Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Renesas RX TSIP ECDSA support #7685

Merged
merged 12 commits into from
Jul 19, 2024
Merged

Renesas RX TSIP ECDSA support #7685

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
7b029d3
Fixes for building `WOLFSSL_RENESAS_TSIP_CRYPTONLY` and `NO_WOLFSSL_R…
dgarske Jun 24, 2024
e81e188
Support for Renesas RX TSIP with ECDSA and Crypto Callbacks.
dgarske Jun 25, 2024
73a1938
Added Renesas RX TSIP ECDSA Verify Crypto callback.
dgarske Jun 26, 2024
7ad0248
Fix for RX TSIP ECDSA Verify hash padding/truncation. Fix to set ECDS…
dgarske Jul 1, 2024
4ae277d
Fixes for building RX TSIP with e2Studio project. Fixed tsip_Tls13Gen…
dgarske Jul 5, 2024
2d0353b
updae ecc key and signed cert
miyazakh Jul 9, 2024
a5c2290
Update key data and set private key for client authentification
miyazakh Jul 10, 2024
41cf8c0
Fix compiler issues with unused variable and printf.
dgarske Jul 10, 2024
2b4acf5
Revert built-in `wc_GenerateSeed` support for RX TSIP removed in #6851.
dgarske Jul 15, 2024
bbd8fdf
Cleanup Renesas RX default devId and improve logic for overflow check.
dgarske Jul 17, 2024
945a24e
fix compile error
miyazakh Jul 18, 2024
4eab0f1
Fix hard coded values in TSIP ECC verify. Fix issues with tab indenta…
dgarske Jul 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@

#include <wolfssl/wolfcrypt/wc_port.h>

#define YEAR 2023
#define MON 5
#define YEAR 2024
#define MON 7

static int tick = 0;

Expand Down
105 changes: 78 additions & 27 deletions IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
/* simpel_tls_tsip_client.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
Expand Down Expand Up @@ -31,7 +31,7 @@
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
#endif

#define SIMPLE_TLSSEVER_IP "192.168.11.9"
#define SIMPLE_TLSSEVER_IP "192.168.11.5"
#define SIMPLE_TLSSERVER_PORT "11111"

ER t4_tcp_callback(ID cepid, FN fncd , VP p_parblk);
Expand Down Expand Up @@ -198,7 +198,7 @@ void wolfSSL_TLS_client( )
{
ID cepid = 1;
ER ercd;
int ret;
int ret = 0;
WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)client_ctx;
WOLFSSL *ssl = NULL;

Expand Down Expand Up @@ -231,44 +231,95 @@ void wolfSSL_TLS_client( )
}

#ifdef SIMPLE_TLS_TSIP_CLIENT
tsip_set_callback_ctx(ssl, &userContext);
ret = tsip_set_callback_ctx(ssl, &userContext);
#endif

/* set client private key data */
#if defined(WOLFSSL_TLS13) && defined(SIMPLE_TLS_TSIP_CLIENT)
#if defined(USE_ECC_CERT)
if (tsip_use_PrivateKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_ecc256_private_key,
#ifdef USE_ECC_CERT

#ifdef WOLFSSL_RENESAS_TSIP_TLS

/* TSIP specific ECC private key */
if (ret == 0){
ret = tsip_use_PrivateKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_ecc256_private_key,
sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
TSIP_ECCP256) != 0) {
printf("ERROR: can't load client-private key\n");
return;
TSIP_ECCP256);
if (ret != 0) {
printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
}
}
# if defined(WOLFSSL_CHECK_SIG_FAULTS)
if (ret == 0){
ret = tsip_use_PublicKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_ecc256_public_key,
sizeof(g_key_block_data.encrypted_user_ecc256_public_key),
TSIP_ECCP256);
if (ret != 0) {
printf("ERROR tsip_use_PublicKey_buffer_TLS\n");
}
}
#endif /* WOLFSSL_CHECK_SIG_FAULTS */

#else
if (tsip_use_PrivateKey_buffer_TLS(ssl,

/* DER format ECC private key */
if (ret == 0) {
err = wolfSSL_use_PrivateKey_buffer(ssl,
ecc_clikey_der_256,
sizeof_ecc_clikey_der_256,
WOLFSSL_FILETYPE_ASN1);
if (err != SSL_SUCCESS) {
printf("ERROR wolfSSL_use_PrivateKey_buffer: %d\n",
wolfSSL_get_error(ssl, 0));
ret = -1;
}
}

#endif /* WOLFSSL_RENESAS_TSIP_TLS */

#else

#if defined(WOLFSSL_RENESAS_TSIP_TLS)

/* Note: TSIP asks RSA client key pair for client authentication. */

/* TSIP specific RSA private key */
if (ret == 0) {
ret = tsip_use_PrivateKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
TSIP_RSA2048) != 0) {
printf("ERROR: can't load client-private key\n");
return;
TSIP_RSA2048);
if (ret != 0) {
printf("ERROR tsip_use_PrivateKey_buffer_TLS :%d\n", ret);
}
}
if (ret == 0) {
ret = tsip_use_PublicKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_rsa2048_public_key,
sizeof(g_key_block_data.encrypted_user_rsa2048_public_key), TSIP_RSA2048);
sizeof(g_key_block_data.encrypted_user_rsa2048_public_key),
TSIP_RSA2048);
if (ret != 0) {
printf("ERROR tsip_use_PublicKey_buffer: %d\n", ret);
return;
printf("ERROR tsip_use_PublicKey_buffer_TLS: %d\n", ret);
}
#endif
#else
if (wolfSSL_use_PrivateKey_buffer(ssl,
ecc_clikey_der_256,
sizeof_ecc_clikey_der_256,
SSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
printf("ERROR: can't load private-key data.\n");
return;
}
#endif /* WOLFSSL_TLS13 */

#else

if (ret == 0) {
err = wolfSSL_use_PrivateKey_buffer(ssl, client_key_der_2048,
sizeof_client_key_der_2048, WOLFSSL_FILETYPE_ASN1);

if (err != SSL_SUCCESS) {
printf("ERROR wolfSSL_use_PrivateKey_buffer: %d\n",
wolfSSL_get_error(ssl, 0));
ret = -1;
}
}

#endif /* WOLFSSL_RENESAS_TSIP_TLS */

#endif /* USE_ECC_CERT */

/* set callback context */
wolfSSL_SetIOReadCtx(ssl, (void *)&cepid);
Expand Down
Loading