snow/wolfssl-w32
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
wolfssl-w32/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h

863 lines
32 KiB
C
Raw Permalink Normal View History

Import from wolfssl-5.6.6 Upstream: https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable
2024-03-02 03:59:08 +00:00
/* esp32-crypt.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef __ESP32_CRYPT_H__
#define __ESP32_CRYPT_H__
/* WOLFSSL_USER_SETTINGS must be defined, typically in the CMakeLists.txt:
*
* set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS") */
#include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
#ifndef WOLFSSL_USER_SETTINGS
#error "WOLFSSL_USER_SETTINGS must be defined for Espressif targts"
#endif
#include "sdkconfig.h" /* ensure ESP-IDF settings are available everywhere */
/* wolfSSL */
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/types.h> /* for MATH_INT_T */
/* Espressif */
#include <esp_idf_version.h>
#include <esp_types.h>
#include <esp_log.h>
/* exit codes to be used in tfm.c, sp_int.c, integer.c, etc.
*
* see wolfssl/wolfcrypt/error-crypt.h
*
* WC_HW_E - generic hardware failure. Consider falling back to SW.
* WC_HW_WAIT_E - waited too long for HW, fall back to SW
*/
/* Exit codes only used in Espressif port: */
enum {
ESP_MP_HW_FALLBACK = (WC_LAST_E - 2),
ESP_MP_HW_VALIDATION_ACTIVE = (WC_LAST_E - 3)
};
/* MP_HW_FALLBACK: signal to caller to fall back to SW for math:
* algorithm not supported in SW
* known state needing only SW, (e.g. ctx copy)
* any other reason to force SW (was -108)*/
#define MP_HW_FALLBACK ESP_MP_HW_FALLBACK
/* MP_HW_VALIDATION_ACTIVE this is informative only:
* typically also means "MP_HW_FALLBACK": fall back to SW.
* optional HW validation active, so compute in SW to compare.
* fall back to SW, typically only used during debugging. (was -109)
*/
#define MP_HW_VALIDATION_ACTIVE ESP_MP_HW_VALIDATION_ACTIVE
/*
*******************************************************************************
*******************************************************************************
** Global Settings:
**
** Settings that start with "CONFIG_" are typically defined in sdkconfig.h
**
** Primary Settings:
**
** WC_NO_HARDEN
** Disables some timing resistance / side-channel attack prevention.
**
** NO_ESPIDF_DEFAULT
** When defined, disables some default definitions. See wolfcrypt/settings.h
**
** NO_ESP32_CRYPT
** When defined, disables all hardware acceleration on the ESP32
**
** NO_WOLFSSL_ESP32_CRYPT_HASH
** Used to disabled only hash hardware, all algorithms: SHA2, etc.
**
** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
** When defined, disables only SHA hardware acceleration, uses SW.
**
** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
** When defined, disables only SHA-224 hardware acceleration, uses SW.
**
** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
** When defined, disables only SHA-384 hardware acceleration, uses SW.
**
** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
** When defined, disables only SHA-256 hardware acceleration, uses SW.
**
** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
** When defined, disables only SHA-512 hardware acceleration, uses SW.
**
** WOLFSSL_NOSHA512_224
** Define to disable SHA-512/224
**
** WOLFSSL_NOSHA512_256
** Define to disable SHA-512/512
**
** WOLFSSL_ESP32_CRYPT_RSA_PRI
** Defined in wolfSSL settings.h: this turns on or off esp32_mp math library.
** Unless turned off, this is enabled by default for the ESP32
**
** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
** Turns off hardware acceleration esp_mp_mul()
**
** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
** Turns off hardware acceleration esp_mp_exptmod()
**
** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
** Turns off hardware acceleration esp_mp_mulmod()
**
** NO_WOLFSSL_ESP32_CRYPT_AES
** Used to disable only AES hardware algorithms. Software used instead.
**
*******************************************************************************
** Math library settings: TFM
*******************************************************************************
** Listed in increasing order of complexity:
**
** WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
** When defined, use hardware acceleration esp_mp_mul()
** for Large Number Multiplication: Z = X * Y
** Currently defined by default in tfm.c, see above to disable.
**
** WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
** When defined, use hardware acceleration esp_mp_exptmod()
** for Large Number Modular Exponentiation Z = X^Y mod M
** Currently defined by default in tfm.c, see above to disable.
**
** WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
** When defined, use hardware acceleration esp_mp_mulmod()
** for Large Number Modular Multiplication: Z = X * Y mod M
** Currently defined by default in tfm.c, see above to disable.
**
**
*******************************************************************************
** Optional Settings:
*******************************************************************************
**
** WOLFSSL_HW_METRICS
** Enables metric counters for calls to HW, success, fall back, oddities.
**
** WOLFSSL_HAS_METRICS
** Indicates that we actually have metrics to show. Useful for old wolfSSL
** libraries tested with newer examples, or when all HW turned off.
**
** DEBUG_WOLFSSL
** Turns on development testing. Validates HW accelerated results to software
** - Automatically turns on WOLFSSL_HW_METRICS
**
** DEBUG_WOLFSSL_SHA_MUTEX
** Turns on diagnostic messages for SHA mutex. Note that given verbosity,
** there may be TLS timing issues encountered. Use with caution.
**
** LOG_LOCAL_LEVEL
** Debugging. Default value is ESP_LOG_DEBUG
**
** ESP_VERIFY_MEMBLOCK
** Used to re-read data from registers in esp32_mp & verify written contents
** actually match the source data.
**
** WOLFSSL_ESP32_CRYPT_DEBUG
** When defined, enables hardware cryptography debugging.
**
** WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
** Shows a warning when mulm falls back for minimum number of bits.
**
** NO_HW_MATH_TEST
** Even if HW is enabled, do not run HW math tests. See HW_MATH_ENABLED.
**
** NO_ESP_MP_MUL_EVEN_ALT_CALC
** Used during Z = X × Y mod M
** By default, even moduli use a two step HW esp_mp_mul with SW mp_mod.
** Enable this to instead fall back to pure software mp_mulmod.
**
** NO_RECOVER_SOFTWARE_CALC
** When defined, will NOT recover software calculation result when not
** matched with hardware. Useful only during development. Needs DEBUG_WOLFSSL
**
** ESP_PROHIBIT_SMALL_X
** When set to 1 X operands less than 8 bits will fall back to SW.
**
** ESP_NO_ERRATA_MITIGATION
** Disable all errata mitigation code.
**
** USE_ESP_DPORT_ACCESS_READ_BUFFER
** Sets ESP_NO_ERRATA_MITIGATION and uses esp_dport_access_read_buffer()
**
** ESP_MONITOR_HW_TASK_LOCK
** Although wolfSSL is in general not fully thread safe, this option
** enables some features that can be useful in a multi-threaded environment.
**
*******************************************************************************
** Settings used from <esp_idf_version.h>
** see .\esp-idf\v[N]\components\esp_common\include
*******************************************************************************
**
** ESP_IDF_VERSION_MAJOR
** Espressif ESP-IDF Version (e.g. 4, 5)
**
*******************************************************************************
** Settings used from ESP-IDF (sdkconfig.h)
*******************************************************************************
**
** CONFIG_IDF_TARGET_[SoC]
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32C2
** CONFIG_IDF_TARGET_ESP32C3
** CONFIG_IDF_TARGET_ESP32C6
** CONFIG_IDF_TARGET_ESP32S2
** CONFIG_IDF_TARGET_ESP32S3
** CONFIG_IDF_TARGET_ESP32H2
**
]*******************************************************************************
** Informative settings. Not meant to be edited:
*******************************************************************************
**
** HW_MATH_ENABLED
** Used to detect if any hardware math acceleration algorithms are used.
** This is typically only used to flag wolfCrypt tests to run HW tests.
** See NO_HW_MATH_TEST.
**
*******************************************************************************
*/
#ifdef WOLFSSL_ESP32_CRYPT_DEBUG
#undef LOG_LOCAL_LEVEL
#define LOG_LOCAL_LEVEL ESP_LOG_DEBUG
#else
#undef LOG_LOCAL_LEVEL
#define LOG_LOCAL_LEVEL CONFIG_LOG_DEFAULT_LEVEL
#endif
#include <freertos/FreeRTOS.h>
#if defined(CONFIG_IDF_TARGET_ESP32)
/* there's no SHA-224 HW on the ESP32 */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
#include "soc/dport_reg.h"
#include <soc/hwcrypto_reg.h>
#if ESP_IDF_VERSION_MAJOR < 5
#include <soc/cpu.h>
#endif
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include <esp_private/periph_ctrl.h>
#else
#include <driver/periph_ctrl.h>
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
#include <esp32/rom/ets_sys.h>
#else
#include <rom/ets_sys.h>
#endif
#define ESP_PROHIBIT_SMALL_X FALSE
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
* to both ESP32-C2 and ESP8684.
*
* Note there is not currently an expected CONFIG_IDF_TARGET_ESP8684.
* The ESP8684 is detected with CONFIG_IDF_TARGET_ESP32C2.
* The macro is included for clarity, and possible future rename. */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
#define NO_WOLFSSL_ESP32_CRYPT_AES /* No AES HW */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI /* No RSA HW*/
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL /* No RSA, so no mp_mul */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD /* No RSA, so no mp_mulmod */
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD /* No RSA, no mp_exptmod */
#include <soc/dport_access.h>
#include <soc/hwcrypto_reg.h>
#if ESP_IDF_VERSION_MAJOR < 5
#include <soc/cpu.h>
#endif
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include <esp_private/periph_ctrl.h>
#else
#include <driver/periph_ctrl.h>
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
/* #include <esp32/rom/ets_sys.h> */
#else
#include <rom/ets_sys.h>
#endif
/* If for some reason there's a desire to disable specific HW on the C2: */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there is SHA HW on C2 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there is SHA224 HW on C2 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there is SHA256 HW on C2 */
/* Code will fall back to SW with warning if these are removed:
* Note there is no SHA384/SHA512 HW on ESP32-C3 */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
/***** END CONFIG_IDF_TARGET_ESP32C2 aka CONFIG_IDF_TARGET_ESP8684 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#include <soc/dport_access.h>
#include <soc/hwcrypto_reg.h>
#if ESP_IDF_VERSION_MAJOR < 5
#include <soc/cpu.h>
#endif
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include <esp_private/periph_ctrl.h>
#else
#include <driver/periph_ctrl.h>
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
/* #include <esp32/rom/ets_sys.h> */
#else
#include <rom/ets_sys.h>
#endif
/* If for some reason there's a desire to disable specific HW on the C3: */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there is SHA HW on C3 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there is SHA224 HW on C3 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there is SHA256 HW on C3 */
/* Code will fall back to SW with warning if these are removed:
* Note there is no SHA384/SHA512 HW on ESP32-C3 */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
#include <soc/dport_access.h>
#include <soc/hwcrypto_reg.h>
#if ESP_IDF_VERSION_MAJOR < 5
#include <soc/cpu.h>
#endif
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include <esp_private/periph_ctrl.h>
#else
#include <driver/periph_ctrl.h>
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
/* #include <esp32/rom/ets_sys.h> */
#else
#include <rom/ets_sys.h>
#endif
/* If for some reason there's a desire to disable specific SHA HW on the C6: */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there *is* SHA HW on C6 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there *is* SHA224 HW on C6 */
/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there *is* SHA225 HW on C6 */
/* Code will fall back to SW with warning if these are removed:
* note there is no SHA384/SHA512 HW on C6 */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
#include "soc/dport_reg.h"
#include <soc/hwcrypto_reg.h>
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include <esp_private/periph_ctrl.h>
#else
#include <driver/periph_ctrl.h>
#endif
#define ESP_PROHIBIT_SMALL_X 0
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
#include "soc/dport_reg.h"
#include <soc/hwcrypto_reg.h>
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include <esp_private/periph_ctrl.h>
#else
#include <driver/periph_ctrl.h>
#endif
#define ESP_PROHIBIT_SMALL_X 0
#else
/* not yet supported. no HW */
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
#undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
/***** END CONFIG_IDF_TARGET_[x] config unknown *****/
#endif /* CONFIG_IDF_TARGET target check */
#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL) && \
defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD) && \
defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
#warning "MP_MUL, MULMOD, EXPTMOD all turned off. " && \
"Define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI to disable all math HW"
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif
#endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
#if defined(USE_ESP_DPORT_ACCESS_READ_BUFFER)
#define ESP_NO_ERRATA_MITIGATION
#endif
#ifdef SINGLE_THREADED
#undef ESP_MONITOR_HW_TASK_LOCK
#else
/* Unless explicitly disabled, monitor task lock when not single thread. */
#ifndef ESP_DISABLE_HW_TASK_LOCK
#define ESP_MONITOR_HW_TASK_LOCK
#endif
#endif
#ifdef __cplusplus
extern "C"
{
#endif
/*
******************************************************************************
** Some common esp utilities
******************************************************************************
*/
WOLFSSL_LOCAL int esp_ShowExtendedSystemInfo(void);
/* Compare MATH_INT_T A to MATH_INT_T B
* During debug, the strings name_A and name_B can help
* identify variable name. */
WOLFSSL_LOCAL int esp_mp_cmp(char* name_A, MATH_INT_T* A,
char* name_B, MATH_INT_T* B);
/* Show MATH_INT_T value attributes. */
WOLFSSL_LOCAL int esp_show_mp_attributes(char* c, MATH_INT_T* X);
/* Show MATH_INT_T value.
*
* Calls esp_show_mp_attributes().
*
* During debug, the string name_A can help
* identify variable name. */
WOLFSSL_LOCAL int esp_show_mp(char* name_X, MATH_INT_T* X);
/* To use a Mutex, it must first be initialized. */
WOLFSSL_LOCAL int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex);
/* Take the mutex to indicate the HW is in use. Wait up to [block_time].
* When the HW in use the mutex will be locked. */
WOLFSSL_LOCAL int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex,
TickType_t block_time);
/* Release the mutex to indicate the HW is no longer in use. */
WOLFSSL_LOCAL int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
/* Validation active check. When active, we'll fall back to SW. */
WOLFSSL_LOCAL int esp_hw_validation_active(void);
/*
*******************************************************************************
** AES features:
*******************************************************************************
*/
#ifndef NO_AES
#if ESP_IDF_VERSION_MAJOR >= 4
#include "esp32/rom/aes.h"
#else
#include "rom/aes.h"
#endif
typedef enum tagES32_AES_PROCESS /* TODO what's this ? */
{
ESP32_AES_LOCKHW = 1,
ESP32_AES_UPDATEKEY_ENCRYPT = 2,
ESP32_AES_UPDATEKEY_DECRYPT = 3,
ESP32_AES_UNLOCKHW = 4
} ESP32_AESPROCESS;
struct Aes; /* see aes.h */
#if defined(WOLFSSL_HW_METRICS)
WOLFSSL_LOCAL int esp_hw_show_aes_metrics(void);
WOLFSSL_LOCAL int wc_esp32AesUnupportedLengthCountAdd(void);
#endif
WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLenValue(int keylen);
WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLen(struct Aes* aes);
WOLFSSL_LOCAL int wc_esp32AesCbcEncrypt(struct Aes* aes,
byte* out,
const byte* in,
word32 sz);
WOLFSSL_LOCAL int wc_esp32AesCbcDecrypt(struct Aes* aes,
byte* out,
const byte* in,
word32 sz);
WOLFSSL_LOCAL int wc_esp32AesEncrypt( struct Aes* aes,
const byte* in,
byte* out);
WOLFSSL_LOCAL int wc_esp32AesDecrypt( struct Aes* aes,
const byte* in,
byte* out);
#endif /* ! NO_AES */
#ifdef WOLFSSL_ESP32_CRYPT_DEBUG
void wc_esp32TimerStart(void);
uint64_t wc_esp32elapsedTime(void);
#endif /* WOLFSSL_ESP32_CRYPT_DEBUG */
/*
*******************************************************************************
** Cryptographic hash algorithms (e.g. SHA[x]):
*******************************************************************************
*/
#if !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
(!defined(NO_SHA) || !defined(NO_SHA256) || \
defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) \
)
#define SHA_CTX ETS_SHAContext
#if ESP_IDF_VERSION_MAJOR >= 4
#if defined(CONFIG_IDF_TARGET_ESP32)
#include "esp32/rom/sha.h"
#define WC_ESP_SHA_TYPE enum SHA_TYPE
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
#include "esp32c2/rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#include "esp32c3/rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
#include "esp32c6/rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
#include "esp32h2/rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
#include "esp32s2/rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
#include "esp32s3/rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
#else
#include "rom/sha.h"
#define WC_ESP_SHA_TYPE SHA_TYPE
#endif
#else
#include "rom/sha.h"
#endif
#undef SHA_CTX
typedef enum
{
ESP32_SHA_INIT = 0,
ESP32_SHA_HW = 1,
ESP32_SHA_SW = 2,
ESP32_SHA_HW_COPY = 3,
ESP32_SHA_FREED = 4,
ESP32_SHA_FAIL_NEED_UNROLL = -1
} ESP32_MODE;
typedef struct
{
/* pointer to object the initialized HW; to track copies */
void* initializer;
#ifndef SINGLE_THREADED
void* task_owner;
#endif
/* an ESP32_MODE value; typically:
** 0 init,
** 1 HW,
** 2 SW */
ESP32_MODE mode;
/* see esp_rom/include/esp32/rom/sha.h
**
** the Espressif type: SHA1, SHA256, etc.
*/
WC_ESP_SHA_TYPE sha_type;
/* we'll keep track of our own locks.
** actual enable/disable only occurs for ref_counts[periph] == 0
**
** see ref_counts[periph] in periph_ctrl.c */
byte lockDepth : 7; /* 7 bits for a small number, pack with below. */
/* 0 (false) this is NOT first block.
** 1 (true ) this is first block. */
byte isfirstblock : 1; /* 1 bit only for true / false */
} WC_ESP32SHA;
WOLFSSL_LOCAL int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_init(WC_ESP32SHA* ctx,
enum wc_HashType hash_type);
WOLFSSL_LOCAL int esp_sha_init_ctx(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_try_hw_lock(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_hw_unlock(WC_ESP32SHA* ctx);
/* esp_sha_hw_islocked: returns 0 if not locked, otherwise owner address */
WOLFSSL_LOCAL int esp_sha_hw_islocked(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_call_count();
WOLFSSL_LOCAL int esp_sha_lock_count();
WOLFSSL_LOCAL int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx);
WOLFSSL_LOCAL int esp_sha_set_stray(WC_ESP32SHA* ctx);
struct wc_Sha;
WOLFSSL_LOCAL int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst);
WOLFSSL_LOCAL int esp_sha_digest_process(struct wc_Sha* sha,
byte blockprocess);
WOLFSSL_LOCAL int esp_sha_process(struct wc_Sha* sha, const byte* data);
#ifdef WOLFSSL_DEBUG_MUTEX
/* testing HW release in task that did not lock */
extern WC_ESP32SHA* stray_ctx;
#endif
#ifndef NO_SHA256
struct wc_Sha256;
WOLFSSL_LOCAL int esp_sha224_ctx_copy(struct wc_Sha256* src,
struct wc_Sha256* dst);
WOLFSSL_LOCAL int esp_sha256_ctx_copy(struct wc_Sha256* src,
struct wc_Sha256* dst);
WOLFSSL_LOCAL int esp_sha256_digest_process(struct wc_Sha256* sha,
byte blockprocess);
WOLFSSL_LOCAL int esp_sha256_process(struct wc_Sha256* sha,
const byte* data);
WOLFSSL_LOCAL int esp32_Transform_Sha256_demo(struct wc_Sha256* sha256,
const byte* data);
#endif
#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
struct wc_Sha512;
WOLFSSL_LOCAL int esp_sha384_ctx_copy(struct wc_Sha512* src,
struct wc_Sha512* dst);
WOLFSSL_LOCAL int esp_sha512_ctx_copy(struct wc_Sha512* src,
struct wc_Sha512* dst);
WOLFSSL_LOCAL int esp_sha512_process(struct wc_Sha512* sha);
WOLFSSL_LOCAL int esp_sha512_digest_process(struct wc_Sha512* sha,
byte blockproc);
#endif
#endif /* NO_SHA && etc */
/*
*******************************************************************************
** RSA Big Math
*******************************************************************************
*/
#if !defined(NO_RSA) || defined(HAVE_ECC)
#if !defined(ESP_RSA_TIMEOUT_CNT)
#define ESP_RSA_TIMEOUT_CNT 0x249F00
#endif
#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
/*
* The parameter names in the Espressif implementation are arbitrary.
*
* The wolfSSL names come from DH: Y=G^x mod M (see wolfcrypt/tfm.h)
*
* G=base, X is the private exponent, Y is the public value w
**/
/* Z = (X ^ Y) mod M : Espressif generic notation */
/* Y = (G ^ X) mod P : wolfSSL DH reference notation */
WOLFSSL_LOCAL int esp_mp_exptmod(MATH_INT_T* X, /* G */
MATH_INT_T* Y, /* X */
MATH_INT_T* M, /* P */
MATH_INT_T* Z); /* Y */
/* HW_MATH_ENABLED is typically used in wolfcrypt tests */
#undef HW_MATH_ENABLED
#define HW_MATH_ENABLED
#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
/* Z = X * Y */
WOLFSSL_LOCAL int esp_mp_mul(MATH_INT_T* X,
MATH_INT_T* Y,
MATH_INT_T* Z);
/* HW_MATH_ENABLED is typically used in wolfcrypt tests */
#undef HW_MATH_ENABLED
#define HW_MATH_ENABLED
#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
/* Z = X * Y (mod M) */
WOLFSSL_LOCAL int esp_mp_mulmod(MATH_INT_T* X,
MATH_INT_T* Y,
MATH_INT_T* M,
MATH_INT_T* Z);
/* HW_MATH_ENABLED is typically used in wolfcrypt tests */
#undef HW_MATH_ENABLED
#define HW_MATH_ENABLED
#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#endif /* !NO_RSA || HAVE_ECC*/
/* Optionally enable some metrics to count interesting usage */
/*
*******************************************************************************
** Usage metrics
*******************************************************************************
*/
#ifdef WOLFSSL_HW_METRICS
#define WOLFSSL_HAS_METRICS
/* Allow sha256 code to keep track of SW fallback during active HW */
WOLFSSL_LOCAL int esp_sw_sha256_count_add();
/* show MP HW Metrics*/
WOLFSSL_LOCAL int esp_hw_show_mp_metrics(void);
/* show SHA HW Metrics*/
WOLFSSL_LOCAL int esp_hw_show_sha_metrics(void);
/* show all HW Metrics*/
WOLFSSL_LOCAL int esp_hw_show_metrics(void);
#endif
/*
* Errata Mitigation. See
* https://www.espressif.com/sites/default/files/documentation/esp32_errata_en.pdf
* https://www.espressif.com/sites/default/files/documentation/esp32-c3_errata_en.pdf
* https://www.espressif.com/sites/default/files/documentation/esp32-s3_errata_en.pdf
*/
#define ESP_MP_HW_LOCK_MAX_DELAY ( TickType_t ) 0xffUL
#if defined(CONFIG_IDF_TARGET_ESP32) && !defined(ESP_NO_ERRATA_MITIGATION)
/* some of these may be tuned for specific silicon versions */
#define ESP_EM__MP_HW_WAIT_CLEAN {__asm__ __volatile__("memw");}
#define ESP_EM__MP_HW_WAIT_DONE {__asm__ __volatile__("memw");}
#define ESP_EM__POST_SP_MP_HW_LOCK {__asm__ __volatile__("memw");}
#define ESP_EM__PRE_MP_HW_WAIT_CLEAN {__asm__ __volatile__("memw");}
#define ESP_EM__PRE_DPORT_READ {__asm__ __volatile__("memw");}
#define ESP_EM__PRE_DPORT_WRITE {__asm__ __volatile__("memw");}
/* Non-FIFO read may not be needed in chip revision v3.0. */
#define ESP_EM__READ_NON_FIFO_REG {DPORT_SEQUENCE_REG_READ(0x3FF40078);}
/* When the CPU frequency is 160 MHz, add six <20>nop<6F> between two consecutive
** FIFO reads. When the CPU frequency is 240 MHz, add seven <EFBFBD>nop<EFBFBD> between
** two consecutive FIFO reads. See 3.16 */
#if defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_80)
#define ESP_EM__3_16 { \
__asm__ __volatile__("memw"); \
__asm__ __volatile__("nop"); /* 1 */ \
__asm__ __volatile__("nop"); /* 2 */ \
__asm__ __volatile__("nop"); /* 3 */ \
__asm__ __volatile__("nop"); /* 4 */ \
__asm__ __volatile__("nop"); /* 5 */ \
};
#elif defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_160)
#define ESP_EM__3_16 { \
__asm__ __volatile__("memw"); \
__asm__ __volatile__("nop"); /* 1 */ \
__asm__ __volatile__("nop"); /* 2 */ \
__asm__ __volatile__("nop"); /* 3 */ \
__asm__ __volatile__("nop"); /* 4 */ \
__asm__ __volatile__("nop"); /* 5 */ \
__asm__ __volatile__("nop"); /* 6 */ \
__asm__ __volatile__("nop"); /* 7 */ \
__asm__ __volatile__("nop"); /* 8 */ \
};
#elif defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240)
#define ESP_EM__3_16 { \
__asm__ __volatile__("memw"); \
__asm__ __volatile__("nop"); /* 1 */ \
__asm__ __volatile__("nop"); /* 2 */ \
__asm__ __volatile__("nop"); /* 3 */ \
__asm__ __volatile__("nop"); /* 4 */ \
__asm__ __volatile__("nop"); /* 5 */ \
__asm__ __volatile__("nop"); /* 6 */ \
__asm__ __volatile__("nop"); /* 7 */ \
__asm__ __volatile__("nop"); /* 8 */ \
__asm__ __volatile__("nop"); /* 9 */ \
};
#else
#define ESP_EM__3_16 {};
#endif
#define ESP_EM__POST_PROCESS_START { ESP_EM__3_16 };
#define ESP_EM__DPORT_FIFO_READ { ESP_EM__3_16 };
#else
#define ESP_EM__3_16 {};
#define ESP_EM__MP_HW_WAIT_CLEAN {};
#define ESP_EM__MP_HW_WAIT_DONE {};
#define ESP_EM__POST_SP_MP_HW_LOCK {};
#define ESP_EM__PRE_MP_HW_WAIT_CLEAN {};
#define ESP_EM__POST_PROCESS_START {};
#define ESP_EM__DPORT_FIFO_READ {};
#define ESP_EM__READ_NON_FIFO_REG {};
#define ESP_EM__PRE_DPORT_READ {};
#define ESP_EM__PRE_DPORT_WRITE {};
#endif
/* end c++ wrapper */
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_ESPIDF (entire contents excluded when not Espressif ESP-IDF) */
#endif /* __ESP32_CRYPT_H__ */
Reference in a new issue Copy permalink