From f4e258d1963a26fbee847fd0a270b1e03e5e9add Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 4 May 2022 16:12:59 +0200 Subject: [PATCH] Generic changes * fix compilation warning * adjust SHA3-384 test error-codes The way the codes were constructed before, they were not unique. * unify code Instead of having `ifdef`'s in the code, define our own wrapper around the keysource as required. * add CMake option for help-text in wolfCrypt tests * expose test `main()` as `wolfcrypt_test_main()` * Don't overwrite previously set errors * add FreeRTOS support for Xilinx demo * move `fp_reverse` from `tfm.c` to `wolfmath.c` and rename to `mp_reverse`. Signed-off-by: Steffen Jaeckel --- CMakeLists.txt | 10 +++++++++ IDE/XilinxSDK/user_settings.h | 2 ++ IDE/XilinxSDK/wolfssl_example.c | 40 ++++++++++++++++++++++++++++++++- wolfcrypt/src/aes.c | 6 ++--- wolfcrypt/src/signature.c | 6 +++-- wolfcrypt/src/tfm.c | 23 +++---------------- wolfcrypt/src/wolfmath.c | 20 +++++++++++++++++ wolfcrypt/test/test.c | 17 +++++++++----- wolfcrypt/test/test.h | 3 +++ wolfssl/wolfcrypt/aes.h | 9 +++++++- wolfssl/wolfcrypt/tfm.h | 1 - wolfssl/wolfcrypt/wc_port.h | 1 + wolfssl/wolfcrypt/wolfmath.h | 1 + 13 files changed, 105 insertions(+), 34 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 91605ca6e..a580b7e64 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1563,6 +1563,10 @@ add_option("WOLFSSL_CRYPT_TESTS_LIBS" "Build static libraries from the wolfCrypt test and benchmark sources (default: disabled)" "no" "yes;no") +add_option("WOLFSSL_CRYPT_TESTS_HELP" + "Add help text to wolfCrypt test (default: disabled)" + "no" "yes;no") + # TODO: - LIBZ # - PKCS#11 # - Cavium @@ -1983,6 +1987,9 @@ if(WOLFSSL_CRYPT_TESTS) set_target_properties(wolfcrypttest_lib PROPERTIES OUTPUT_NAME "wolfcrypttest") target_link_libraries(wolfcrypttest_lib wolfssl) target_compile_options(wolfcrypttest_lib PRIVATE "-DNO_MAIN_DRIVER") + if(WOLFSSL_CRYPT_TESTS_HELP) + target_compile_options(wolfcrypttest_lib PRIVATE "-DHAVE_WOLFCRYPT_TEST_OPTIONS") + endif() # Make another library for the wolfCrypt benchmark code. add_library(wolfcryptbench_lib @@ -2002,6 +2009,9 @@ if(WOLFSSL_CRYPT_TESTS) set_property(TARGET wolfcrypttest PROPERTY RUNTIME_OUTPUT_NAME testwolfcrypt) + if(WOLFSSL_CRYPT_TESTS_HELP) + target_compile_options(wolfcrypttest PRIVATE "-DHAVE_WOLFCRYPT_TEST_OPTIONS") + endif() # Build wolfCrypt benchmark executable. add_executable(wolfcryptbench diff --git a/IDE/XilinxSDK/user_settings.h b/IDE/XilinxSDK/user_settings.h index 9138f81f3..1cb5644e2 100644 --- a/IDE/XilinxSDK/user_settings.h +++ b/IDE/XilinxSDK/user_settings.h @@ -37,7 +37,9 @@ /* Xilinx SDK */ #define WOLFSSL_XILINX +#ifndef FREERTOS #define SINGLE_THREADED +#endif #define NO_FILESYSTEM /* Platform - remap printf */ diff --git a/IDE/XilinxSDK/wolfssl_example.c b/IDE/XilinxSDK/wolfssl_example.c index 2c6518c3f..1b21c03e2 100644 --- a/IDE/XilinxSDK/wolfssl_example.c +++ b/IDE/XilinxSDK/wolfssl_example.c @@ -22,6 +22,14 @@ #include "xil_printf.h" #include "xrtcpsu.h" +#ifdef FREERTOS +/* FreeRTOS includes. */ +#include "FreeRTOS.h" +#include "task.h" +#include "queue.h" +#include "timers.h" +#endif + #include "wolfssl/wolfcrypt/settings.h" #include "wolfssl/wolfcrypt/wc_port.h" #include "wolfssl/wolfcrypt/error-crypt.h" @@ -64,7 +72,36 @@ unsigned char my_rng_seed_gen(void) /***************************************************************************** * Public functions ****************************************************************************/ +#ifdef FREERTOS + +static void wolfssl_task( void *pvParameters ); +static TaskHandle_t xWolfsslTask; + +int main( void ) +{ + xTaskCreate(wolfssl_task, /* The function that implements the task. */ + (const char*) "Tx", /* Text name for the task, provided to assist debugging only. */ + configMINIMAL_STACK_SIZE, /* The stack allocated to the task. */ + NULL, /* The task parameter is not used, so set to NULL. */ + tskIDLE_PRIORITY, /* The task runs at the idle priority. */ + &xWolfsslTask); + + /* Start the task. */ + vTaskStartScheduler(); + + /* If all is well, the scheduler will now be running, and the following line + will never be reached. If the following line does execute, then there was + insufficient FreeRTOS heap memory available for the idle and/or timer tasks + to be created. See the memory management section on the FreeRTOS web site + for more details. */ + for (;;) + ; +} + +static void wolfssl_task( void *pvParameters ) +#else int main() +#endif { uint8_t cmd; func_args args; @@ -114,6 +151,7 @@ int main() } wolfCrypt_Cleanup(); - +#ifndef FREERTOS return 0; +#endif } diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 0586a733e..a4ab8c1e0 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -4820,10 +4820,8 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len) } #endif /* FREESCALE_LTC_AES_GCM */ -#if defined(WOLFSSL_XILINX_CRYPT) - wc_AesGcmSetKey_ex(aes, key, len, XSECURE_CSU_AES_KEY_SRC_KUP); -#elif defined(WOLFSSL_AFALG_XILINX_AES) - wc_AesGcmSetKey_ex(aes, key, len, 0); +#if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_AFALG_XILINX_AES) + wc_AesGcmSetKey_ex(aes, key, len, WOLFSSL_XILINX_AES_KEY_SRC); #endif #ifdef WOLF_CRYPTO_CB diff --git a/wolfcrypt/src/signature.c b/wolfcrypt/src/signature.c index fe2229029..c880abf07 100644 --- a/wolfcrypt/src/signature.c +++ b/wolfcrypt/src/signature.c @@ -192,6 +192,9 @@ int wc_SignatureVerifyHash( ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig, (RsaKey*)key, cc310_hashModeRSA(hash_type, 1)); } + if (ret != 0) { + ret = SIG_VERIFY_E; + } #else word32 plain_len = hash_len; @@ -242,8 +245,7 @@ int wc_SignatureVerifyHash( } #endif /* WOLFSSL_CRYPTOCELL */ if (ret != 0) { - WOLFSSL_MSG("RSA Signature Verify difference!"); - ret = SIG_VERIFY_E; + WOLFSSL_MSG("RSA Signature Verify failed!"); } #else ret = SIG_TYPE_E; diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c index 4bfcdd7c6..28beee6c1 100644 --- a/wolfcrypt/src/tfm.c +++ b/wolfcrypt/src/tfm.c @@ -3810,7 +3810,7 @@ int fp_to_unsigned_bin(fp_int *a, unsigned char *b) fp_init_copy(t, a); x = fp_to_unsigned_bin_at_pos(0, t, b); - fp_reverse (b, x); + mp_reverse (b, x); #ifdef WOLFSSL_SMALL_STACK XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); @@ -3856,7 +3856,7 @@ int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c) b[x] = (unsigned char) (t->dp[0] & 255); fp_div_2d (t, 8, t, NULL); } - fp_reverse (b, x); + mp_reverse (b, x); #ifdef WOLFSSL_SMALL_STACK XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); @@ -4106,23 +4106,6 @@ void fp_rshd(fp_int *a, int x) fp_clamp(a); } -/* reverse an array, used for radix code */ -void fp_reverse (unsigned char *s, int len) -{ - int ix, iy; - unsigned char t; - - ix = 0; - iy = len - 1; - while (ix < iy) { - t = s[ix]; - s[ix] = s[iy]; - s[iy] = t; - ++ix; - --iy; - } -} - /* c = a - b */ int fp_sub_d(fp_int *a, fp_digit b, fp_int *c) @@ -5848,7 +5831,7 @@ int mp_toradix (mp_int *a, char *str, int radix) /* reverse the digits of the string. In this case _s points * to the first digit [excluding the sign] of the number] */ - fp_reverse ((unsigned char *)_s, digs); + mp_reverse ((unsigned char *)_s, digs); /* append a NULL so the string is properly terminated */ *str = '\0'; diff --git a/wolfcrypt/src/wolfmath.c b/wolfcrypt/src/wolfmath.c index 78a77bafb..3687e0ca7 100644 --- a/wolfcrypt/src/wolfmath.c +++ b/wolfcrypt/src/wolfmath.c @@ -71,6 +71,26 @@ #endif +/* reverse an array, used for radix code */ +void mp_reverse (unsigned char *s, int len) +{ + int ix, iy; + unsigned char t; + + if (s == NULL) + return; + + ix = 0; + iy = len - 1; + while (ix < iy) { + t = s[ix]; + s[ix] = s[iy]; + s[iy] = t; + ++ix; + --iy; + } +} + int get_digit_count(const mp_int* a) { if (a == NULL) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 41e63d18c..83c9e9abf 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -1535,7 +1535,14 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\ #if defined(WOLFSSL_ESPIDF) || defined(_WIN32_WCE) int wolf_test_task(void) #else +#ifndef NO_MAIN_FUNCTION int main(int argc, char** argv) + { + return wolfcrypt_test_main(argc, argv); + } +#endif + + int wolfcrypt_test_main(int argc, char** argv) #endif { int ret; @@ -3346,21 +3353,21 @@ static int sha3_384_test(void) ret = wc_Sha3_384_Update(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen); if (ret != 0) - ERROR_OUT(-2801 - i, exit); + ERROR_OUT(-2801 - (i * 10), exit); #ifndef NO_INTM_HASH_TEST ret = wc_Sha3_384_GetHash(&sha, hashcopy); if (ret != 0) - ERROR_OUT(-2802 - i, exit); + ERROR_OUT(-2802 - (i * 10), exit); #endif ret = wc_Sha3_384_Final(&sha, hash); if (ret != 0) - ERROR_OUT(-2803 - i, exit); + ERROR_OUT(-2803 - (i * 10), exit); if (XMEMCMP(hash, test_sha[i].output, WC_SHA3_384_DIGEST_SIZE) != 0) - ERROR_OUT(-2804 - i, exit); + ERROR_OUT(-2804 - (i * 10), exit); #ifndef NO_INTM_HASH_TEST if (XMEMCMP(hash, hashcopy, WC_SHA3_384_DIGEST_SIZE) != 0) - ERROR_OUT(-2805 - i, exit); + ERROR_OUT(-2805 - (i * 10), exit); #endif } diff --git a/wolfcrypt/test/test.h b/wolfcrypt/test/test.h index 3dcf9ad92..6ca21fcab 100644 --- a/wolfcrypt/test/test.h +++ b/wolfcrypt/test/test.h @@ -33,6 +33,9 @@ THREAD_RETURN WOLFSSL_THREAD wolfcrypt_test(void* args); #else int wolfcrypt_test(void* args); #endif +#ifndef NO_MAIN_DRIVER +int wolfcrypt_test_main(int argc, char** argv); +#endif #ifdef __cplusplus } /* extern "C" */ diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index 3de0ab4fa..9f1bd80e1 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -68,7 +68,14 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits #ifdef WOLFSSL_XILINX_CRYPT #include "xsecure_aes.h" -#endif +#define WOLFSSL_XILINX_AES_KEY_SRC XSECURE_CSU_AES_KEY_SRC_KUP +#endif /* WOLFSSL_XILINX_CRYPT */ + +#if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_AFALG_XILINX_AES) +#if !defined(WOLFSSL_XILINX_AES_KEY_SRC) +#define WOLFSSL_XILINX_AES_KEY_SRC 0 +#endif /* !defined(WOLFSSL_XILINX_AES_KEY_SRC) */ +#endif /* all Xilinx crypto */ #ifdef WOLFSSL_SE050 #include diff --git a/wolfssl/wolfcrypt/tfm.h b/wolfssl/wolfcrypt/tfm.h index 327bd950e..9d5bf4a1c 100644 --- a/wolfssl/wolfcrypt/tfm.h +++ b/wolfssl/wolfcrypt/tfm.h @@ -678,7 +678,6 @@ int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b); /* VARIOUS LOW LEVEL STUFFS */ int s_fp_add(fp_int *a, fp_int *b, fp_int *c); void s_fp_sub(fp_int *a, fp_int *b, fp_int *c); -void fp_reverse(unsigned char *s, int len); int fp_mul_comba(fp_int *a, fp_int *b, fp_int *c); diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index e4c961d9a..a5461d776 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -755,6 +755,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void); #define XTIME(t1) xilinx_time((t1)) #endif #include + time_t xilinx_time(time_t * timer); #elif defined(HAVE_RTP_SYS) #include "os.h" /* dc_rtc_api needs */ diff --git a/wolfssl/wolfcrypt/wolfmath.h b/wolfssl/wolfcrypt/wolfmath.h index 6a06f0ef9..c578f9b8d 100644 --- a/wolfssl/wolfcrypt/wolfmath.h +++ b/wolfssl/wolfcrypt/wolfmath.h @@ -58,6 +58,7 @@ This library provides big integer math functions. MP_API int get_digit_count(const mp_int* a); MP_API mp_digit get_digit(const mp_int* a, int n); MP_API int get_rand_digit(WC_RNG* rng, mp_digit* d); +WOLFSSL_LOCAL void mp_reverse(unsigned char *s, int len); WOLFSSL_API int mp_cond_copy(mp_int* a, int copy, mp_int* b); WOLFSSL_API int mp_rand(mp_int* a, int digits, WC_RNG* rng);