RX64/RX71 SHA hardware support updates

Made the following updates based on review feedback
Fixed mixed variable declaration and simplified cases by typedefing
wolfssl_RX64_HW_Hash to wc_Sha, wc_Sha224, & wc_Sha256
Added files to include.am so they are built when using make
Add WOLFSSL_RENESAS_RX64_HASH to settings.h and set WOLFSSL_NO_HASH_RAW
in settings.h based on value of WOLFSSL_RENESAS_RX64_HASH
Add and handle return value for rx64_hw_Open
Fix some minor formatting and comments

wolfcrypt/src/include.am

@@ -123,6 +123,8 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
               wolfcrypt/src/port/Renesas/renesas_sce_aes.c \
               wolfcrypt/src/port/Renesas/renesas_sce_sha.c \
               wolfcrypt/src/port/Renesas/renesas_common.c \
+              wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c \
+              wolfcrypt/src/port/Renesas/renesas_rx64_hw_util.c \
               wolfcrypt/src/port/Renesas/README.md \
               wolfcrypt/src/port/cypress/psoc6_crypto.c
 

wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c

@@ -128,10 +128,10 @@ int RX64_ShaCalc(byte* data, word32 len, byte* out, word32 sha_type)
         if (sha_type == RX64_SHA1) {
             ret = R_Sha1_HashDigest(&data[index], out, chunk_length, flag,
                                     &work_sha.sha1);
-        } else if(sha_type == RX64_SHA224) {
+        } else if (sha_type == RX64_SHA224) {
             ret = R_Sha224_HashDigest(&data[index], out, chunk_length, flag,
                                       &work_sha.sha224);
-        } else if(sha_type == RX64_SHA256) {
+        } else if (sha_type == RX64_SHA256) {
             ret = R_Sha256_HashDigest(&data[index], out, chunk_length, flag,
                                       &work_sha.sha256);
         }

wolfcrypt/src/port/Renesas/renesas_rx64_hw_util.c

@@ -35,23 +35,23 @@ static int rx64_hw_CryptHwMutexInit_ = 0;
 * lock hw engine.
 * this should be called before using engine.
 */
-int rx64_hw_lock()
+int rx64_hw_lock(void)
 {
     int ret = 0;
 
     WOLFSSL_MSG("enter rx64_hw_lock");
 
-    if(rx64_hw_CryptHwMutexInit_ == 0){
+    if (rx64_hw_CryptHwMutexInit_ == 0){
         ret = wc_InitMutex(&rx64_hw_mutex);
-        if(ret == 0) {
+        if (ret == 0) {
             rx64_hw_CryptHwMutexInit_ = 1;
         } else {
             WOLFSSL_MSG(" mutex initialization failed.");
             return -1;
         }
     }
-    if(wc_LockMutex(&rx64_hw_mutex) != 0) {
-        /* this should not happens */
+    if (wc_LockMutex(&rx64_hw_mutex) != 0) {
+        /* this should not happen */
         return -1;
     }
 
@@ -62,7 +62,7 @@ int rx64_hw_lock()
 /*
 * release hw engine
 */
-void rx64_hw_unlock( void )
+void rx64_hw_unlock(void)
 {
     WOLFSSL_MSG("enter rx64_hw_unlock");
     /* unlock hw engine for next use */
@@ -71,25 +71,32 @@ void rx64_hw_unlock( void )
 }
 
 /* open RX64 HW drivers for use */
-void rx64_hw_Open( ) {
+void rx64_hw_Open(void)
+{
+    int ret = -1;
     if (rx64_hw_lock() == 0) {
         /* Enable the SHA coprocessor function. */
         R_Sha_Init();
         /* unlock hw */
         rx64_hw_unlock();
-    } else
+        ret = 0;
+    } else {
         WOLFSSL_MSG("Failed to lock rx64 hw \n");
+    }
+    return ret;
 }
 
 /* close RX64 HW driver */
-void rx64_hw_Close( ) {
+void rx64_hw_Close(void)
+{
     if (rx64_hw_lock() == 0) {
         /* Disable the SHA coprocessor function. */
         R_Sha_Close();
         /* unlock hw */
         rx64_hw_unlock();
-    } else
+    } else {
         WOLFSSL_MSG("Failed to unlock rx64 hw \n");
+    }
 }
 
 

wolfcrypt/src/sha.c

@@ -861,7 +861,8 @@ void wc_ShaFree(wc_Sha* sha)
     se050_hash_free(&sha->se050Ctx);
 #endif
 #if (defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
-    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH))
+    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) || \
+    defined(WOLFSSL_RENESAS_RX64_HASH)
     if (sha->msg != NULL) {
         XFREE(sha->msg, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
         sha->msg = NULL;
@@ -870,13 +871,6 @@ void wc_ShaFree(wc_Sha* sha)
 #ifdef WOLFSSL_IMXRT_DCP
     DCPShaFree(sha);
 #endif
-#if defined(WOLFSSL_RENESAS_RX64_HASH)
-    wolfssl_RX64_HW_Hash* hw_sha = (wolfssl_RX64_HW_Hash*)sha;
-    if (hw_sha->msg != NULL) {
-        XFREE(hw_sha->msg, hw_sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        hw_sha->msg = NULL;
-    }
-#endif
 }
 
 #endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */

wolfcrypt/src/sha256.c

@@ -1684,10 +1684,9 @@ static int InitSha256(wc_Sha256* sha256)
         KcapiHashFree(&sha224->kcapi);
     #endif
     #if defined(WOLFSSL_RENESAS_RX64_HASH)
-    wolfssl_RX64_HW_Hash* hw_sha = (wolfssl_RX64_HW_Hash*)sha224;
-    if (hw_sha->msg != NULL) {
-        XFREE(hw_sha->msg, hw_sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        hw_sha->msg = NULL;
+    if (sha224->msg != NULL) {
+        XFREE(sha224->msg, sha224->heap, DYNAMIC_TYPE_TMP_BUFFER);
+        sha224->msg = NULL;
     }
     #endif
     }
@@ -1745,6 +1744,7 @@ void wc_Sha256Free(wc_Sha256* sha256)
     !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) || \
     (defined(WOLFSSL_RENESAS_SCEPROTECT) && \
     !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) || \
+    defined(WOLFSSL_RENESAS_RX64_HASH) || \
     defined(WOLFSSL_HASH_KEEP)
 
     if (sha256->msg != NULL) {
@@ -1782,13 +1782,6 @@ void wc_Sha256Free(wc_Sha256* sha256)
         ESP_LOGV("sha256", "Hardware unlock not needed in wc_Sha256Free.");
     }
 #endif
-#if defined(WOLFSSL_RENESAS_RX64_HASH)
-    wolfssl_RX64_HW_Hash* hw_sha = (wolfssl_RX64_HW_Hash*)sha256;
-    if (hw_sha->msg != NULL) {
-        XFREE(hw_sha->msg, hw_sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        hw_sha->msg = NULL;
-    }
-#endif
 }
 
 #endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */

wolfcrypt/src/wc_port.c

@@ -64,6 +64,9 @@
 #if defined(WOLFSSL_RENESAS_SCE)
     #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
 #endif
+#if defined(WOLFSSL_RENESAS_RX64_HASH)
+    #include <wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h>
+#endif
 #if defined(WOLFSSL_STSAFEA100)
     #include <wolfssl/wolfcrypt/port/st/stsafe.h>
 #endif
@@ -177,7 +180,13 @@ int wolfCrypt_Init(void)
     #endif
 
     #if defined(WOLFSSL_RENESAS_RX64_HASH)
-        rx64_hw_Open();
+    ret = rx64_hw_Open();
+    if( ret != 0 ) {
+        WOLFSSL_MSG("Renesas RX64 HW Open failed");
+        /* not return 1 since WOLFSSL_SUCCESS=1*/
+        ret = -1;/* FATAL ERROR */
+        return ret;
+    }
     #endif
 
     #if defined(WOLFSSL_RENESAS_SCEPROTECT)

wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h

@@ -30,14 +30,12 @@
 extern "C" {
 #endif
 
-struct WOLFSSL;
-
-void  rx64_hw_Open(void);
+int rx64_hw_Open(void);
 void rx64_hw_Close(void);
 int rx64_hw_lock(void);
 void rx64_hw_unlock(void);
 
-#if (!defined(NO_SHA) || !defined(NO_SHA256))
+#if (!defined(NO_SHA) || defined(WOLFSSL_SHA224) || !defined(NO_SHA256))
 
 typedef enum
 {
@@ -56,12 +54,22 @@ typedef struct
     word32 sha_type;
 } wolfssl_RX64_HW_Hash;
 
-int RX64_ShaCalc(byte* data, word32 len, byte* out, word32 sha_type);
+#if !defined(NO_SHA)
+    typedef wolfssl_RX64_HW_Hash wc_Sha;
+#endif
 
-/* RAW hash function APIs are not implemented with RX64 hardware acceleration */
-#define WOLFSSL_NO_HASH_RAW
+#if !defined(NO_SHA256)
+    typedef wolfssl_RX64_HW_Hash wc_Sha256;
+#endif
 
-#endif /* NO_SHA */
+#if defined(WOLFSSL_SHA224)
+    typedef wolfssl_RX64_HW_Hash wc_Sha224;
+    #define WC_SHA224_TYPE_DEFINED
+#endif
+
+WOLFSSL_LOCAL int RX64_ShaCalc(byte* data, word32 len, byte* out, word32 sha_type);
+
+#endif /* !NO_SHA || WOLFSSL_SHA224 || !NO_SHA256 */
 
 #ifdef __cplusplus
 }

wolfssl/wolfcrypt/settings.h

@@ -244,6 +244,9 @@
 /* Uncomment next line if using RENESAS RA6M4 */
 /* #define WOLFSSL_RENESAS_RA6M4 */
 
+// Uncomment next line if using RENESAS RX64 hardware acceleration
+// #define WOLFSSL_RENESAS_RX64_HASH
+
 /* Uncomment next line if using Solaris OS*/
 /* #define WOLFSSL_SOLARIS */
 
@@ -368,6 +371,11 @@
     #endif
 #endif /* WOLFSSL_RENESAS_TSIP */
 
+#if !defined(WOLFSSL_NO_HASH_RAW) && defined(WOLFSSL_RENESAS_RX64_HASH)
+    /* RAW hash function APIs are not implemented with RX64 hardware acceleration */
+    #define WOLFSSL_NO_HASH_RAW
+#endif
+
 #if defined(WOLFSSL_RENESAS_SCEPROTECT)
     #define SCE_TLS_MASTERSECRET_SIZE         80  /* 20 words */
     #define TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE  64

wolfssl/wolfcrypt/sha.h

@@ -108,6 +108,8 @@ enum {
 #elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
     #include "wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h"
+#elif defined(WOLFSSL_RENESAS_RX64_HASH)
+    #include "wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h"
 #else
 
 #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)

wolfssl/wolfcrypt/sha256.h

@@ -151,6 +151,8 @@ enum {
 #elif defined(WOLFSSL_RENESAS_SCEPROTECT) && \
    !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
     #include "wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h"
+#elif defined(WOLFSSL_RENESAS_RX64_HASH)
+    #include "wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h"
 #else
 
 #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)