From 6fc1b168e72356cb60a5dc0fd914439d74e8bcda Mon Sep 17 00:00:00 2001 From: ZackLabPC Date: Fri, 13 Sep 2024 17:40:18 -0600 Subject: [PATCH] Adding in Callback for ARM ASM: AES-ECB/CBC, SHA-1/256/384/512 and Fixing SP SHA CB Bug --- wolfcrypt/src/port/arm/armv8-aes.c | 139 +++++++++++++++++- wolfcrypt/src/port/arm/armv8-sha256.c | 68 ++++++++- wolfcrypt/src/port/arm/armv8-sha512.c | 104 ++++++++++++- wolfcrypt/src/port/maxim/max3266x.c | 137 ++++++++++++++++- wolfcrypt/src/sha.c | 23 ++- wolfcrypt/src/sha256.c | 21 +++ wolfcrypt/src/sha512.c | 35 +++++ .../wolfcrypt/port/maxim/max3266x-cryptocb.h | 8 +- wolfssl/wolfcrypt/port/maxim/max3266x.h | 48 ++++-- wolfssl/wolfcrypt/sha.h | 3 + wolfssl/wolfcrypt/sha256.h | 3 + wolfssl/wolfcrypt/sha512.h | 3 + 12 files changed, 558 insertions(+), 34 deletions(-) diff --git a/wolfcrypt/src/port/arm/armv8-aes.c b/wolfcrypt/src/port/arm/armv8-aes.c index 4a3e3dc24f..8e20dd86d7 100644 --- a/wolfcrypt/src/port/arm/armv8-aes.c +++ b/wolfcrypt/src/port/arm/armv8-aes.c @@ -44,6 +44,17 @@ #endif #endif +#ifdef WOLF_CRYPTO_CB + #include + +/* Enable Hardware Callback */ +#if defined(WOLFSSL_MAX3266X) || defined(WOLFSSL_MAX3266X_OLD) + /* Revert back to SW so HW CB works */ + /* HW only works for AES: ECB, CBC, and partial via ECB for other modes */ + #include +#endif +#endif + #include #include @@ -14928,6 +14939,20 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz, return BAD_FUNC_ARG; } +#ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { + int crypto_cb_ret = + wc_CryptoCb_AesCcmEncrypt(aes, out, in, inSz, nonce, nonceSz, + authTag, authTagSz, authIn, authInSz); + if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return crypto_cb_ret; + /* fall-through when unavailable */ + } +#endif + XMEMCPY(B+1, nonce, nonceSz); lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz; B[0] = (authInSz > 0 ? 64 : 0) @@ -15000,6 +15025,20 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, return BAD_FUNC_ARG; } +#ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { + int crypto_cb_ret = + wc_CryptoCb_AesCcmDecrypt(aes, out, in, inSz, nonce, nonceSz, + authTag, authTagSz, authIn, authInSz); + if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return crypto_cb_ret; + /* fall-through when unavailable */ + } +#endif + o = out; oSz = inSz; XMEMCPY(B+1, nonce, nonceSz); @@ -16534,7 +16573,7 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, return BAD_FUNC_ARG; } #endif - + XMEMCPY(aes->cb_key, userKey, keylen); #ifdef WOLFSSL_AES_COUNTER aes->left = 0; #endif /* WOLFSSL_AES_COUNTER */ @@ -16584,6 +16623,20 @@ static int wc_AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock) return KEYUSAGE_E; } +#ifdef MAX3266X_CB /* Can do a basic ECB block */ + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { + int ret_cb = wc_CryptoCb_AesEcbEncrypt(aes, outBlock, inBlock, + AES_BLOCK_SIZE); + if (ret_cb != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) { + return ret_cb; + } + /* fall-through when unavailable */ + } +#endif + AES_ECB_encrypt(inBlock, outBlock, AES_BLOCK_SIZE, (const unsigned char*)aes->key, aes->rounds); return 0; @@ -16598,6 +16651,19 @@ static int wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) return KEYUSAGE_E; } +#ifdef MAX3266X_CB /* Can do a basic ECB block */ + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { + int ret_cb = wc_CryptoCb_AesEcbDecrypt(aes, outBlock, inBlock, + AES_BLOCK_SIZE); + if (ret_cb != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret_cb; + /* fall-through when unavailable */ + } +#endif + AES_ECB_decrypt(inBlock, outBlock, AES_BLOCK_SIZE, (const unsigned char*)aes->key, aes->rounds); return 0; @@ -16652,6 +16718,18 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) #endif } +#ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { + int crypto_cb_ret = wc_CryptoCb_AesCbcEncrypt(aes, out, in, sz); + if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return crypto_cb_ret; + /* fall-through when unavailable */ + } +#endif + AES_CBC_encrypt(in, out, sz, (const unsigned char*)aes->key, aes->rounds, (unsigned char*)aes->reg); @@ -16681,6 +16759,18 @@ int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) #endif } + #ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { + int crypto_cb_ret = wc_CryptoCb_AesCbcDecrypt(aes, out, in, sz); + if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return crypto_cb_ret; + /* fall-through when unavailable */ + } + #endif + AES_CBC_decrypt(in, out, sz, (const unsigned char*)aes->key, aes->rounds, (unsigned char*)aes->reg); @@ -16703,6 +16793,18 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E); return KEYUSAGE_E; } + #ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { + int crypto_cb_ret = wc_CryptoCb_AesCtrEncrypt(aes, out, in, sz); + if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return crypto_cb_ret; + /* fall-through when unavailable */ + } + #endif + tmp = (byte*)aes->tmp + AES_BLOCK_SIZE - aes->left; /* consume any unused bytes left in aes->tmp */ @@ -17080,6 +17182,13 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len) return BAD_FUNC_ARG; } + + #ifdef WOLF_CRYPTO_CB + if (aes->devId != INVALID_DEVID) { + XMEMCPY(aes->devKey, key, len); + } + #endif + XMEMSET(iv, 0, AES_BLOCK_SIZE); ret = wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION); @@ -17241,6 +17350,20 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, return KEYUSAGE_E; } +#ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { + int crypto_cb_ret = + wc_CryptoCb_AesGcmEncrypt(aes, out, in, sz, iv, ivSz, authTag, + authTagSz, authIn, authInSz); + if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return crypto_cb_ret; + /* fall-through when unavailable */ + } +#endif + XMEMSET(initialCounter, 0, AES_BLOCK_SIZE); if (ivSz == GCM_NONCE_MID_SZ) { XMEMCPY(initialCounter, iv, ivSz); @@ -17329,6 +17452,20 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, return BAD_FUNC_ARG; } +#ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { + int crypto_cb_ret = + wc_CryptoCb_AesGcmDecrypt(aes, out, in, sz, iv, ivSz, + authTag, authTagSz, authIn, authInSz); + if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return crypto_cb_ret; + /* fall-through when unavailable */ + } +#endif + XMEMSET(initialCounter, 0, AES_BLOCK_SIZE); if (ivSz == GCM_NONCE_MID_SZ) { XMEMCPY(initialCounter, iv, ivSz); diff --git a/wolfcrypt/src/port/arm/armv8-sha256.c b/wolfcrypt/src/port/arm/armv8-sha256.c index 45d4292a54..e903e6b549 100644 --- a/wolfcrypt/src/port/arm/armv8-sha256.c +++ b/wolfcrypt/src/port/arm/armv8-sha256.c @@ -57,6 +57,10 @@ #include #endif +#ifdef WOLF_CRYPTO_CB + #include +#endif + #if defined(FREESCALE_MMCAU_SHA) #ifdef FREESCALE_MMCAU_CLASSIC_SHA #include "cau_api.h" @@ -121,6 +125,10 @@ static int InitSha256(wc_Sha256* sha256) sha256->flags = 0; #endif +#ifdef WOLF_CRYPTO_CB + sha256->devId = wc_CryptoCb_DefaultDevID(); +#endif + return ret; } @@ -1513,25 +1521,44 @@ static WC_INLINE int Sha256Final(wc_Sha256* sha256, byte* hash) int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId) { + int ret = 0; if (sha256 == NULL) return BAD_FUNC_ARG; + ret = InitSha256(sha256); + if (ret != 0) + return ret; sha256->heap = heap; #ifdef WOLF_CRYPTO_CB sha256->devId = devId; + sha256->devCtx = NULL; #endif - (void)devId; - return InitSha256(sha256); +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Init(&(sha256->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif + (void)devId; + return ret; } int wc_InitSha256(wc_Sha256* sha256) { - return wc_InitSha256_ex(sha256, NULL, INVALID_DEVID); + int devId = INVALID_DEVID; + +#ifdef WOLF_CRYPTO_CB + devId = wc_CryptoCb_DefaultDevID(); +#endif + return wc_InitSha256_ex(sha256, NULL, devId); } void wc_Sha256Free(wc_Sha256* sha256) { +#ifdef MAX3266X_SHA_CB + wc_MXC_TPU_SHA_Free(&(sha256->mxcCtx)); +#endif (void)sha256; } @@ -1541,6 +1568,18 @@ int wc_Sha256Update(wc_Sha256* sha256, const byte* data, word32 len) return BAD_FUNC_ARG; } +#ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (sha256->devId != INVALID_DEVID) + #endif + { + int ret = wc_CryptoCb_Sha256Hash(sha256, data, len, NULL); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif + return Sha256Update(sha256, data, len); } @@ -1573,11 +1612,27 @@ int wc_Sha256Final(wc_Sha256* sha256, byte* hash) return BAD_FUNC_ARG; } +#ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (sha256->devId != INVALID_DEVID) + #endif + { + ret = wc_CryptoCb_Sha256Hash(sha256, NULL, 0, hash); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif + ret = Sha256Final(sha256, hash); if (ret != 0) return ret; +#ifdef WOLF_CRYPTO_CB /* Use to reset state but keep devId info */ + return wc_InitSha256_ex(sha256, sha256->heap, sha256->devId); +#else return InitSha256(sha256); /* reset state */ +#endif } int wc_Sha256GetHash(wc_Sha256* sha256, byte* hash) @@ -1621,6 +1676,13 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst) XMEMCPY(dst, src, sizeof(wc_Sha256)); +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Copy(&(src->mxcCtx), &(dst->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif + return ret; } diff --git a/wolfcrypt/src/port/arm/armv8-sha512.c b/wolfcrypt/src/port/arm/armv8-sha512.c index 145f6b5ebb..dfc31ae056 100644 --- a/wolfcrypt/src/port/arm/armv8-sha512.c +++ b/wolfcrypt/src/port/arm/armv8-sha512.c @@ -172,6 +172,10 @@ static int InitSha512_Family(wc_Sha512* sha512, void* heap, int devId, #ifdef WOLFSSL_SMALL_STACK_CACHE sha512->W = NULL; #endif +#ifdef WOLF_CRYPTO_CB + sha512->devId = devId; + sha512->devCtx = NULL; +#endif if (type == WC_HASH_TYPE_SHA512) { ret = InitSha512(sha512); @@ -201,6 +205,12 @@ static int InitSha512_Family(wc_Sha512* sha512, void* heap, int devId, int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId) { +#ifdef MAX3266X_SHA_CB + if (wc_MXC_TPU_SHA_Init(&(sha512->mxcCtx)) != 0) { + return BAD_FUNC_ARG; + } +#endif + return InitSha512_Family(sha512, heap, devId, WC_HASH_TYPE_SHA512); } @@ -508,6 +518,18 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len) return BAD_FUNC_ARG; } +#ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (sha512->devId != INVALID_DEVID) + #endif + { + int ret = wc_CryptoCb_Sha512Hash(sha512, data, len, NULL); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif + return Sha512Update(sha512, data, len); } @@ -626,13 +648,20 @@ static int Sha512_Family_Final(wc_Sha512* sha512, byte* hash, return BAD_FUNC_ARG; #ifdef WOLF_CRYPTO_CB - if (sha512->devId != INVALID_DEVID) { - ret = wc_CryptoCb_Sha512Hash(sha512, NULL, 0, hash); - if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + #ifndef WOLF_CRYPTO_CB_FIND + if (sha512->devId != INVALID_DEVID) + #endif + { + byte localHash[WC_SHA512_DIGEST_SIZE]; + ret = wc_CryptoCb_Sha512Hash(sha512, NULL, 0, localHash); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) { + XMEMCPY(hash, localHash, digestSz); return ret; + } /* fall-through when unavailable */ } #endif + #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512) if (sha512->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA512) { #if defined(HAVE_INTEL_QA) @@ -661,6 +690,11 @@ int wc_Sha512Final(wc_Sha512* sha512, byte* hash) int wc_InitSha512(wc_Sha512* sha512) { + int devId = INVALID_DEVID; + +#ifdef WOLF_CRYPTO_CB + devId = wc_CryptoCb_DefaultDevID(); +#endif return wc_InitSha512_ex(sha512, NULL, INVALID_DEVID); } @@ -673,6 +707,11 @@ void wc_Sha512Free(wc_Sha512* sha512) XFREE(sha512->W, NULL, DYNAMIC_TYPE_TMP_BUFFER); sha512->W = NULL; #endif + +#ifdef MAX3266X_SHA_CB + wc_MXC_TPU_SHA_Free(&(sha512->mxcCtx)); +#endif + } #ifdef OPENSSL_EXTRA @@ -724,6 +763,18 @@ int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len) return BAD_FUNC_ARG; } +#ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (sha384->devId != INVALID_DEVID) + #endif + { + int ret = wc_CryptoCb_Sha384Hash(sha384, data, len, NULL); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif + return Sha512Update((wc_Sha512*)sha384, data, len); } @@ -757,6 +808,18 @@ int wc_Sha384Final(wc_Sha384* sha384, byte* hash) return BAD_FUNC_ARG; } +#ifdef WOLF_CRYPTO_CB + #ifndef WOLF_CRYPTO_CB_FIND + if (sha384->devId != INVALID_DEVID) + #endif + { + ret = wc_CryptoCb_Sha384Hash(sha384, NULL, 0, hash); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif + ret = Sha512Final((wc_Sha512*)sha384); if (ret != 0) return ret; @@ -782,7 +845,16 @@ int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId) #ifdef WOLFSSL_SMALL_STACK_CACHE sha384->W = NULL; #endif - +#ifdef WOLF_CRYPTO_CB + sha384->devId = devId; + sha384->devCtx = NULL; +#endif +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Init(&(sha384->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif (void)devId; return ret; @@ -790,6 +862,11 @@ int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId) int wc_InitSha384(wc_Sha384* sha384) { + int devId = INVALID_DEVID; + +#ifdef WOLF_CRYPTO_CB + devId = wc_CryptoCb_DefaultDevID(); +#endif return wc_InitSha384_ex(sha384, NULL, INVALID_DEVID); } @@ -802,6 +879,11 @@ void wc_Sha384Free(wc_Sha384* sha384) XFREE(sha384->W, NULL, DYNAMIC_TYPE_TMP_BUFFER); sha384->W = NULL; #endif + +#ifdef MAX3266X_SHA_CB + wc_MXC_TPU_SHA_Free(&(sha384->mxcCtx)); +#endif + } #endif /* WOLFSSL_SHA384 */ @@ -880,6 +962,13 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst) dst->flags |= WC_HASH_FLAG_ISCOPY; #endif +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Copy(&(src->mxcCtx), &(dst->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif + return ret; } @@ -1037,6 +1126,13 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst) dst->flags |= WC_HASH_FLAG_ISCOPY; #endif +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Copy(&(src->mxcCtx), &(dst->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif + return ret; } diff --git a/wolfcrypt/src/port/maxim/max3266x.c b/wolfcrypt/src/port/maxim/max3266x.c index 615af9fe50..17844c13d7 100644 --- a/wolfcrypt/src/port/maxim/max3266x.c +++ b/wolfcrypt/src/port/maxim/max3266x.c @@ -134,6 +134,112 @@ int wc_MxcAesCryptoCb(wc_CryptoInfo* info) return BAD_FUNC_ARG; } +#ifdef MAX3266X_SHA_CB + +int wc_MxcShaCryptoCb(wc_CryptoInfo* info) +{ + switch (info->hash.type) { + #ifndef NO_SHA + case WC_HASH_TYPE_SHA: + MAX3266X_MSG("SHA-1 CB:"); + /* Update Case */ + if (info->hash.in != NULL && info->hash.digest == NULL) { + MAX3266X_MSG("Update CB"); + return wc_MXC_TPU_SHA_Update(&(info->hash.sha1->mxcCtx), + info->hash.in, info->hash.inSz); + } + /* Sha 1 Final Case */ + if (info->hash.in == NULL && info->hash.digest != NULL) { + MAX3266X_MSG("Final CB"); + return wc_MXC_TPU_SHA_Final(&(info->hash.sha1->mxcCtx), + info->hash.digest, + MXC_TPU_HASH_SHA1); + } + break; /* Break Out and Return Error */ + #endif + #ifdef WOLFSSL_SHA224 + case WC_HASH_TYPE_SHA224: + MAX3266X_MSG("SHA-224 CB:"); + /* Update Case */ + if (info->hash.in != NULL && info->hash.digest == NULL) { + MAX3266X_MSG("Update CB"); + return wc_MXC_TPU_SHA_Update(&(info->hash.sha224->mxcCtx), + info->hash.in, info->hash.inSz); + } + /* Sha 256 Final Case */ + if (info->hash.in == NULL && info->hash.digest != NULL) { + MAX3266X_MSG("Final CB"); + return wc_MXC_TPU_SHA_Final(&(info->hash.sha224->mxcCtx), + info->hash.digest, + MXC_TPU_HASH_SHA224); + } + break; /* Break Out and Return Error */ + #endif + #ifndef NO_SHA256 + case WC_HASH_TYPE_SHA256: + MAX3266X_MSG("SHA-256 CB:"); + /* Update Case */ + if (info->hash.in != NULL && info->hash.digest == NULL) { + MAX3266X_MSG("Update CB"); + return wc_MXC_TPU_SHA_Update(&(info->hash.sha256->mxcCtx), + info->hash.in, info->hash.inSz); + } + /* Sha 256 Final Case */ + if (info->hash.in == NULL && info->hash.digest != NULL) { + MAX3266X_MSG("Final CB"); + return wc_MXC_TPU_SHA_Final(&(info->hash.sha256->mxcCtx), + info->hash.digest, + MXC_TPU_HASH_SHA256); + } + break; /* Break Out and Return Error */ + #endif + #ifdef WOLFSSL_SHA384 + case WC_HASH_TYPE_SHA384: + MAX3266X_MSG("SHA-384 CB:"); + /* Update Case */ + if (info->hash.in != NULL && info->hash.digest == NULL) { + MAX3266X_MSG("Update CB"); + return wc_MXC_TPU_SHA_Update(&(info->hash.sha384->mxcCtx), + info->hash.in, info->hash.inSz); + } + /* Sha 384 Final Case */ + if (info->hash.in == NULL && info->hash.digest != NULL) { + MAX3266X_MSG("Final CB"); + return wc_MXC_TPU_SHA_Final(&(info->hash.sha384->mxcCtx), + info->hash.digest, + MXC_TPU_HASH_SHA384); + } + break; /* Break Out and Return Error */ + #endif + #ifdef WOLFSSL_SHA512 + case WC_HASH_TYPE_SHA512: + MAX3266X_MSG("SHA-512 CB:"); + /* Update Case */ + if (info->hash.in != NULL && info->hash.digest == NULL) { + MAX3266X_MSG("Update CB"); + return wc_MXC_TPU_SHA_Update(&(info->hash.sha512->mxcCtx), + info->hash.in, info->hash.inSz); + } + /* Sha 512 Final Case */ + if (info->hash.in == NULL && info->hash.digest != NULL) { + MAX3266X_MSG("Final CB"); + return wc_MXC_TPU_SHA_Final(&(info->hash.sha512->mxcCtx), + info->hash.digest, + MXC_TPU_HASH_SHA512); + } + break; /* Break Out and Return Error */ + #endif + default: + /* Hash type not supported */ + return WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); + } + if (info->hash.inSz == 0) { + return 0; /* Dont need to Update when Size is Zero */ + } + return BAD_FUNC_ARG; +} +#endif /* MAX3266X_SHA_CB */ + /* Determines AES Type for Callback */ /* General Callback Function to determine ALGO Type */ int wc_MxcCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx) @@ -151,10 +257,15 @@ int wc_MxcCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx) switch (info->algo_type) { case WC_ALGO_TYPE_CIPHER: - /* return this to bypass HW and use SW */ - MAX3266X_MSG("Using MXC HW Callback:"); + MAX3266X_MSG("Using MXC AES HW Callback:"); ret = wc_MxcAesCryptoCb(info); /* Determine AES HW or SW */ break; +#ifdef MAX3266X_SHA_CB + case WC_ALGO_TYPE_HASH: + MAX3266X_MSG("Using MXC SHA HW Callback:"); + ret = wc_MxcShaCryptoCb(info); /* Determine SHA HW or SW */ + break; +#endif /* MAX3266X_SHA_CB */ default: MAX3266X_MSG("Callback not support with MXC, using SW"); /* return this to bypass HW and use SW */ @@ -475,7 +586,7 @@ int wc_MxcCb_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) #endif /* HAVE_AES_DECRYPT */ #endif /* MAX3266X_AES */ -#if defined(MAX3266X_SHA) +#if defined(MAX3266X_SHA) || defined(MAX3266X_SHA_CB) int wc_MXC_TPU_SHA_Init(wc_MXC_Sha *hash) { @@ -521,7 +632,7 @@ int wc_MXC_TPU_SHA_Update(wc_MXC_Sha *hash, const unsigned char* data, #endif } if (p == NULL) { - return -1; + return MEMORY_E; } hash->msg = p; hash->size = hash->used+size; @@ -599,7 +710,16 @@ int wc_MXC_TPU_SHA_Copy(wc_MXC_Sha* src, wc_MXC_Sha* dst) } dst->used = src->used; dst->size = src->size; - XMEMCPY(dst->hash, src->hash, sizeof(dst->hash)); + if (dst->msg == src->msg && src->msg != 0) { + /* Allocate new memory for dst->msg if it points to the same location */ + /* as src->msg */ + dst->msg = (unsigned char*)XMALLOC(src->size, NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (dst->msg == NULL) { + return MEMORY_E; /* Handle memory allocation failure */ + } + } + XMEMCPY(dst->msg, src->msg, src->size); return 0; } @@ -659,6 +779,7 @@ int wc_MXC_TPU_SHA_GetDigest(wc_MXC_Sha *hash, unsigned char* digest, return 0; /* False */ } +#ifndef MAX3266X_SHA_CB #if !defined(NO_SHA) WOLFSSL_API int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId) @@ -893,8 +1014,8 @@ WOLFSSL_API void wc_Sha512Free(wc_Sha512* sha512) } #endif /* WOLFSSL_SHA512 */ - -#endif /* MAX3266X_SHA */ +#endif /* !MAX3266X_SHA_CB*/ +#endif /* MAX3266X_SHA || MAX3266X_SHA_CB */ #if defined(MAX3266X_MATH) @@ -995,7 +1116,7 @@ int wc_MXC_MAA_zeroPad(mp_int* multiplier, mp_int* multiplicand, DYNAMIC_TYPE_TMP_BUFFER); if (zero_tmp == NULL) { MAX3266X_MSG("NULL pointer found after XMALLOC call"); - return WC_HW_E; + return MEMORY_E; } XMEMSET(zero_tmp, 0x00, multiplier->size*sizeof(mp_digit)); diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c index 6bbb1c5305..1df5d180c7 100644 --- a/wolfcrypt/src/sha.c +++ b/wolfcrypt/src/sha.c @@ -564,6 +564,13 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId) sha->devCtx = NULL; #endif +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Init(&(sha->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif + #ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW if (sha->ctx.mode != ESP32_SHA_INIT) { /* it may be interesting to see old values during debugging */ @@ -1007,7 +1014,11 @@ if (sha->ctx.mode == ESP32_SHA_HW) { /* we'll always reset state upon exit and return the error code from above, * which may cause fall back to SW if HW is busy. we do not return result * of initSha here */ - (void)InitSha(sha); /* reset state */ + #ifdef WOLF_CRYPTO_CB /* Use to reset state but keep devId info */ + (void)wc_InitSha_ex(sha, sha->heap, sha->devId); + #else + (void)InitSha(sha); /* reset state */ + #endif return ret; } @@ -1057,6 +1068,9 @@ void wc_ShaFree(wc_Sha* sha) #ifdef WOLFSSL_PIC32MZ_HASH wc_ShaPic32Free(sha); #endif +#ifdef MAX3266X_SHA_CB + wc_MXC_TPU_SHA_Free(&(sha->mxcCtx)); +#endif #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH) se050_hash_free(&sha->se050Ctx); #endif @@ -1153,6 +1167,13 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst) esp_sha_ctx_copy(src, dst); #endif +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Copy(&(src->mxcCtx), &(dst->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif + #ifdef WOLFSSL_HASH_FLAGS dst->flags |= WC_HASH_FLAG_ISCOPY; #endif diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index c378d4425e..c738c023aa 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -1096,6 +1096,12 @@ static int InitSha256(wc_Sha256* sha256) sha256->devId = devId; sha256->devCtx = NULL; #endif + #ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Init(&(sha256->mxcCtx)); + if (ret != 0) { + return ret; + } + #endif #ifdef WOLFSSL_SMALL_STACK_CACHE sha256->W = NULL; #endif @@ -1734,7 +1740,11 @@ static int InitSha256(wc_Sha256* sha256) #endif XMEMCPY(hash, sha256->digest, WC_SHA256_DIGEST_SIZE); + #ifdef WOLF_CRYPTO_CB /* Use to reset state but keep devId info */ + return wc_InitSha256_ex(sha256, sha256->heap, sha256->devId); + #else return InitSha256(sha256); /* reset state */ + #endif } #if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) @@ -2232,6 +2242,10 @@ void wc_Sha256Free(wc_Sha256* sha256) } #endif +#ifdef MAX3266X_SHA_CB + wc_MXC_TPU_SHA_Free(&(sha256->mxcCtx)); +#endif + #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256) wolfAsync_DevCtxFree(&sha256->asyncDev, WOLFSSL_ASYNC_MARKER_SHA256); #endif /* WOLFSSL_ASYNC_CRYPT */ @@ -2533,6 +2547,13 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst) wc_MAXQ10XX_Sha256Copy(src); #endif +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Copy(&(src->mxcCtx), &(dst->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif + #ifdef WOLFSSL_SMALL_STACK_CACHE dst->W = NULL; #endif diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index fd9acc1e20..7f3e745c60 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -773,6 +773,12 @@ int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId) sha512->ctx.mode = ESP32_SHA_INIT; #endif +#ifdef MAX3266X_SHA_CB + if (wc_MXC_TPU_SHA_Init(&(sha512->mxcCtx)) != 0){ + return BAD_FUNC_ARG; + } +#endif + return InitSha512_Family(sha512, heap, devId, InitSha512); } @@ -1454,6 +1460,10 @@ void wc_Sha512Free(wc_Sha512* sha512) } #endif +#ifdef MAX3266X_SHA_CB + wc_MXC_TPU_SHA_Free(&(sha512->mxcCtx)); +#endif + #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512) wolfAsync_DevCtxFree(&sha512->asyncDev, WOLFSSL_ASYNC_MARKER_SHA512); #endif /* WOLFSSL_ASYNC_CRYPT */ @@ -1759,6 +1769,13 @@ int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId) sha384->ctx.mode = ESP32_SHA_INIT; #endif +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Init(&(sha384->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif + ret = InitSha384(sha384); if (ret != 0) { return ret; @@ -1837,6 +1854,10 @@ void wc_Sha384Free(wc_Sha384* sha384) } #endif +#ifdef MAX3266X_SHA_CB + wc_MXC_TPU_SHA_Free(&(sha384->mxcCtx)); +#endif + ForceZero(sha384, sizeof(*sha384)); } @@ -1958,6 +1979,13 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst) } #endif +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Copy(&(src->mxcCtx), &(dst->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif + return ret; } @@ -2247,6 +2275,13 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst) } #endif +#ifdef MAX3266X_SHA_CB + ret = wc_MXC_TPU_SHA_Copy(&(src->mxcCtx), &(dst->mxcCtx)); + if (ret != 0) { + return ret; + } +#endif + return ret; } diff --git a/wolfssl/wolfcrypt/port/maxim/max3266x-cryptocb.h b/wolfssl/wolfcrypt/port/maxim/max3266x-cryptocb.h index 371af11ed0..550278375b 100644 --- a/wolfssl/wolfcrypt/port/maxim/max3266x-cryptocb.h +++ b/wolfssl/wolfcrypt/port/maxim/max3266x-cryptocb.h @@ -24,7 +24,6 @@ #if (defined(WOLFSSL_MAX3266X) || defined(WOLFSSL_MAX3266X_OLD)) && \ defined(WOLF_CRYPTO_CB) - #ifndef WOLFSSL_MAX3266X_DEVID #define WOLFSSL_MAX3266X_DEVID 9 #endif @@ -62,6 +61,13 @@ #endif #endif /* HAVE_AES_DECRYPT */ + + WOLFSSL_LOCAL int wc_MXC_Sha256Update(wc_MXC_Sha* sha256, + const unsigned char* data, + unsigned int len); + WOLFSSL_LOCAL int wc_MXC_Sha256Final(wc_MXC_Sha* sha256, + unsigned char* hash); + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/wolfcrypt/port/maxim/max3266x.h b/wolfssl/wolfcrypt/port/maxim/max3266x.h index 39c79b9c08..40f05f6344 100644 --- a/wolfssl/wolfcrypt/port/maxim/max3266x.h +++ b/wolfssl/wolfcrypt/port/maxim/max3266x.h @@ -30,20 +30,31 @@ #if defined(WOLFSSL_MAX3266X) || defined(WOLFSSL_MAX3266X_OLD) +/* Some extra conditions when using callbacks */ +#if defined(WOLF_CRYPTO_CB) + #define MAX3266X_CB + #ifdef MAX3266X_MATH + #error Cannot have MAX3266X_MATH and MAX3266X_CB + #endif + #ifdef MAX3266X_SHA + #undef MAX3266X_SHA /* Turn Off Normal Sha Definition */ + #define MAX3266X_SHA_CB /* Turn On Callback for SHA */ + #endif +#endif + /* Default to all HW acceleration on unless specified in user_settings */ #if !defined(MAX3266X_RNG) && !defined(MAX3266X_AES) && \ !defined(MAX3266X_AESGCM) && !defined(MAX3266X_SHA) && \ !defined(MAX3266X_MATH) #define MAX3266X_RNG #define MAX3266X_AES - #define MAX3266X_SHA - #define MAX3266X_ECDSA - #define MAX3266X_MATH -#endif - -/* Some extra conditions when using callbacks */ -#if defined(WOLF_CRYPTO_CB) - #define MAX3266X_CB + #ifndef MAX3266X_CB + #define MAX3266X_SHA /* SHA is Supported, but need new definitions */ + #define MAX3266X_MATH /* MATH is not supported with callbacks */ + #endif + #ifdef MAX3266X_CB + #define MAX3266X_SHA_CB /* Turn on Callback for SHA */ + #endif #endif /* Crypto HW can be used in parallel on this device */ @@ -141,7 +152,7 @@ #include "trng.h" /* Provides Drivers for TRNG */ #endif #if defined(MAX3266X_AES) || defined(MAX3266X_SHA) || \ - defined(MAX3266X_ECDSA) || defined(MAX3266X_RSA) || \ + defined(MAX3266X_MATH) || defined(MAX3266X_RSA) || \ defined(MAX3266X_RNG) #include "tpu.h" /* SDK Drivers for the TPU unit */ /* Handles AES, SHA, and */ @@ -223,25 +234,22 @@ #endif /* HAVE_AES_DECRYPT */ #endif /* MAX3266X_AES */ -#ifdef MAX3266X_SHA +#if defined(MAX3266X_SHA) || defined(MAX3266X_SHA_CB) typedef struct { unsigned char *msg; unsigned int used; unsigned int size; - unsigned char hash[WOLFSSL_MAX_HASH_SIZE]; - #ifdef WOLF_CRYPTO_CB - int devId; - void* devCtx; /* generic crypto callback context */ - #endif #ifdef WOLFSSL_HASH_FLAGS unsigned int flags; /* enum wc_HashFlags in hash.h */ #endif } wc_MXC_Sha; #if !defined(NO_SHA) + #ifndef MAX3266X_SHA_CB typedef wc_MXC_Sha wc_Sha; #define WC_SHA_TYPE_DEFINED + #endif /* !MAX3266X_SHA_CB */ /* Define the SHA digest for an empty string */ /* as a constant byte array */ @@ -252,8 +260,10 @@ #endif /* NO_SHA */ #if defined(WOLFSSL_SHA224) + #ifndef MAX3266X_SHA_CB typedef wc_MXC_Sha wc_Sha224; #define WC_SHA224_TYPE_DEFINED + #endif /* !MAX3266X_SHA_CB */ /* Define the SHA-224 digest for an empty string */ /* as a constant byte array */ @@ -265,8 +275,10 @@ #endif /* WOLFSSL_SHA224 */ #if !defined(NO_SHA256) + #ifndef MAX3266X_SHA_CB typedef wc_MXC_Sha wc_Sha256; #define WC_SHA256_TYPE_DEFINED + #endif /* !MAX3266X_SHA_CB */ /* Define the SHA-256 digest for an empty string */ /* as a constant byte array */ @@ -278,8 +290,10 @@ #endif /* NO_SHA256 */ #if defined(WOLFSSL_SHA384) + #ifndef MAX3266X_SHA_CB typedef wc_MXC_Sha wc_Sha384; #define WC_SHA384_TYPE_DEFINED + #endif /* !MAX3266X_SHA_CB */ /* Define the SHA-384 digest for an empty string */ /* as a constant byte array */ @@ -293,10 +307,12 @@ #endif /* WOLFSSL_SHA384 */ #if defined(WOLFSSL_SHA512) + #ifndef MAX3266X_SHA_CB typedef wc_MXC_Sha wc_Sha512; typedef wc_MXC_Sha wc_Sha512_224; typedef wc_MXC_Sha wc_Sha512_256; #define WC_SHA512_TYPE_DEFINED + #endif /* !MAX3266X_SHA_CB */ /* Does not support these SHA512 Macros */ #ifndef WOLFSSL_NOSHA512_224 @@ -339,7 +355,7 @@ MXC_TPU_HASH_TYPE algo); -#endif +#endif /* defined(MAX3266X_SHA) && !defined(WOLF_CRYPTO_CB) */ #if defined(MAX3266X_MATH) #define WOLFSSL_USE_HW_MP diff --git a/wolfssl/wolfcrypt/sha.h b/wolfssl/wolfcrypt/sha.h index 0e05823022..dd9d8b90ac 100644 --- a/wolfssl/wolfcrypt/sha.h +++ b/wolfssl/wolfcrypt/sha.h @@ -163,6 +163,9 @@ struct wc_Sha { int devId; void* devCtx; /* generic crypto callback context */ #endif +#ifdef MAX3266X_SHA_CB + wc_MXC_Sha mxcCtx; +#endif #ifdef WOLFSSL_IMXRT1170_CAAM caam_hash_ctx_t ctx; caam_handle_t hndl; diff --git a/wolfssl/wolfcrypt/sha256.h b/wolfssl/wolfcrypt/sha256.h index 311bb31273..c435cf061c 100644 --- a/wolfssl/wolfcrypt/sha256.h +++ b/wolfssl/wolfcrypt/sha256.h @@ -213,6 +213,9 @@ struct wc_Sha256 { #ifdef WOLFSSL_DEVCRYPTO_HASH WC_CRYPTODEV ctx; #endif +#ifdef MAX3266X_SHA_CB + wc_MXC_Sha mxcCtx; +#endif #if defined(WOLFSSL_DEVCRYPTO_HASH) || defined(WOLFSSL_HASH_KEEP) byte* msg; word32 used; diff --git a/wolfssl/wolfcrypt/sha512.h b/wolfssl/wolfcrypt/sha512.h index 307c987fce..9bcebdc62a 100644 --- a/wolfssl/wolfcrypt/sha512.h +++ b/wolfssl/wolfcrypt/sha512.h @@ -188,6 +188,9 @@ struct wc_Sha512 { int devId; void* devCtx; /* generic crypto callback context */ #endif +#ifdef MAX3266X_SHA_CB + wc_MXC_Sha mxcCtx; +#endif #ifdef WOLFSSL_HASH_FLAGS word32 flags; /* enum wc_HashFlags in hash.h */ #endif