From eb8a3afe3885f6d959df8e36ef2b205e6d6785c7 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Sat, 12 Jul 2025 09:49:09 +0900 Subject: [PATCH] Addressed code review comments --- src/keys.c | 2 +- wolfcrypt/src/port/Renesas/renesas_common.c | 17 +- wolfcrypt/src/port/Renesas/renesas_tsip_aes.c | 33 +-- wolfcrypt/src/port/Renesas/renesas_tsip_sha.c | 16 +- .../src/port/Renesas/renesas_tsip_util.c | 253 +++++++++--------- wolfssl/wolfcrypt/include.am | 1 + .../port/Renesas/renesas_tsip_internal.h | 2 - 7 files changed, 163 insertions(+), 161 deletions(-) diff --git a/src/keys.c b/src/keys.c index a2e09d3f9..3b8ce51c7 100644 --- a/src/keys.c +++ b/src/keys.c @@ -3559,7 +3559,7 @@ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side) cbInfo->side = side; #elif defined(WOLFSSL_RENESAS_TSIP_TLS) TsipUserCtx* cbInfo = (TsipUserCtx*)ctx; - _ACCESSOR(cbInfo)->key_side = side; + cbInfo->internal->key_side = side; #endif ret = ssl->ctx->EncryptKeysCb(ssl, ctx); } diff --git a/wolfcrypt/src/port/Renesas/renesas_common.c b/wolfcrypt/src/port/Renesas/renesas_common.c index d1c87febc..b007fa68b 100644 --- a/wolfcrypt/src/port/Renesas/renesas_common.c +++ b/wolfcrypt/src/port/Renesas/renesas_common.c @@ -494,7 +494,7 @@ int wc_CryptoCb_CryptInitRenesasCmn(struct WOLFSSL* ssl, void* ctx) if (gdevId < 0) { gdevId = INITIAL_DEVID; } - _ACCESSOR(cbInfo)->devId = gdevId++; + cbInfo->internal->devId = gdevId++; cmn_hw_unlock(); } else { @@ -502,7 +502,7 @@ int wc_CryptoCb_CryptInitRenesasCmn(struct WOLFSSL* ssl, void* ctx) return INVALID_DEVID; } - if (wc_CryptoCb_RegisterDevice(_ACCESSOR(cbInfo)->devId, + if (wc_CryptoCb_RegisterDevice(cbInfo->internal->devId, Renesas_cmn_CryptoDevCb, cbInfo) < 0) { /* undo devId number */ gdevId--; @@ -513,12 +513,12 @@ int wc_CryptoCb_CryptInitRenesasCmn(struct WOLFSSL* ssl, void* ctx) !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) && \ !defined(HAVE_RENESAS_SYNC) if (ssl) - wolfSSL_SetDevId(ssl, _ACCESSOR(cbInfo)->devId); + wolfSSL_SetDevId(ssl, cbInfo->internal->devId); #endif - gCbCtx[_ACCESSOR(cbInfo)->devId - INITIAL_DEVID] = (void*)cbInfo; + gCbCtx[cbInfo->internal->devId - INITIAL_DEVID] = (void*)cbInfo; - return _ACCESSOR(cbInfo)->devId; + return cbInfo->internal->devId; } /* Renesas Security Library Common Method @@ -764,8 +764,8 @@ static int Renesas_cmn_EncryptKeys(WOLFSSL* ssl, void* ctx) #if defined(WOLFSSL_RENESAS_TSIP_TLS) TsipUserCtx* cbInfo = (TsipUserCtx*)ctx; - if (_ACCESSOR(cbInfo)->session_key_set == 1) { - switch(_ACCESSOR(cbInfo)->key_side) { + if (cbInfo->internal->session_key_set == 1) { + switch(cbInfo->internal->key_side) { #elif defined(WOLFSSL_RENESAS_FSPSM_TLS) FSPSM_ST* cbInfo = (FSPSM_ST*)ctx; @@ -820,7 +820,8 @@ WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx) WOLFSSL_ENTER("Renesas_cmn_generateSessionKey"); if (Renesas_cmn_usable(ssl, 0)) { #if defined(WOLFSSL_RENESAS_TSIP_TLS) - ret = wc_tsip_generateSessionKey(ssl, cbInfo, _ACCESSOR(cbInfo)->devId); + ret = wc_tsip_generateSessionKey(ssl, cbInfo, + cbInfo->internal->devId); #elif defined(WOLFSSL_RENESAS_FSPSM_TLS) ret = wc_fspsm_generateSessionKey(ssl, ctx, cbInfo->devId); #endif diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c index 15b378ca0..606a48237 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c @@ -447,14 +447,15 @@ int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, void* ctx) #ifdef HAVE_AESGCM if (info->cipher.type == WC_CIPHER_AES_GCM #ifdef WOLFSSL_RENESAS_TSIP_TLS - && cbInfo != NULL && _ACCESSOR(cbInfo)->session_key_set == 1 + && cbInfo != NULL && + cbInfo->internal->session_key_set == 1 #endif ) { /* prioritize TLS Session Key than User TSIP Aes Key */ /* TODO : identify if Aes API is called through */ /* while doing TLS handshake or Crypt API */ #ifdef WOLFSSL_RENESAS_TSIP_TLS - if (_ACCESSOR(cbInfo)->session_key_set == 1) + if (cbInfo->internal->session_key_set == 1) ret = 0; else #else @@ -500,13 +501,13 @@ int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, void* ctx) #ifdef WOLFSSL_AES_COUNTER if (info->cipher.type == WC_CIPHER_AES_CTR #ifdef WOLFSSL_RENESAS_TSIP_TLS - && cbInfo != NULL && _ACCESSOR(cbInfo)->session_key_set == 1 + && cbInfo != NULL && cbInfo->internal->session_key_set == 1 #endif ) { int remain = (int)(info->cipher.aesctr.sz % WC_AES_BLOCK_SIZE); if (remain == 0) { #ifdef WOLFSSL_RENESAS_TSIP_TLS - if (_ACCESSOR(cbInfo)->session_key_set == 1) + if (cbInfo->internal->session_key_set == 1) ret = 0; else #else @@ -530,11 +531,11 @@ int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, void* ctx) #ifdef HAVE_AES_CBC if (info->cipher.type == WC_CIPHER_AES_CBC #ifdef WOLFSSL_RENESAS_TSIP_TLS - && cbInfo != NULL && _ACCESSOR(cbInfo)->session_key_set == 1 + && cbInfo != NULL && cbInfo->internal->session_key_set == 1 #endif ) { #ifdef WOLFSSL_RENESAS_TSIP_TLS - if (_ACCESSOR(cbInfo)->session_key_set == 1) + if (cbInfo->internal->session_key_set == 1) ret = 0; else #else @@ -873,15 +874,15 @@ int wc_tsip_AesGcmEncrypt( #if defined(WOLFSSL_RENESAS_TSIP_TLS) if (ret == 0 && - _ACCESSOR(userCtx)->session_key_set == 1) { + userCtx->internal->session_key_set == 1) { /* generate AES-GCM session key. The key stored in * Aes.ctx.tsip_keyIdx is not used here. */ err = R_TSIP_TlsGenerateSessionKey( - _ACCESSOR(userCtx)->tsip_cipher, - (uint32_t*)_ACCESSOR(userCtx)->tsip_masterSecret, - (uint8_t*) _ACCESSOR(userCtx)->tsip_clientRandom, - (uint8_t*) _ACCESSOR(userCtx)->tsip_serverRandom, + userCtx->internal->tsip_cipher, + (uint32_t*)userCtx->internal->tsip_masterSecret, + (uint8_t*) userCtx->internal->tsip_clientRandom, + (uint8_t*) userCtx->internal->tsip_serverRandom, &iv[AESGCM_IMP_IV_SZ], /* use exp_IV */ NULL, NULL, @@ -1072,15 +1073,15 @@ int wc_tsip_AesGcmDecrypt( #if defined(WOLFSSL_RENESAS_TSIP_TLS) if (ret == 0 && - _ACCESSOR(userCtx)->session_key_set == 1) { + userCtx->internal->session_key_set == 1) { /* generate AES-GCM session key. The key stored in * Aes.ctx.tsip_keyIdx is not used here. */ err = R_TSIP_TlsGenerateSessionKey( - _ACCESSOR(userCtx)->tsip_cipher, - (uint32_t*)_ACCESSOR(userCtx)->tsip_masterSecret, - (uint8_t*) _ACCESSOR(userCtx)->tsip_clientRandom, - (uint8_t*) _ACCESSOR(userCtx)->tsip_serverRandom, + userCtx->internal->tsip_cipher, + (uint32_t*)userCtx->internal->tsip_masterSecret, + (uint8_t*) userCtx->internal->tsip_clientRandom, + (uint8_t*) userCtx->internal->tsip_serverRandom, (uint8_t*)&iv[AESGCM_IMP_IV_SZ], /* use exp_IV */ NULL, NULL, diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c b/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c index 6e663dc2a..b805e1e19 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c @@ -82,7 +82,7 @@ WOLFSSL_LOCAL int tsip_Tls13GetHmacMessages(struct WOLFSSL* ssl, byte* mac) if (tuc == NULL) { ret = CRYPTOCB_UNAVAILABLE; } - else if (!_ACCESSOR(tuc)->HandshakeClientTrafficKey_set) { + else if (!tuc->internal->HandshakeClientTrafficKey_set) { WOLFSSL_MSG("Client handshake traffic keys aren't created by TSIP"); ret = CRYPTOCB_UNAVAILABLE; } @@ -97,8 +97,8 @@ WOLFSSL_LOCAL int tsip_Tls13GetHmacMessages(struct WOLFSSL* ssl, byte* mac) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - err = R_TSIP_Sha256HmacGenerateInit(&(_ACCESSOR(tuc)->hmacFinished13Handle), - &(_ACCESSOR(tuc)->clientFinished13Idx)); + err = R_TSIP_Sha256HmacGenerateInit(&(tuc->internal->hmacFinished13Handle), + &(tuc->internal->clientFinished13Idx)); if (err != TSIP_SUCCESS) { WOLFSSL_MSG("R_TSIP_Sha256HmacGenerateInit failed"); @@ -108,7 +108,7 @@ WOLFSSL_LOCAL int tsip_Tls13GetHmacMessages(struct WOLFSSL* ssl, byte* mac) if (ret == 0) { err = R_TSIP_Sha256HmacGenerateUpdate( - &(_ACCESSOR(tuc)->hmacFinished13Handle), + &(tuc->internal->hmacFinished13Handle), (uint8_t*)hash, WC_SHA256_DIGEST_SIZE); @@ -120,7 +120,7 @@ WOLFSSL_LOCAL int tsip_Tls13GetHmacMessages(struct WOLFSSL* ssl, byte* mac) if (ret == 0) { err = R_TSIP_Sha256HmacGenerateFinal( - &(_ACCESSOR(tuc)->hmacFinished13Handle), mac); + &(tuc->internal->hmacFinished13Handle), mac); if (err != TSIP_SUCCESS) { WOLFSSL_MSG("R_TSIP_Sha256HmacGenerateFinal failed"); ret = WC_HW_E; @@ -185,7 +185,7 @@ WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data, /* check if TSIP is used for this session */ if (ret == 0) { - if (!_ACCESSOR(tuc)->Dhe_key_set) { + if (!tuc->internal->Dhe_key_set) { WOLFSSL_MSG("DH key not set."); ret = CRYPTOCB_UNAVAILABLE; } @@ -195,7 +195,7 @@ WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data, if (ret == 0) { c24to32(&data[1], &messageSz); - bag = &(_ACCESSOR(tuc)->messageBag); + bag = &(tuc->internal->messageBag); if (bag->msgIdx +1 > MAX_MSGBAG_MESSAGES || bag->buffIdx + sz > MSGBAG_SIZE) { @@ -246,7 +246,7 @@ WOLFSSL_LOCAL int tsip_GetMessageSha256(struct WOLFSSL* ssl, byte* hash, if (tuc == NULL) { ret = CRYPTOCB_UNAVAILABLE; } - bag = &(_ACCESSOR(tuc)->messageBag); + bag = &(tuc->internal->messageBag); } if (ret == 0) { diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c index d9dcbfc8a..02db9a5a5 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c @@ -138,7 +138,7 @@ WOLFSSL_API int tsip_use_PublicKey_buffer_TLS(WOLFSSL* ssl, if (ret == 0){ tuc = ssl->RenesasUserCtx; - _ACCESSOR(tuc)->wrappedPublicKey = (uint8_t*)keyBuf; + tuc->internal->wrappedPublicKey = (uint8_t*)keyBuf; tuc->wrappedKeyType = keyType; } @@ -168,12 +168,13 @@ WOLFSSL_API int tsip_use_PrivateKey_buffer_TLS(struct WOLFSSL* ssl, if (ret == 0){ tuc = ssl->RenesasUserCtx; - _ACCESSOR(tuc)->wrappedPrivateKey = (uint8_t*)keyBuf; + tuc->internal->wrappedPrivateKey = (uint8_t*)keyBuf; tuc->wrappedKeyType = keyType; /* store keyType as Id since Id capacity is 32 bytes */ ret = wolfSSL_use_PrivateKey_Id(ssl, - (const unsigned char*)keyBuf, 32, _ACCESSOR(tuc)->devId); + (const unsigned char*)keyBuf, 32, + tuc->internal->devId); if (ret == WOLFSSL_SUCCESS) { ret = 0; } @@ -206,7 +207,7 @@ WOLFSSL_API int tsip_use_PublicKey_buffer_crypt(TsipUserCtx *uc, } if (ret == 0){ - _ACCESSOR(uc)->wrappedPublicKey = (uint8_t*)keyBuf; + uc->internal->wrappedPublicKey = (uint8_t*)keyBuf; uc->wrappedKeyType = keyType; } @@ -232,7 +233,7 @@ WOLFSSL_API int tsip_use_PrivateKey_buffer_crypt(TsipUserCtx *uc, ret = BAD_FUNC_ARG; } if (ret == 0){ - _ACCESSOR(uc)->wrappedPrivateKey = (uint8_t*)keyBuf; + uc->internal->wrappedPrivateKey = (uint8_t*)keyBuf; uc->wrappedKeyType = keyType; } @@ -283,7 +284,7 @@ static void tsipFlushMessages(struct WOLFSSL* ssl) return; } - bag = &(_ACCESSOR(tuc)->messageBag); + bag = &(tuc->internal->messageBag); ForceZero(bag, sizeof(MsgBag)); @@ -403,19 +404,19 @@ int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - _ACCESSOR(tuc)->Dhe_key_set =0; + tuc->internal->Dhe_key_set =0; err = R_TSIP_GenerateTls13P256EccKeyIndex( - &(_ACCESSOR(tuc)->handle13), + &(tuc->internal->handle13), TSIP_TLS13_MODE_FULL_HANDSHAKE, - &(_ACCESSOR(tuc)->EcdhPrivKey13Idx), /* private key index */ + &(tuc->internal->EcdhPrivKey13Idx), /* private key index */ &(kse->pubKey[1])); /* generated public key */ if (err != TSIP_SUCCESS){ret = WC_HW_E;} if (ret == 0) { WOLFSSL_MSG("ECDH private key-index is stored by TSIP"); - _ACCESSOR(tuc)->Dhe_key_set =1; + tuc->internal->Dhe_key_set =1; } tsip_hw_unlock(); @@ -485,7 +486,7 @@ int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl, } if (ret == 0) { - if (!_ACCESSOR(tuc)->Dhe_key_set) { + if (!tuc->internal->Dhe_key_set) { WOLFSSL_MSG("TSIP wasn't involved in the key-exchange."); ret = CRYPTOCB_UNAVAILABLE; } @@ -494,15 +495,15 @@ int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl, if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - _ACCESSOR(tuc)->SharedSecret_set = 0; + tuc->internal->SharedSecret_set = 0; pubkeyraw = kse->ke + 1; /* peer's raw public key data */ /* derive shared secret */ err = R_TSIP_Tls13GenerateEcdheSharedSecret( TSIP_TLS13_MODE_FULL_HANDSHAKE, pubkeyraw, /* peer's ECDHE public key */ - &(_ACCESSOR(tuc)->EcdhPrivKey13Idx), /*(out) own ECDHE priv key */ - &(_ACCESSOR(tuc)->sharedSecret13Idx)); /*(out) PreMasterSecret */ + &(tuc->internal->EcdhPrivKey13Idx),/*(out) own ECDHE priv key */ + &(tuc->internal->sharedSecret13Idx)); /*(out) PreMasterSecret */ if (err != TSIP_SUCCESS) { WOLFSSL_MSG("R_TSIP_Tls13GenerateEcdheSharedSecret error"); @@ -510,7 +511,7 @@ int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl, } if (ret == 0) { /* set flag for later tsip operations */ - _ACCESSOR(tuc)->SharedSecret_set = 1; + tuc->internal->SharedSecret_set = 1; } tsip_hw_unlock(); @@ -541,7 +542,7 @@ int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl) ret = CRYPTOCB_UNAVAILABLE; } else { - _ACCESSOR(tuc)->EarlySecret_set = 1; + tuc->internal->EarlySecret_set = 1; } } @@ -590,7 +591,7 @@ int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl) if (ret == 0) { /* check if pre-master secret is generated by tsip */ - if (!_ACCESSOR(tuc)->SharedSecret_set) { + if (!tuc->internal->SharedSecret_set) { WOLFSSL_MSG("TSIP wasn't involved in the key-exchange."); ret = CRYPTOCB_UNAVAILABLE; } @@ -599,18 +600,18 @@ int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - _ACCESSOR(tuc)->HandshakeSecret_set = 0; + tuc->internal->HandshakeSecret_set = 0; err = R_TSIP_Tls13GenerateHandshakeSecret( - &(_ACCESSOR(tuc)->sharedSecret13Idx), - &(_ACCESSOR(tuc)->handshakeSecret13Idx)); + &(tuc->internal->sharedSecret13Idx), + &(tuc->internal->handshakeSecret13Idx)); if (err != TSIP_SUCCESS) { WOLFSSL_MSG("R_TSIP_Tls13GenerateHandshakeSecret error"); ret = WC_HW_E; } if (ret == 0) { - _ACCESSOR(tuc)->HandshakeSecret_set = 1; + tuc->internal->HandshakeSecret_set = 1; } tsip_hw_unlock(); } @@ -657,7 +658,7 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl) if (ret == 0) { /* make sure client handshake secret is generated by tsip */ - if (!_ACCESSOR(tuc)->HandshakeSecret_set) { + if (!tuc->internal->HandshakeSecret_set) { WOLFSSL_MSG("TSIP wasn't involved in the key-exchange."); ret = CRYPTOCB_UNAVAILABLE; } @@ -671,15 +672,15 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - _ACCESSOR(tuc)->HandshakeClientTrafficKey_set = 0; + tuc->internal->HandshakeClientTrafficKey_set = 0; err = R_TSIP_Tls13GenerateClientHandshakeTrafficKey( - &(_ACCESSOR(tuc)->handle13), + &(tuc->internal->handle13), TSIP_TLS13_MODE_FULL_HANDSHAKE, - &(_ACCESSOR(tuc)->handshakeSecret13Idx), + &(tuc->internal->handshakeSecret13Idx), hash, - &(_ACCESSOR(tuc)->clientWriteKey13Idx), - &(_ACCESSOR(tuc)->clientFinished13Idx)); + &(tuc->internal->clientWriteKey13Idx), + &(tuc->internal->clientFinished13Idx)); if (err != TSIP_SUCCESS) { WOLFSSL_MSG( @@ -689,7 +690,7 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl) /* key derivation succeeded */ if (ret == 0) { - _ACCESSOR(tuc)->HandshakeClientTrafficKey_set = 1; + tuc->internal->HandshakeClientTrafficKey_set = 1; } tsip_hw_unlock(); @@ -737,7 +738,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl) if (ret == 0) { /* make sure client handshake secret is generated by tsip */ - if (!_ACCESSOR(tuc)->HandshakeSecret_set) { + if (!tuc->internal->HandshakeSecret_set) { WOLFSSL_MSG("TSIP wasn't involved in the key-exchange."); ret = CRYPTOCB_UNAVAILABLE; } @@ -751,15 +752,15 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - _ACCESSOR(tuc)->HandshakeServerTrafficKey_set = 0; + tuc->internal->HandshakeServerTrafficKey_set = 0; err = R_TSIP_Tls13GenerateServerHandshakeTrafficKey( - &(_ACCESSOR(tuc)->handle13), + &(tuc->internal->handle13), TSIP_TLS13_MODE_FULL_HANDSHAKE, - &(_ACCESSOR(tuc)->handshakeSecret13Idx), + &(tuc->internal->handshakeSecret13Idx), hash, - &(_ACCESSOR(tuc)->serverWriteKey13Idx), - &(_ACCESSOR(tuc)->serverFinished13Idx)); + &(tuc->internal->serverWriteKey13Idx), + &(tuc->internal->serverFinished13Idx)); if (err != TSIP_SUCCESS) { WOLFSSL_MSG( @@ -769,7 +770,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl) /* key derivation succeeded */ if (ret == 0) { - _ACCESSOR(tuc)->HandshakeServerTrafficKey_set = 1; + tuc->internal->HandshakeServerTrafficKey_set = 1; } tsip_hw_unlock(); @@ -817,7 +818,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl) if (ret == 0) { /* make sure master secret is generated by tsip */ - if (!_ACCESSOR(tuc)->MasterSecret_set) { + if (!tuc->internal->MasterSecret_set) { WOLFSSL_MSG("TSIP wasn't involved in the key-exchange."); ret = CRYPTOCB_UNAVAILABLE; } @@ -831,20 +832,20 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - _ACCESSOR(tuc)->ServerTrafficSecret_set = 0; - _ACCESSOR(tuc)->ClientTrafficSecret_set = 0; - _ACCESSOR(tuc)->ServerWriteTrafficKey_set = 0; - _ACCESSOR(tuc)->ClientWriteTrafficKey_set = 0; + tuc->internal->ServerTrafficSecret_set = 0; + tuc->internal->ClientTrafficSecret_set = 0; + tuc->internal->ServerWriteTrafficKey_set = 0; + tuc->internal->ClientWriteTrafficKey_set = 0; err = R_TSIP_Tls13GenerateApplicationTrafficKey( - &(_ACCESSOR(tuc)->handle13), + &(tuc->internal->handle13), TSIP_TLS13_MODE_FULL_HANDSHAKE, - &(_ACCESSOR(tuc)->masterSecret13Idx), + &(tuc->internal->masterSecret13Idx), (uint8_t*)hash, - &(_ACCESSOR(tuc)->serverAppTraffic13Secret), - &(_ACCESSOR(tuc)->clientAppTraffic13Secret), - &(_ACCESSOR(tuc)->serverAppWriteKey13Idx), - &(_ACCESSOR(tuc)->clientAppWriteKey13Idx)); + &(tuc->internal->serverAppTraffic13Secret), + &(tuc->internal->clientAppTraffic13Secret), + &(tuc->internal->serverAppWriteKey13Idx), + &(tuc->internal->clientAppWriteKey13Idx)); if (err != TSIP_SUCCESS) { WOLFSSL_MSG( @@ -854,10 +855,10 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl) /* key derivation succeeded */ if (ret == 0) { - _ACCESSOR(tuc)->ServerTrafficSecret_set = 1; - _ACCESSOR(tuc)->ClientTrafficSecret_set = 1; - _ACCESSOR(tuc)->ServerWriteTrafficKey_set = 1; - _ACCESSOR(tuc)->ClientWriteTrafficKey_set = 1; + tuc->internal->ServerTrafficSecret_set = 1; + tuc->internal->ClientTrafficSecret_set = 1; + tuc->internal->ServerWriteTrafficKey_set = 1; + tuc->internal->ClientWriteTrafficKey_set = 1; } tsip_hw_unlock(); @@ -904,7 +905,7 @@ static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl) if (ret == 0) { /* make sure application secret is generated by tsip */ - if (!_ACCESSOR(tuc)->ClientTrafficSecret_set) { + if (!tuc->internal->ClientTrafficSecret_set) { WOLFSSL_MSG("TSIP wasn't involved in the key-exchange."); ret = CRYPTOCB_UNAVAILABLE; } @@ -912,21 +913,21 @@ static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - _ACCESSOR(tuc)->ClientWriteTrafficKey_set = 0; + tuc->internal->ClientWriteTrafficKey_set = 0; err = R_TSIP_Tls13UpdateApplicationTrafficKey( - &(_ACCESSOR(tuc)->handle13), + &(tuc->internal->handle13), TSIP_TLS13_MODE_FULL_HANDSHAKE, TSIP_TLS13_UPDATE_CLIENT_KEY, - &(_ACCESSOR(tuc)->clientAppTraffic13Secret), - &(_ACCESSOR(tuc)->clientAppTraffic13Secret), - &(_ACCESSOR(tuc)->clientAppWriteKey13Idx)); + &(tuc->internal->clientAppTraffic13Secret), + &(tuc->internal->clientAppTraffic13Secret), + &(tuc->internal->clientAppWriteKey13Idx)); if (err != TSIP_SUCCESS) { WOLFSSL_MSG("R_TSIP_Tls13UpdateApplicationTrafficKey error"); ret = WC_HW_E; } else { - _ACCESSOR(tuc)->ClientWriteTrafficKey_set = 1; + tuc->internal->ClientWriteTrafficKey_set = 1; } tsip_hw_unlock(); } @@ -972,7 +973,7 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl) if (ret == 0) { /* make sure application secret is generated by tsip */ - if (!_ACCESSOR(tuc)->ServerTrafficSecret_set) { + if (!tuc->internal->ServerTrafficSecret_set) { WOLFSSL_MSG("TSIP wasn't involved in the key-exchange."); ret = CRYPTOCB_UNAVAILABLE; } @@ -980,21 +981,21 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - _ACCESSOR(tuc)->ServerWriteTrafficKey_set = 0; + tuc->internal->ServerWriteTrafficKey_set = 0; err = R_TSIP_Tls13UpdateApplicationTrafficKey( - &(_ACCESSOR(tuc)->handle13), + &(tuc->internal->handle13), TSIP_TLS13_MODE_FULL_HANDSHAKE, TSIP_TLS13_UPDATE_SERVER_KEY, - &(_ACCESSOR(tuc)->serverAppTraffic13Secret), - &(_ACCESSOR(tuc)->serverAppTraffic13Secret), - &(_ACCESSOR(tuc)->serverAppWriteKey13Idx)); + &(tuc->internal->serverAppTraffic13Secret), + &(tuc->internal->serverAppTraffic13Secret), + &(tuc->internal->serverAppWriteKey13Idx)); if (err != TSIP_SUCCESS) { WOLFSSL_MSG("R_TSIP_Tls13UpdateApplicationTrafficKey error"); ret = WC_HW_E; } else { - _ACCESSOR(tuc)->ServerWriteTrafficKey_set = 1; + tuc->internal->ServerWriteTrafficKey_set = 1; } tsip_hw_unlock(); } @@ -1133,8 +1134,8 @@ int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl) } if (ret == 0) { /* make sure handshake secret and verify data has been set by TSIP */ - if (!_ACCESSOR(tuc)->HandshakeSecret_set || - !_ACCESSOR(tuc)->HandshakeVerifiedData_set) { + if (!tuc->internal->HandshakeSecret_set || + !tuc->internal->HandshakeVerifiedData_set) { WOLFSSL_MSG("TSIP wasn't involved in the key-exchange."); ret = CRYPTOCB_UNAVAILABLE; } @@ -1142,14 +1143,14 @@ int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl) if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - _ACCESSOR(tuc)->MasterSecret_set = 0; + tuc->internal->MasterSecret_set = 0; err = R_TSIP_Tls13GenerateMasterSecret( - &(_ACCESSOR(tuc)->handle13), + &(tuc->internal->handle13), TSIP_TLS13_MODE_FULL_HANDSHAKE, - &(_ACCESSOR(tuc)->handshakeSecret13Idx), - (uint32_t*)_ACCESSOR(tuc)->verifyData13Idx, - &(_ACCESSOR(tuc)->masterSecret13Idx)); + &(tuc->internal->handshakeSecret13Idx), + (uint32_t*)tuc->internal->verifyData13Idx, + &(tuc->internal->masterSecret13Idx)); if (err != TSIP_SUCCESS) { WOLFSSL_MSG( @@ -1158,7 +1159,7 @@ int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl) } if (ret == 0) { - _ACCESSOR(tuc)->MasterSecret_set = 1; + tuc->internal->MasterSecret_set = 1; } tsip_hw_unlock(); @@ -1212,7 +1213,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl, if (ret == 0) { /* make sure handshake secret is generated by tsip */ - if (!_ACCESSOR(tuc)->HandshakeServerTrafficKey_set) { + if (!tuc->internal->HandshakeServerTrafficKey_set) { WOLFSSL_MSG("TSIP wasn't involved in the key-exchange."); ret = CRYPTOCB_UNAVAILABLE; } @@ -1225,14 +1226,14 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl, if (ret == 0) { if ((ret = tsip_hw_lock()) == 0) { - _ACCESSOR(tuc)->HandshakeVerifiedData_set = 0; + tuc->internal->HandshakeVerifiedData_set = 0; err = R_TSIP_Tls13ServerHandshakeVerification( TSIP_TLS13_MODE_FULL_HANDSHAKE, - &(_ACCESSOR(tuc)->serverFinished13Idx), + &(tuc->internal->serverFinished13Idx), (uint8_t*)msgHash, (uint8_t*)hash, - (uint32_t*)(_ACCESSOR(tuc)->verifyData13Idx)); + (uint32_t*)(tuc->internal->verifyData13Idx)); if (err == TSIP_ERR_VERIFICATION_FAIL) { WOLFSSL_MSG("Handshake verification error"); @@ -1244,7 +1245,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl, } if (ret == 0) { WOLFSSL_MSG("Verified handshake"); - _ACCESSOR(tuc)->HandshakeVerifiedData_set = 1; + tuc->internal->HandshakeVerifiedData_set = 1; } tsip_hw_unlock(); @@ -1547,10 +1548,10 @@ int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, if (ret == 0) { /* create sign data */ - sigData = _ACCESSOR(tuc)->sigDataCertVerify; + sigData = tuc->internal->sigDataCertVerify; idx = 0; - ForceZero(sigData, sizeof(_ACCESSOR(tuc)->sigDataCertVerify)); + ForceZero(sigData, sizeof(tuc->internal->sigDataCertVerify)); XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE, TSIP_SIGNING_DATA_PREFIX_SZ); @@ -1688,12 +1689,12 @@ int tsip_Tls13SendCertVerify(WOLFSSL* ssl) if (ret == 0) { if (isRsa) { - if (!_ACCESSOR(tuc)->ClientRsa2048PrivKey_set) { + if (!tuc->internal->ClientRsa2048PrivKey_set) { ret = NO_PRIVATE_KEY; } } else { - if (!_ACCESSOR(tuc)->ClientEccPrivKey_set) { + if (!tuc->internal->ClientEccPrivKey_set) { ret = NO_PRIVATE_KEY; } } @@ -1726,7 +1727,7 @@ int tsip_Tls13SendCertVerify(WOLFSSL* ssl) if ((ret = tsip_hw_lock()) == 0) { if (isRsa) { err = R_TSIP_Tls13CertificateVerifyGenerate( - (uint32_t*)&(_ACCESSOR(tuc)->Rsa2048PrivateKeyIdx), + (uint32_t*)&(tuc->internal->Rsa2048PrivateKeyIdx), TSIP_TLS13_SIGNATURE_SCHEME_RSA_PSS_RSAE_SHA256, hash, message + HANDSHAKE_HEADER_SZ, @@ -1734,7 +1735,7 @@ int tsip_Tls13SendCertVerify(WOLFSSL* ssl) } else { err = R_TSIP_Tls13CertificateVerifyGenerate( - (uint32_t*)&(_ACCESSOR(tuc)->EcdsaPrivateKeyIdx), + (uint32_t*)&(tuc->internal->EcdsaPrivateKeyIdx), TSIP_TLS13_SIGNATURE_SCHEME_ECDSA_SECP256R1_SHA256, hash, message + HANDSHAKE_HEADER_SZ, @@ -1764,7 +1765,7 @@ int tsip_Tls13SendCertVerify(WOLFSSL* ssl) if (ret == 0) { if (isRsa) { - if (!_ACCESSOR(tuc)->ClientRsa2048PubKey_set) { + if (!tuc->internal->ClientRsa2048PubKey_set) { ret = NO_PRIVATE_KEY; } } @@ -1778,10 +1779,10 @@ int tsip_Tls13SendCertVerify(WOLFSSL* ssl) } if (ret == 0) { - sigData = _ACCESSOR(tuc)->sigDataCertVerify; + sigData = tuc->internal->sigDataCertVerify; idx = 0; - ForceZero(sigData, sizeof(_ACCESSOR(tuc)->sigDataCertVerify)); + ForceZero(sigData, sizeof(tuc->internal->sigDataCertVerify)); XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE, TSIP_SIGNING_DATA_PREFIX_SZ); @@ -1824,7 +1825,7 @@ int tsip_Tls13SendCertVerify(WOLFSSL* ssl) err = R_TSIP_RsassaPss2048SignatureVerification( &rsa_sig, &rsa_hash, - &(_ACCESSOR(tuc))->Rsa2048PublicKeyIdx, + &(tuc->internal)->Rsa2048PublicKeyIdx, R_TSIP_RSA_HASH_SHA256); WOLFSSL_MSG("Perform self-verify for rsa signature"); } @@ -2011,7 +2012,7 @@ static int tsip_ServerKeyExVerify( (uint8_t*) peerkey, (uint8_t*) sig, (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex, - (uint32_t*)_ACCESSOR(userCtx)->encrypted_ephemeral_ecdh_public_key); + (uint32_t*)userCtx->internal->encrypted_ephemeral_ecdh_public_key); if (ret !=TSIP_SUCCESS) { WOLFSSL_MSG("R_TSIP_TlsServersEphemeralEcdhPublicKeyRetrieves failed"); @@ -2168,21 +2169,21 @@ int wc_tsip_EccSharedSecret( if ((ret = tsip_hw_lock()) == 0) { /* Generate ECC public key for key exchange */ ret = R_TSIP_GenerateTlsP256EccKeyIndex( - &(_ACCESSOR(usrCtx))->ecc_p256_wrapped_key, - (uint8_t*)&(_ACCESSOR(usrCtx))->ecc_ecdh_public_key); + &(usrCtx->internal->ecc_p256_wrapped_key), + (uint8_t*)&(usrCtx->internal->ecc_ecdh_public_key)); if (ret == TSIP_SUCCESS) { /* copy generated ecdh public key into buffer */ pubKeyDer[0] = ECC_POINT_UNCOMP; - *pubKeySz = 1 + sizeof((_ACCESSOR(usrCtx))->ecc_ecdh_public_key); - XMEMCPY(&pubKeyDer[1], &(_ACCESSOR(usrCtx))->ecc_ecdh_public_key, - sizeof(_ACCESSOR(usrCtx)->ecc_ecdh_public_key)); + *pubKeySz = 1 + sizeof(usrCtx->internal->ecc_ecdh_public_key); + XMEMCPY(&pubKeyDer[1], &(usrCtx->internal->ecc_ecdh_public_key), + sizeof(usrCtx->internal->ecc_ecdh_public_key)); /* Generate Premaster Secret */ ret = R_TSIP_TlsGeneratePreMasterSecretWithEccP256Key( - (uint32_t*)&(_ACCESSOR(usrCtx))->encrypted_ephemeral_ecdh_public_key, - &(_ACCESSOR(usrCtx))->ecc_p256_wrapped_key, + (uint32_t*)&(usrCtx->internal->encrypted_ephemeral_ecdh_public_key), + &(usrCtx->internal->ecc_p256_wrapped_key), (uint32_t*)out/* pre-master secret 64 bytes */); } if (ret == TSIP_SUCCESS) { @@ -2261,10 +2262,10 @@ WOLFSSL_API int tsip_set_callback_ctx(WOLFSSL* ssl, void* user_ctx) ForceZero(uCtx->internal, sizeof(TsipUserCtx_Internal)); - _ACCESSOR(uCtx)->ssl = ssl; - _ACCESSOR(uCtx)->ctx = ssl->ctx; - _ACCESSOR(uCtx)->heap = ssl->heap; - _ACCESSOR(uCtx)->side = ssl->ctx->method->side; + uCtx->internal->ssl = ssl; + uCtx->internal->ctx = ssl->ctx; + uCtx->internal->heap = ssl->heap; + uCtx->internal->side = ssl->ctx->method->side; ssl->RenesasUserCtx = user_ctx; /* ssl doesn't own user_ctx */ @@ -2331,7 +2332,7 @@ int tsip_ImportPrivateKey(TsipUserCtx* tuc, int keyType) if (tuc == NULL) return BAD_FUNC_ARG; - encPrivKey = _ACCESSOR(tuc)->wrappedPrivateKey; + encPrivKey = tuc->internal->wrappedPrivateKey; if (encPrivKey == NULL || provisioning_key == NULL || iv == NULL) { WOLFSSL_MSG("Missing some key materials used for import" ); @@ -2351,12 +2352,12 @@ int tsip_ImportPrivateKey(TsipUserCtx* tuc, int keyType) #if !defined(NO_RSA) case TSIP_KEY_TYPE_RSA2048: - _ACCESSOR(tuc)->ClientRsa2048PrivKey_set = 0; + tuc->internal->ClientRsa2048PrivKey_set = 0; err = R_TSIP_GenerateRsa2048PrivateKeyIndex( provisioning_key, iv, (uint8_t*)encPrivKey, - &(_ACCESSOR(tuc)->Rsa2048PrivateKeyIdx)); + &(tuc->internal->Rsa2048PrivateKeyIdx)); if (err == TSIP_SUCCESS) { - _ACCESSOR(tuc)->ClientRsa2048PrivKey_set = 1; + tuc->internal->ClientRsa2048PrivKey_set = 1; } else { ret = WC_HW_E; @@ -2372,12 +2373,12 @@ int tsip_ImportPrivateKey(TsipUserCtx* tuc, int keyType) #if defined(HAVE_ECC) case TSIP_KEY_TYPE_ECDSAP256: - _ACCESSOR(tuc)->ClientEccPrivKey_set = 0; + tuc->internal->ClientEccPrivKey_set = 0; err = R_TSIP_GenerateEccP256PrivateKeyIndex( provisioning_key, iv, (uint8_t*)encPrivKey, - &(_ACCESSOR(tuc)->EcdsaPrivateKeyIdx)); + &(tuc->internal->EcdsaPrivateKeyIdx)); if (err == TSIP_SUCCESS) { - _ACCESSOR(tuc)->ClientEccPrivKey_set = 1; + tuc->internal->ClientEccPrivKey_set = 1; } else { ret = WC_HW_E; @@ -2446,7 +2447,7 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType) (defined(TSIP_RSASSA_2048) && TSIP_RSASSA_2048 == 1)) case TSIP_KEY_TYPE_RSA2048: #if defined(WOLFSSL_RENESAS_TSIP_TLS) - _ACCESSOR(tuc)->ClientRsa2048PubKey_set = 0; + tuc->internal->ClientRsa2048PubKey_set = 0; #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) XFREE(tuc->rsa2048pub_keyIdx, NULL, DYNAMIC_TYPE_RSA_BUFFER); tuc->keyflgs_crypt.bits.rsapub2048_key_set = 0; @@ -2461,14 +2462,14 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType) err = R_TSIP_GenerateRsa2048PublicKeyIndex( provisioning_key, iv, (uint8_t*)encPubKey, #if defined(WOLFSSL_RENESAS_TSIP_TLS) - &(_ACCESSOR(tuc)->Rsa2048PublicKeyIdx) + &(tuc->internal->Rsa2048PublicKeyIdx) #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) tuc->rsa2048pub_keyIdx #endif ); if (err == TSIP_SUCCESS) { #if defined(WOLFSSL_RENESAS_TSIP_TLS) - _ACCESSOR(tuc)->ClientRsa2048PubKey_set = 1; + tuc->internal->ClientRsa2048PubKey_set = 1; #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) tuc->keyflgs_crypt.bits.rsapub2048_key_set = 1; #endif @@ -2488,7 +2489,7 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType) case TSIP_KEY_TYPE_ECDSAP256: case TSIP_KEY_TYPE_ECDSAP384: #if defined(WOLFSSL_RENESAS_TSIP_TLS) - _ACCESSOR(tuc)->ClientEccPubKey_set = 0; + tuc->internal->ClientEccPubKey_set = 0; #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) tuc->keyflgs_crypt.bits.eccpub_key_set = 0; #endif @@ -2497,7 +2498,7 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType) err = R_TSIP_GenerateEccP256PublicKeyIndex( provisioning_key, iv, (uint8_t*)encPubKey, #if defined(WOLFSSL_RENESAS_TSIP_TLS) - &(_ACCESSOR(tuc)->EcdsaPublicKeyIdx) + &(tuc->internal->EcdsaPublicKeyIdx) #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) &tuc->eccpub_keyIdx #endif @@ -2511,7 +2512,7 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType) err = R_TSIP_GenerateEccP384PublicKeyIndex( provisioning_key, iv, (uint8_t*)encPubKey, #if defined(WOLFSSL_RENESAS_TSIP_TLS) - &(_ACCESSOR(tuc)->EcdsaPublicKeyIdx) + &(tuc->internal->EcdsaPublicKeyIdx) #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) &tuc->eccpub_keyIdx #endif @@ -2522,7 +2523,7 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType) } if (err == TSIP_SUCCESS) { #if defined(WOLFSSL_RENESAS_TSIP_TLS) - _ACCESSOR(tuc)->ClientEccPubKey_set = 1; + tuc->internal->ClientEccPubKey_set = 1; #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) tuc->keyflgs_crypt.bits.eccpub_key_set = 1; #endif @@ -3268,9 +3269,9 @@ int wc_tsip_generateSessionKey( /* ready-for-use flag will be set when SetKeySide() is called */ } - if (_ACCESSOR(ctx)->tsip_cipher == + if (ctx->internal->tsip_cipher == R_TSIP_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 || - _ACCESSOR(ctx)->tsip_cipher == + ctx->internal->tsip_cipher == R_TSIP_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) { enc->aes->nonceSz = AEAD_MAX_IMP_SZ; dec->aes->nonceSz = AEAD_MAX_IMP_SZ; @@ -3279,7 +3280,7 @@ int wc_tsip_generateSessionKey( enc->aes->devId = devId; dec->aes->devId = devId; - _ACCESSOR(ctx)->session_key_set = 1; + ctx->internal->session_key_set = 1; } /* unlock hw */ tsip_hw_unlock(); @@ -3382,13 +3383,13 @@ int wc_tsip_storeKeyCtx(WOLFSSL* ssl, TsipUserCtx* userCtx) ret = BAD_FUNC_ARG; if (ret == 0) { - XMEMCPY(_ACCESSOR(userCtx)->tsip_masterSecret, + XMEMCPY(userCtx->internal->tsip_masterSecret, ssl->arrays->tsip_masterSecret, TSIP_TLS_MASTERSECRET_SIZE); - XMEMCPY(_ACCESSOR(userCtx)->tsip_clientRandom, + XMEMCPY(userCtx->internal->tsip_clientRandom, ssl->arrays->clientRandom, TSIP_TLS_CLIENTRANDOM_SZ); - XMEMCPY(_ACCESSOR(userCtx)->tsip_serverRandom, + XMEMCPY(userCtx->internal->tsip_serverRandom, ssl->arrays->serverRandom, TSIP_TLS_SERVERRANDOM_SZ); - _ACCESSOR(userCtx)->tsip_cipher = GetTsipCipherSuite(ssl->options.cipherSuite0, + userCtx->internal->tsip_cipher = GetTsipCipherSuite(ssl->options.cipherSuite0, ssl->options.cipherSuite); } @@ -3686,7 +3687,7 @@ int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) if (info == NULL || tuc == NULL #ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY - || _ACCESSOR(tuc)->ssl == NULL + || tuc->internal->ssl == NULL #endif ) { ret = BAD_FUNC_ARG; @@ -3694,7 +3695,7 @@ int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) #ifdef WOLFSSL_RENESAS_TSIP_TLS if (ret == 0) { - ssl = _ACCESSOR(tuc)->ssl; + ssl = tuc->internal->ssl; if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { @@ -3791,7 +3792,7 @@ int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc) err = R_TSIP_RsassaPkcs2048SignatureGenerate( &hashData, &sigData, #ifdef WOLFSSL_RENESAS_TSIP_TLS - &(_ACCESSOR(tuc))->Rsa2048PrivateKeyIdx, + &(tuc->internal->Rsa2048PrivateKeyIdx), #else (tsip_rsa2048_private_key_index_t*) tuc->rsa2048pri_keyIdx, @@ -3892,7 +3893,7 @@ int tsip_VerifyRsaPkcsCb( case TSIP_KEY_TYPE_RSA2048: err = R_TSIP_RsassaPkcs2048SignatureVerification( &sigData, &hashData, - &(_ACCESSOR(tuc))->Rsa2048PublicKeyIdx, + &(tuc->internal->Rsa2048PublicKeyIdx), tsip_hash_type); if (err == TSIP_ERR_AUTHENTICATION) { @@ -3964,7 +3965,7 @@ int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc) } if (ret == 0) { - ssl = _ACCESSOR(tuc)->ssl; + ssl = tuc->internal->ssl; if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor == TLSv1_3_MINOR) { @@ -3999,7 +4000,7 @@ int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc) offsetForWork; err = R_TSIP_EcdsaP256SignatureGenerate( &hashData, &sigData, - &(_ACCESSOR(tuc))->EcdsaPrivateKeyIdx); + &(tuc->internal->EcdsaPrivateKeyIdx)); if (err != TSIP_SUCCESS) { ret = WC_HW_E; break; diff --git a/wolfssl/wolfcrypt/include.am b/wolfssl/wolfcrypt/include.am index bf798d366..a19af7426 100644 --- a/wolfssl/wolfcrypt/include.am +++ b/wolfssl/wolfcrypt/include.am @@ -120,6 +120,7 @@ noinst_HEADERS+= \ wolfssl/wolfcrypt/port/Renesas/renesas_sync.h \ wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h \ wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h \ + wolfssl/wolfcrypt/port/Renesas/renesas_tsip_internal.h \ wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h \ wolfssl/wolfcrypt/port/maxim/max3266x.h \ wolfssl/wolfcrypt/port/maxim/max3266x-cryptocb.h \ diff --git a/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_internal.h b/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_internal.h index a4f37957c..1459cd8ea 100644 --- a/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_internal.h +++ b/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_internal.h @@ -23,8 +23,6 @@ #include "renesas-tsip-crypt.h" -#define _ACCESSOR(p) (p->internal) - struct TsipUserCtx_Internal { /* unique number for each session */