul() */
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* mul follows */ ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* mul follows */
ESP_LOGI(TAG, "esp_mp_mul HW acceleration enabled."); ESP_LOGI(TAG, "esp_mp_mul HW acceleration enabled.");
ESP_LOGI(TAG, "Number of calls to esp_mp_mul: %lu", ESP_LOGI(TAG, "Number of calls to esp_mp_mul: %lu",
esp_mp_mul_usage_ct); esp_mp_mul_usage_ct);
@ -3010,7 +3019,7 @@ int esp_hw_show_mp_metrics(void)
"NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD"); "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD");
#else #else
/* Metrics: esp_mp_mulmod() */ /* Metrics: esp_mp_mulmod() */
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* mulmod follows */ ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* mulmod follows */
ESP_LOGI(TAG, "esp_mp_mulmod HW acceleration enabled."); ESP_LOGI(TAG, "esp_mp_mulmod HW acceleration enabled.");
/* Metrics: esp_mp_mulmod() */ /* Metrics: esp_mp_mulmod() */
@ -3052,7 +3061,7 @@ int esp_hw_show_mp_metrics(void)
"NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD"); "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD");
#else #else
/* Metrics: sp_mp_exptmod() */ /* Metrics: sp_mp_exptmod() */
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* exptmod follows */ ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* exptmod follows */
ESP_LOGI(TAG, "Number of calls to esp_mp_exptmod: %lu", ESP_LOGI(TAG, "Number of calls to esp_mp_exptmod: %lu",
esp_mp_exptmod_usage_ct); esp_mp_exptmod_usage_ct);

992
wolfcrypt/src/port/Espressif/esp32_sha.c
View File

File diff suppressed because it is too large Load Diff

5
wolfcrypt/src/port/Espressif/esp_sdk_time_lib.c
View File

@ -28,7 +28,7 @@
#include <wolfssl/wolfcrypt/settings.h> #include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */ #if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
#if defined(USE_WOLFSSL_ESP_SDK_TIME)
/* Espressif */ /* Espressif */
#include "sdkconfig.h" /* programmatically generated from sdkconfig */ #include "sdkconfig.h" /* programmatically generated from sdkconfig */
#include <esp_log.h> #include <esp_log.h>
@ -438,4 +438,5 @@ int set_time_wait_for_ntp(void)
} }
#endif /* ESP32 or ESP8266 time helpers */ #endif /* ESP32 or ESP8266 time helpers */
#endif #endif /* USE_WOLFSSL_ESP_SDK_TIME */
#endif /* WOLFSSL_ESPIDF*/

4
wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.c
View File

@ -28,7 +28,7 @@
#include <wolfssl/wolfcrypt/settings.h> #include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */ #if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
#ifndef NO_ESP_SDK_WIFI #if defined(USE_WOLFSSL_ESP_SDK_WIFI)
/* Espressif */ /* Espressif */
#include "sdkconfig.h" /* programmatically generated from sdkconfig */ #include "sdkconfig.h" /* programmatically generated from sdkconfig */
@ -464,5 +464,5 @@ esp_err_t wc_wifi_show_ip(void)
#endif #endif
#endif /* !NO_ESP_SDK_WIFI */ #endif /* USE_WOLFSSL_ESP_SDK_WIFI */
#endif /* WOLFSSL_ESPIDF */ #endif /* WOLFSSL_ESPIDF */

127
wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
View File

@ -44,6 +44,18 @@
#include <esp_types.h> #include <esp_types.h>
#include <esp_log.h> #include <esp_log.h>
#ifndef _INTPTR_T_DECLARED
#define intptr_t (void*)
#endif
#ifndef _UINTPTR_T_DECLARED
#define uintptr_t (void*)
#endif
#ifndef NULLPTR
#define NULLPTR ((uintptr_t)NULL)
#endif
#if ESP_IDF_VERSION_MAJOR >= 4 #if ESP_IDF_VERSION_MAJOR >= 4
#define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE "" #define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE ""
#else #else
@ -51,6 +63,12 @@
#define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE "." #define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE "."
#endif #endif
#if defined(WOLFSSL_STACK_CHECK)
#define CTX_STACK_CHECK(ctx) esp_sha_stack_check(ctx)
#else
#define CTX_STACK_CHECK(ctx) {}
#endif
#if defined(CONFIG_IDF_TARGET) #if defined(CONFIG_IDF_TARGET)
#define FOUND_CONFIG_IDF_TARGET CONFIG_IDF_TARGET #define FOUND_CONFIG_IDF_TARGET CONFIG_IDF_TARGET
#else #else
@ -60,6 +78,7 @@
/* Optional exit message. /* Optional exit message.
* The WOLFSSL_COMPLETE keyword exits wolfSSL test harness script. */ * The WOLFSSL_COMPLETE keyword exits wolfSSL test harness script. */
#define WOLFSSL_ESPIDF_EXIT_MESSAGE \ #define WOLFSSL_ESPIDF_EXIT_MESSAGE \
"\n\nDevice: " FOUND_CONFIG_IDF_TARGET \
"\n\nDone!" \ "\n\nDone!" \
"\n\nWOLFSSL_COMPLETE" \ "\n\nWOLFSSL_COMPLETE" \
"\n\nIf running from idf.py monitor, press twice: Ctrl+]" "\n\nIf running from idf.py monitor, press twice: Ctrl+]"
@ -320,11 +339,16 @@ enum {
/* #define NO_ESP32_CRYPT */ /* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
#define NO_WOLFSSL_ESP32_CRYPT_AES /* No AES HW */ /* No AES HW */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI /* No RSA HW*/ #define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL /* No RSA, so no mp_mul */ /* No RSA HW: */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD /* No RSA, so no mp_mulmod */ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD /* No RSA, no mp_exptmod */ /* No RSA, so no mp_mul: */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
/* No RSA, so no mp_mulmod: */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
/* No RSA, no mp_exptmod: */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
#include <soc/dport_access.h> #include <soc/dport_access.h>
#include <soc/hwcrypto_reg.h> #include <soc/hwcrypto_reg.h>
@ -433,6 +457,11 @@ enum {
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/ /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* wolfSSL Hardware Acceleration not yet implemented. Note: no WiFi. */
#define NO_ESP32_CRYPT
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2) #elif defined(CONFIG_IDF_TARGET_ESP32S2)
#include "soc/dport_reg.h" #include "soc/dport_reg.h"
#include <soc/hwcrypto_reg.h> #include <soc/hwcrypto_reg.h>
@ -453,9 +482,26 @@ enum {
#include <driver/periph_ctrl.h> #include <driver/periph_ctrl.h>
#endif #endif
#define ESP_PROHIBIT_SMALL_X 0 #define ESP_PROHIBIT_SMALL_X 0
/***** END CONFIG_IDF_TARGET_ESP32S3 *****/
#else #else
/* not yet supported. no HW */ /* Unknown: Not yet supported. Assume no HW. */
#define NO_ESP32_CRYPT
/***** END CONFIG_IDF_TARGET_[x] config unknown *****/
#endif /* CONFIG_IDF_TARGET target check */
#ifdef NO_ESP32_CRYPT
/* There's no hardware acceleration, so ensure everything is disabled: */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#undef NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_AES
#undef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif
#ifdef NO_WOLFSSL_ESP32_CRYPT_HASH
/* There's no SHA hardware acceleration, so ensure all are disabled: */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
@ -470,7 +516,15 @@ enum {
#endif /* CONFIG_IDF_TARGET target check */ #endif /* CONFIG_IDF_TARGET target check */
#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI #ifdef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* With RSA disabled (or not available), explicitly disable each: */
#undef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
#undef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
#undef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
#else
#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL) && \ #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL) && \
defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD) && \ defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD) && \
defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD) defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
@ -496,6 +550,19 @@ enum {
#endif #endif
#endif #endif
/* Resulting settings review for syntax highlighter review only: */
#if defined(NO_ESP32_CRYPT) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
defined(NO_WOLFSSL_ESP32_CRYPT_AES) || \
defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384) || \
defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512) || \
defined(WOLFSSL_ESP32_CRYPT_DEBUG)
#endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" extern "C"
{ {
@ -638,6 +705,8 @@ extern "C"
#include "rom/sha.h" #include "rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE #define WC_ESP_SHA_TYPE SHA_TYPE
#endif #endif
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* there's no HW to include */
#else #else
#include "rom/sha.h" #include "rom/sha.h"
#endif #endif
@ -656,11 +725,14 @@ extern "C"
typedef struct typedef struct
{ {
/* pointer to object the initialized HW; to track copies */ #if defined(WOLFSSL_STACK_CHECK)
void* initializer; word32 first_word;
#if !defined(SINGLE_THREADED) || defined(ESP_MONITOR_HW_TASK_LOCK) #endif
void* task_owner; /* Pointer to object that initialized HW, to track copies: */
#endif uintptr_t initializer;
#if defined(ESP_MONITOR_HW_TASK_LOCK) && !defined(SINGLE_THREADED)
TaskHandle_t task_owner;
#endif
/* an ESP32_MODE value; typically: /* an ESP32_MODE value; typically:
** 0 init, ** 0 init,
@ -684,6 +756,9 @@ extern "C"
/* 0 (false) this is NOT first block. /* 0 (false) this is NOT first block.
** 1 (true ) this is first block. */ ** 1 (true ) this is first block. */
byte isfirstblock : 1; /* 1 bit only for true / false */ byte isfirstblock : 1; /* 1 bit only for true / false */
#if defined(WOLFSSL_STACK_CHECK)
word32 last_word;
#endif
} WC_ESP32SHA; } WC_ESP32SHA;
WOLFSSL_LOCAL int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx); WOLFSSL_LOCAL int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx);
@ -694,20 +769,25 @@ extern "C"
WOLFSSL_LOCAL int esp_sha_hw_unlock(WC_ESP32SHA* ctx); WOLFSSL_LOCAL int esp_sha_hw_unlock(WC_ESP32SHA* ctx);
/* esp_sha_hw_islocked: returns 0 if not locked, otherwise owner address */ /* esp_sha_hw_islocked: returns 0 if not locked, otherwise owner address */
WOLFSSL_LOCAL int esp_sha_hw_islocked(WC_ESP32SHA* ctx); WOLFSSL_LOCAL uintptr_t esp_sha_hw_islocked(WC_ESP32SHA* ctx);
/* esp_sha_hw_in_use returns 1 (true) if SHA HW in use, otherwise 0 */
WOLFSSL_LOCAL int esp_sha_hw_in_use();
WOLFSSL_LOCAL int esp_sha_call_count(); WOLFSSL_LOCAL int esp_sha_call_count();
WOLFSSL_LOCAL int esp_sha_lock_count(); WOLFSSL_LOCAL int esp_sha_lock_count();
WOLFSSL_LOCAL int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx); WOLFSSL_LOCAL int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_set_stray(WC_ESP32SHA* ctx); WOLFSSL_LOCAL int esp_sha_set_stray(WC_ESP32SHA* ctx);
#ifndef NO_SHA
struct wc_Sha; struct wc_Sha;
WOLFSSL_LOCAL int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst); WOLFSSL_LOCAL int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst);
WOLFSSL_LOCAL int esp_sha_digest_process(struct wc_Sha* sha, WOLFSSL_LOCAL int esp_sha_digest_process(struct wc_Sha* sha,
byte blockprocess); byte blockprocess);
WOLFSSL_LOCAL int esp_sha_process(struct wc_Sha* sha, const byte* data); WOLFSSL_LOCAL int esp_sha_process(struct wc_Sha* sha, const byte* data);
#endif /* NO_SHA */
#ifdef WOLFSSL_DEBUG_MUTEX #ifdef WOLFSSL_DEBUG_MUTEX
/* testing HW release in task that did not lock */ /* Testing HW release in task that did not lock: */
extern WC_ESP32SHA* stray_ctx; extern WC_ESP32SHA* stray_ctx;
#endif #endif
@ -818,6 +898,13 @@ extern "C"
WOLFSSL_LOCAL int esp_hw_show_metrics(void); WOLFSSL_LOCAL int esp_hw_show_metrics(void);
#endif #endif
#if defined(WOLFSSL_STACK_CHECK)
WOLFSSL_LOCAL int esp_sha_stack_check(WC_ESP32SHA* sha);
#endif /* WOLFSSL_STACK_CHECK */
/* /*
* Errata Mitigation. See * Errata Mitigation. See
* https://www.espressif.com/sites/default/files/documentation/esp32_errata_en.pdf * https://www.espressif.com/sites/default/files/documentation/esp32_errata_en.pdf
@ -899,16 +986,6 @@ extern "C"
} }
#endif #endif
/* Compatibility checks */
#if defined(DEBUG_WOLFSSH) || defined(ESP_ENABLE_WOLFSSH) || \
defined(WOLFSSH_TERM) || defined(WOLFSSH_TEST_SERVER)
#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
/* need to add this line to wolfssl component user_settings.h
* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
#error "ESP32_CRYPT_HASH_SHA256 not supported on wolfSSL at this time"
#endif
#endif /* SSH SHA256 HW check */
#endif /* WOLFSSL_ESPIDF (entire contents excluded when not Espressif ESP-IDF) */ #endif /* WOLFSSL_ESPIDF (entire contents excluded when not Espressif ESP-IDF) */
#endif /* __ESP32_CRYPT_H__ */ #endif /* __ESP32_CRYPT_H__ */

18
wolfssl/wolfcrypt/settings.h
View File

@ -3537,6 +3537,24 @@ extern void uITRON4_free(void *p) ;
#endif #endif
/* Some final sanity checks */ /* Some final sanity checks */
#ifdef WOLFSSL_APPLE_HOMEKIT
#ifndef WOLFCRYPT_HAVE_SRP
#error "WOLFCRYPT_HAVE_SRP is required for Apple Homekit"
#endif
#ifndef HAVE_CHACHA
#error "HAVE_CHACHA is required for Apple Homekit"
#endif
#ifdef USE_FAST_MATH
#ifdef FP_MAX_BITS
#if FP_MAX_BITS < (8192 * 2)
#error "HomeKit FP_MAX_BITS must at least (8192 * 2)"
#endif
#else
#error "HomeKit FP_MAX_BITS must be assigned a value (8192 * 2)"
#endif
#endif
#endif
#if defined(WOLFSSL_ESPIDF) && defined(ARDUINO) #if defined(WOLFSSL_ESPIDF) && defined(ARDUINO)
#error "Found both ESPIDF and ARDUINO. Pick one." #error "Found both ESPIDF and ARDUINO. Pick one."
#endif #endif

4
wolfssl/wolfcrypt/sha512.h
View File

@ -160,9 +160,11 @@ struct wc_Sha512 {
#ifdef WOLFSSL_SMALL_STACK_CACHE #ifdef WOLFSSL_SMALL_STACK_CACHE
word64* W; word64* W;
#endif #endif
#if defined(WOLFSSL_ESP32_CRYPT) && \ #if defined(WOLFSSL_ESP32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512) (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512) || \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384))
WC_ESP32SHA ctx; WC_ESP32SHA ctx;
#endif #endif
#if defined(WOLFSSL_SILABS_SE_ACCEL) #if defined(WOLFSSL_SILABS_SE_ACCEL)