WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Make wc_tsip_* API's public.

pull/8717/head
David Garske 2025-04-28 09:27:59 -07:00
parent c402d7bd94
commit 3d4e89c2ca
2 changed files with 62 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
wolfcrypt/src/port/Renesas/renesas_tsip_util.c
View File

@ -293,7 +293,7 @@ static void tsipFlushMessages(struct WOLFSSL* ssl)
WOLFSSL_LOCAL int tsip_TlsCleanup(struct WOLFSSL* ssl)
int tsip_TlsCleanup(struct WOLFSSL* ssl)
{
int ret = 0;
TsipUserCtx* tuc = NULL;
@ -321,7 +321,7 @@ WOLFSSL_LOCAL int tsip_TlsCleanup(struct WOLFSSL* ssl)
* return 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
* expecting to fallback to S/W, other negative values on error.
*/
WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
{
int ret = 0;
e_tsip_err_t err = TSIP_SUCCESS;
@ -439,7 +439,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
* return 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
* expecting to fallback to S/W, other negative values on error.
*/
WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
struct KeyShareEntry* kse)
{
int ret = 0;
@ -520,7 +520,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
return ret;
}
WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
{
int ret = 0;
TsipUserCtx* tuc = NULL;
@ -553,7 +553,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
* return 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
* expecting to fallback to S/W, other negative values on error.
*/
WOLFSSL_LOCAL int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl)
int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl)
{
int ret = 0;
e_tsip_err_t err = TSIP_SUCCESS;
@ -1019,7 +1019,7 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl)
* returns 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
* expecting to fallback to S/W, other negative values on error.
*/
WOLFSSL_LOCAL int tsip_Tls13DeriveKeys(struct WOLFSSL* ssl,
int tsip_Tls13DeriveKeys(struct WOLFSSL* ssl,
int keyType, int side)
{
int ret = 0;
@ -1098,7 +1098,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveKeys(struct WOLFSSL* ssl,
return ret;
}
WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
{
int ret = 0;
e_tsip_err_t err = TSIP_SUCCESS;
@ -1266,7 +1266,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl,
* totalSz Length in the record header. means message + type + pad.
* return 0, on success, others on failure.
*/
WOLFSSL_LOCAL int tsip_Tls13HandleFinished(
int tsip_Tls13HandleFinished(
struct WOLFSSL* ssl,
const byte* input,
word32* inOutIdx,
@ -1309,7 +1309,7 @@ WOLFSSL_LOCAL int tsip_Tls13HandleFinished(
* when tsip can not handle and is expecting to fallback to S/W,
* other negative values on error.
*/
WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl,
int tsip_Tls13BuildMessage(struct WOLFSSL* ssl,
byte* output,
int outSz,
const byte* input,
@ -1402,7 +1402,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl,
* return 0 on success, CRYPTOCB_UNAVAILABLE when TSIP can not handle,
* other negative values on error.
*/
WOLFSSL_LOCAL int tsip_Tls13SendFinished(
int tsip_Tls13SendFinished(
struct WOLFSSL* ssl,
byte* output,
int outSz,
@ -1466,7 +1466,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendFinished(
* return 0 on success, CRYPTOCB_UNAVAILABLE when TSIP can not handle,
* other negative values on error.
*/
WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
const byte* input, word32* inOutIdx,
word32 totalSz)
{
@ -1611,7 +1611,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
* Returns 0 on success, CRYPTOCB_UNAVAILABLE when the required key is not
* provided or unsupported algo is specified and otherwise failure.
*/
WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
{
int ret = 0;
e_tsip_err_t err = TSIP_SUCCESS;
@ -2393,7 +2393,7 @@ int tsip_ImportPrivateKey(TsipUserCtx* tuc, int keyType)
* TSIP_KEY_TYPE_ECDSAP256 ecdsa p256r1 key
* TSIP_KEY_TYPE_ECDSAP384 ecdsa p384r1 key
*/
WOLFSSL_LOCAL int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType)
int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType)
{
int ret = 0;
e_tsip_err_t err = TSIP_SUCCESS;
@ -2622,7 +2622,7 @@ int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated)
* lock hw engine.
* this should be called before using engine.
*/
WOLFSSL_LOCAL int tsip_hw_lock(void)
int tsip_hw_lock(void)
{
int ret = 0;
@ -2649,7 +2649,7 @@ WOLFSSL_LOCAL int tsip_hw_lock(void)
/*
* release hw engine
*/
WOLFSSL_LOCAL void tsip_hw_unlock(void)
void tsip_hw_unlock(void)
{
tsip_CryptHwMutexUnLock(&tsip_mutex);
}
@ -2657,7 +2657,7 @@ WOLFSSL_LOCAL void tsip_hw_unlock(void)
/* open TSIP driver
* return 0 on success.
*/
WOLFSSL_LOCAL int tsip_Open(void)
int tsip_Open(void)
{
int ret = TSIP_SUCCESS;
@ -2757,7 +2757,7 @@ WOLFSSL_LOCAL int tsip_Open(void)
}
/* close TSIP driver */
WOLFSSL_LOCAL void tsip_Close(void)
void tsip_Close(void)
{
WOLFSSL_ENTER("tsip_Close");
int ret;
@ -3798,7 +3798,7 @@ int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
#endif /* !NO_RSA */
#if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_TSIP_TLS)
WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
int tsip_VerifyRsaPkcsCb(
WOLFSSL* ssl,
unsigned char* sig, unsigned int sigSz,
unsigned char** out,
@ -3911,7 +3911,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
* signature will be DER encoded and stored into out buffer.
* the private key must be imported as TSIP specific format.
*/
WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
{
int ret = 0;
e_tsip_err_t err = TSIP_SUCCESS;
@ -4049,7 +4049,7 @@ static int tsip_HashPad(int curveSz, uint8_t* hash,
* returns
* 0 on success, CRYPTOCB_UNAVAILABLE on unsupported key type specified.
*/
WOLFSSL_LOCAL int tsip_VerifyEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
int tsip_VerifyEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
{
int ret = 0;
e_tsip_err_t err = TSIP_SUCCESS;
@ -4173,7 +4173,7 @@ static void hexdump(const uint8_t* in, uint32_t len)
byte *ret2err(word32 ret)
{
switch(ret) {
case TSIP_SUCCESS: return "success";
case TSIP_SUCCESS: return "success";
case TSIP_ERR_SELF_CHECK1: return "selfcheck1";
case TSIP_ERR_RESOURCE_CONFLICT: return "rsconflict";
case TSIP_ERR_SELF_CHECK2: return "selfcheck2";

87
wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h
View File

@ -35,7 +35,6 @@
#include "r_tsip_rx_if.h"
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/logging.h>
@ -47,6 +46,7 @@
#include <wolfssl/wolfcrypt/cryptocb.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
@ -340,37 +340,33 @@ typedef struct
} TsipPKCbInfo;
typedef struct
{
#if (WOLFSSL_RENESAS_TSIP_VER >=109)
typedef struct
{
uint8_t * encrypted_provisioning_key;
uint8_t * iv;
uint8_t * encrypted_user_tls_key;
uint32_t encrypted_user_tls_key_type;
uint8_t * encrypted_user_private_key;
uint32_t encrypted_user_private_key_type;
uint8_t * encrypted_user_public_key;
uint32_t encrypted_user_public_key_type;
uint8_t * encrypted_provisioning_key;
uint8_t * iv;
uint8_t * encrypted_user_tls_key;
uint32_t encrypted_user_tls_key_type;
uint8_t * encrypted_user_private_key;
uint32_t encrypted_user_private_key_type;
uint8_t * encrypted_user_public_key;
uint32_t encrypted_user_public_key_type;
tsip_ecc_private_key_index_t client_private_key_index;
tsip_tls_ca_certification_public_key_index_t user_rsa2048_tls_pubindex;
} tsip_key_data;
#else
typedef struct
{
uint8_t* encrypted_session_key;
uint8_t* iv;
uint8_t* encrypted_user_tls_key;
uint8_t* encrypted_session_key;
uint8_t* iv;
uint8_t* encrypted_user_tls_key;
#endif
tsip_tls_ca_certification_public_key_index_t user_rsa2048_tls_pubindex;
} tsip_key_data;
#endif
struct Aes;
struct WOLFSSL;
struct WOLFSSL_CTX;
struct wc_CryptoInfo;
/*----------------------------------------------------*/
/* APIs */
/*----------------------------------------------------*/
@ -442,10 +438,10 @@ struct wc_CryptoInfo;
WOLFSSL_LOCAL int tsip_SignRsaPkcs(struct wc_CryptoInfo* info,
TsipUserCtx* tuc);
WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(struct wc_CryptoInfo* info,
WOLFSSL_API int wc_tsip_RsaVerifyPkcs(struct wc_CryptoInfo* info,
TsipUserCtx* tuc);
WOLFSSL_LOCAL int wc_tsip_RsaFunction(wc_CryptoInfo* info, TsipUserCtx* tuc);
WOLFSSL_API int wc_tsip_RsaFunction(wc_CryptoInfo* info, TsipUserCtx* tuc);
WOLFSSL_LOCAL int tsip_SignEcdsa(struct wc_CryptoInfo* info, TsipUserCtx* tuc);
@ -518,9 +514,9 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(struct WOLFSSL*ssl);
#if (WOLFSSL_RENESAS_TSIP_VER >=109)
WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, struct wc_CryptoInfo* info,
WOLFSSL_API int wc_tsip_AesCipher(int devIdArg, struct wc_CryptoInfo* info,
void* ctx);
WOLFSSL_LOCAL int wc_tsip_generateMasterSecretEx(
WOLFSSL_API int wc_tsip_generateMasterSecretEx(
byte cipherSuiteFirst,
byte cipherSuite,
const byte* pr, /* pre-master */
@ -530,7 +526,7 @@ WOLFSSL_LOCAL int wc_tsip_generateMasterSecretEx(
#else
WOLFSSL_LOCAL int wc_tsip_generateMasterSecret(
WOLFSSL_API int wc_tsip_generateMasterSecret(
const byte *pre,
const byte *cr,
const byte *sr,
@ -539,23 +535,23 @@ WOLFSSL_LOCAL int wc_tsip_generateMasterSecret(
#endif /* WOLFSSL_RENESAS_TSIP_VER */
WOLFSSL_LOCAL int wc_tsip_storeKeyCtx(
WOLFSSL_API int wc_tsip_storeKeyCtx(
struct WOLFSSL *ssl,
TsipUserCtx *userCtx);
WOLFSSL_LOCAL int wc_tsip_generateEncryptPreMasterSecret(
WOLFSSL_API int wc_tsip_generateEncryptPreMasterSecret(
struct WOLFSSL* ssl,
byte* out,
word32* outSz);
WOLFSSL_LOCAL int wc_tsip_EccSharedSecret(
WOLFSSL_API int wc_tsip_EccSharedSecret(
struct WOLFSSL* ssl,
struct ecc_key* otherKey,
unsigned char* pubKeyDer, unsigned int* pubKeySz,
unsigned char* out, unsigned int* outlen,
int side, void* ctx);
WOLFSSL_LOCAL int wc_tsip_RsaVerify(
WOLFSSL_API int wc_tsip_RsaVerify(
struct WOLFSSL* ssl,
byte* sig,
word32 sigSz,
@ -564,32 +560,32 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerify(
word32 keySz,
void* ctx);
WOLFSSL_LOCAL int wc_tsip_EccVerify(
WOLFSSL_API int wc_tsip_EccVerify(
struct WOLFSSL* ssl,
const byte* sig, word32 sigSz,
const byte* hash, word32 hashSz,
const byte* key, word32 keySz,
int* result, void* ctx);
WOLFSSL_LOCAL int wc_tsip_generateVerifyData(
WOLFSSL_API int wc_tsip_generateVerifyData(
const uint8_t* masterSecret,
const uint8_t* side,
const uint8_t* handshake_hash,
uint8_t* hashes);
#ifndef NO_AES
WOLFSSL_LOCAL int wc_tsip_AesCbcEncrypt(
WOLFSSL_API int wc_tsip_AesCbcEncrypt(
Aes* aes,
byte* out,
const byte* in,
word32 sz);
WOLFSSL_LOCAL int wc_tsip_AesCbcDecrypt(
WOLFSSL_API int wc_tsip_AesCbcDecrypt(
Aes* aes,
byte* out,
const byte* in,
word32 sz);
WOLFSSL_LOCAL int wc_tsip_AesGcmEncrypt(
WOLFSSL_API int wc_tsip_AesGcmEncrypt(
Aes* aes, byte* out,
const byte* in, word32 sz,
byte* iv, word32 ivSz,
@ -597,7 +593,7 @@ WOLFSSL_LOCAL int wc_tsip_AesGcmEncrypt(
const byte* authIn, word32 authInSz,
void* ctx);
WOLFSSL_LOCAL int wc_tsip_AesGcmDecrypt(
WOLFSSL_API int wc_tsip_AesGcmDecrypt(
Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
@ -605,14 +601,14 @@ WOLFSSL_LOCAL int wc_tsip_AesGcmDecrypt(
const byte* authIn, word32 authInSz,
void* ctx);
#endif /* NO_AES */
WOLFSSL_LOCAL int wc_tsip_ShaXHmacVerify(
WOLFSSL_API int wc_tsip_ShaXHmacVerify(
const struct WOLFSSL *ssl,
const byte* message,
word32 messageSz,
word32 macSz,
word32 content);
WOLFSSL_LOCAL int wc_tsip_Sha1HmacGenerate(
WOLFSSL_API int wc_tsip_Sha1HmacGenerate(
const struct WOLFSSL *ssl,
const byte* myInner,
word32 innerSz,
@ -620,7 +616,7 @@ WOLFSSL_LOCAL int wc_tsip_Sha1HmacGenerate(
word32 sz,
byte* digest);
WOLFSSL_LOCAL int wc_tsip_Sha256HmacGenerate(
WOLFSSL_API int wc_tsip_Sha256HmacGenerate(
const struct WOLFSSL *ssl,
const byte* myInner,
word32 innerSz,
@ -648,35 +644,34 @@ WOLFSSL_LOCAL byte tsip_rootCAverified();
WOLFSSL_LOCAL byte tsip_checkCA(word32 cmIdx);
WOLFSSL_LOCAL int wc_tsip_tls_RootCertVerify(
WOLFSSL_API int wc_tsip_tls_RootCertVerify(
const byte* cert, word32 cert_len,
word32 key_n_start, word32 key_n_len,
word32 key_e_start, word32 key_e_len,
word32 cm_row);
WOLFSSL_LOCAL int wc_tsip_tls_CertVerify(
WOLFSSL_API int wc_tsip_tls_CertVerify(
const uint8_t* cert, uint32_t certSz,
const uint8_t* signature, uint32_t sigSz,
uint32_t key_n_start, uint32_t key_n_len,
uint32_t key_e_start, uint32_t key_e_len,
uint8_t* tsip_encRsaKeyIdx);
WOLFSSL_LOCAL int wc_tsip_generatePremasterSecret(
WOLFSSL_API int wc_tsip_generatePremasterSecret(
byte* premaster,
word32 preSz);
WOLFSSL_LOCAL int wc_tsip_generateSessionKey(
WOLFSSL_API int wc_tsip_generateSessionKey(
struct WOLFSSL* ssl,
TsipUserCtx* ctx,
int devId);
WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx);
WOLFSSL_API int wc_tsip_MakeRsaKey(int size, void* ctx);
WOLFSSL_LOCAL int wc_tsip_GenerateRandBlock(byte* output, word32 size);
WOLFSSL_API int wc_tsip_GenerateRandBlock(byte* output, word32 size);
#if defined(WOLFSSL_RENESAS_TSIP_CRYPT_DEBUG)
byte *ret2err(word32 ret);
#endif
#ifdef __cplusplus