From 78362bc3468141e77abe0426315ecf065400e021 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 9 Jun 2025 14:11:48 -0700 Subject: [PATCH 1/9] Changes to support Renesas RX TSIP AES CTR. --- wolfcrypt/src/port/Renesas/renesas_tsip_aes.c | 97 +++++++++++++++++-- .../port/Renesas/renesas-tsip-crypt.h | 26 +++-- 2 files changed, 107 insertions(+), 16 deletions(-) diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c index 54dc6f5f8..fcbe6fc98 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c @@ -36,7 +36,9 @@ #include #include +#ifdef WOLFSSL_RENESAS_TSIP_TLS #include +#endif #include #include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h" #ifdef NO_INLINE @@ -381,24 +383,25 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt( #if (WOLFSSL_RENESAS_TSIP_VER >= 109) #ifdef WOLF_CRYPTO_CB -WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, - void* ctx) +int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, void* ctx) { int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); TsipUserCtx* cbInfo = (TsipUserCtx*)ctx; WOLFSSL_ENTER("wc_tsip_AesCipher"); - if (info == NULL || ctx == NULL) + if (info == NULL || ctx == NULL) { return BAD_FUNC_ARG; + } + + (void)devIdArg; if (info->algo_type == WC_ALGO_TYPE_CIPHER) { - -#if !defined(NO_AES) || !defined(NO_DES3) +#if !defined(NO_AES) #ifdef HAVE_AESGCM if (info->cipher.type == WC_CIPHER_AES_GCM #ifdef WOLFSSL_RENESAS_TSIP_TLS - && cbInfo->session_key_set == 1 + && cbInfo != NULL && cbInfo->session_key_set == 1 #endif ) { @@ -433,10 +436,26 @@ WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, } } #endif /* HAVE_AESGCM */ + + #ifdef WOLFSSL_AES_COUNTER + if (info->cipher.type == WC_CIPHER_AES_CTR + #ifdef WOLFSSL_RENESAS_TSIP_TLS + && cbInfo != NULL && cbInfo->session_key_set == 1 + #endif + ) { + /* encrypt and decrypt use same routine */ + ret = wc_tsip_AesCtr( + info->cipher.aesctr.aes, + (byte*)info->cipher.aesctr.out, + (byte*)info->cipher.aesctr.in, + info->cipher.aesctr.sz); + } + #endif /* WOLFSSL_AES_COUNTER */ + #ifdef HAVE_AES_CBC if (info->cipher.type == WC_CIPHER_AES_CBC #ifdef WOLFSSL_RENESAS_TSIP_TLS - && cbInfo->session_key_set == 1 + && cbInfo != NULL && cbInfo->session_key_set == 1 #endif ) { @@ -457,7 +476,7 @@ WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, } } #endif /* HAVE_AES_CBC */ - #endif /* !NO_AES || !NO_DES3 */ + #endif /* !NO_AES */ } WOLFSSL_LEAVE("wc_tsip_AesCipher", ret); @@ -466,8 +485,7 @@ WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, #endif /* WOLF_CRYPTO_CB */ #endif /* WOLFSSL_RENESAS_TSIP_VER >= 109 */ - - +#ifdef HAVE_AES_CBC int wc_tsip_AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in, word32 sz) { tsip_aes_handle_t _handle; @@ -584,6 +602,64 @@ int wc_tsip_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz) tsip_hw_unlock(); return ret; } +#endif /* HAVE_AES_CBC */ + +#ifdef WOLFSSL_AES_COUNTER +int wc_tsip_AesCtr(struct Aes* aes, byte* out, const byte* in, word32 sz) +{ + tsip_aes_handle_t _handle; + int ret; + byte *iv; + + if ((in == NULL) || (out == NULL) || (aes == NULL)) + return BAD_FUNC_ARG; + + /* while doing TLS handshake, TSIP driver keeps true-key and iv * + * on the device. iv is dummy */ + iv = (uint8_t*)aes->reg; + + if ((ret = tsip_hw_lock()) != 0) { + WOLFSSL_MSG("Failed to lock"); + return ret; + } + + if (aes->ctx.keySize == 16) { + ret = R_TSIP_Aes128CtrInit(&_handle, &aes->ctx.tsip_keyIdx, iv); + } + else if (aes->ctx.keySize == 32) { + ret = R_TSIP_Aes256CtrInit(&_handle, &aes->ctx.tsip_keyIdx, iv); + } + else { + tsip_hw_unlock(); + return -1; + } + + if (aes->ctx.keySize == 16) + ret = R_TSIP_Aes128CtrUpdate(&_handle, (uint8_t*)in, + (uint8_t*)out, sz); + else + ret = R_TSIP_Aes256CtrUpdate(&_handle, (uint8_t*)in, + (uint8_t*)out, sz); + + if (ret == TSIP_SUCCESS) { + if (aes->ctx.keySize == 16) { + ret = R_TSIP_Aes128CtrFinal(&_handle); + } + else { + ret = R_TSIP_Aes256CtrFinal(&_handle); + } + } + else { + WOLFSSL_MSG("TSIP AES CTR failed"); + ret = -1; + } + + tsip_hw_unlock(); + return ret; +} +#endif /* WOLFSSL_AES_COUNTER */ + +#ifdef HAVE_AESGCM /* * Encrypt plain data then output encrypted data and authentication tag data. * The session key used for encryption is generated inside this function and @@ -975,6 +1051,7 @@ int wc_tsip_AesGcmDecrypt( WOLFSSL_LEAVE("wc_tsip_AesGcmDecrypt", ret); return ret; } +#endif /* HAVE_AESGCM */ #endif /* WOLFSSL_RENESAS_TSIP_TLS) || WOLFSSL_RENESAS_TSIP_CRYPTONLY && NO_WOLFSSL_RENESAS_TSIP_CRYPT_AES */ #endif /* NO_AES */ diff --git a/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h b/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h index a2924b86d..b1c5f7d1a 100644 --- a/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h +++ b/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h @@ -39,7 +39,7 @@ #include #include #include -#ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY +#ifdef WOLFSSL_RENESAS_TSIP_TLS #include #endif #ifdef WOLF_CRYPTO_CB @@ -573,21 +573,33 @@ WOLFSSL_API int wc_tsip_generateVerifyData( const uint8_t* side, const uint8_t* handshake_hash, uint8_t* hashes); + #ifndef NO_AES +#ifdef HAVE_AES_CBC WOLFSSL_API int wc_tsip_AesCbcEncrypt( - Aes* aes, + struct Aes* aes, byte* out, const byte* in, word32 sz); WOLFSSL_API int wc_tsip_AesCbcDecrypt( - Aes* aes, + struct Aes* aes, byte* out, const byte* in, word32 sz); +#endif /* HAVE_AES_CBC */ +#ifdef WOLFSSL_AES_COUNTER +WOLFSSL_API int wc_tsip_AesCtr( + struct Aes*, + byte* out, + const byte* in, + word32 sz); +#endif /* WOLFSSL_AES_COUNTER */ + +#ifdef HAVE_AESGCM WOLFSSL_API int wc_tsip_AesGcmEncrypt( - Aes* aes, byte* out, + struct Aes* aes, byte* out, const byte* in, word32 sz, byte* iv, word32 ivSz, byte* authTag, word32 authTagSz, @@ -595,13 +607,15 @@ WOLFSSL_API int wc_tsip_AesGcmEncrypt( void* ctx); WOLFSSL_API int wc_tsip_AesGcmDecrypt( - Aes* aes, byte* out, + struct Aes* aes, byte* out, const byte* in, word32 sz, const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz, void* ctx); -#endif /* NO_AES */ +#endif /* HAVE_AESGCM */ +#endif /* !NO_AES */ + WOLFSSL_API int wc_tsip_ShaXHmacVerify( const struct WOLFSSL *ssl, const byte* message, From ebe8816c2ab0b7986d59b4018e2ed8af2fabc487 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 9 Jun 2025 15:25:31 -0700 Subject: [PATCH 2/9] Code size reductions (check RX TSIP enables). --- wolfcrypt/src/port/Renesas/renesas_tsip_aes.c | 62 ++++++++++--------- .../src/port/Renesas/renesas_tsip_util.c | 12 ++++ .../port/Renesas/renesas-tsip-crypt.h | 14 +++-- 3 files changed, 55 insertions(+), 33 deletions(-) diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c index fcbe6fc98..3df6890fb 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c @@ -611,50 +611,56 @@ int wc_tsip_AesCtr(struct Aes* aes, byte* out, const byte* in, word32 sz) int ret; byte *iv; - if ((in == NULL) || (out == NULL) || (aes == NULL)) - return BAD_FUNC_ARG; - - /* while doing TLS handshake, TSIP driver keeps true-key and iv * - * on the device. iv is dummy */ - iv = (uint8_t*)aes->reg; + if ((in == NULL) || (out == NULL) || (aes == NULL)) { + return BAD_FUNC_ARG; + } if ((ret = tsip_hw_lock()) != 0) { WOLFSSL_MSG("Failed to lock"); return ret; } + /* while doing TLS handshake, TSIP driver keeps true-key and iv * + * on the device. iv is dummy */ + iv = (uint8_t*)aes->reg; + if (aes->ctx.keySize == 16) { + #if defined(TSIP_AES_128_CTR) && TSIP_AES_128_CTR == 1 ret = R_TSIP_Aes128CtrInit(&_handle, &aes->ctx.tsip_keyIdx, iv); + if (ret == TSIP_SUCCESS) { + ret = R_TSIP_Aes128CtrUpdate(&_handle, (uint8_t*)in, + (uint8_t*)out, sz); + if (ret == TSIP_SUCCESS) { + ret = R_TSIP_Aes128CtrFinal(&_handle); + } + } + #else + ret = NOT_COMPILED_IN; + #endif } - else if (aes->ctx.keySize == 32) { + if (aes->ctx.keySize == 32) { + #if defined(TSIP_AES_256_CTR) && TSIP_AES_256_CTR == 1 ret = R_TSIP_Aes256CtrInit(&_handle, &aes->ctx.tsip_keyIdx, iv); - } - else { - tsip_hw_unlock(); - return -1; + if (ret == TSIP_SUCCESS) { + ret = R_TSIP_Aes256CtrUpdate(&_handle, (uint8_t*)in, + (uint8_t*)out, sz); + if (ret == TSIP_SUCCESS) { + ret = R_TSIP_Aes256CtrFinal(&_handle); + } + } + #else + ret = NOT_COMPILED_IN; + #endif } - if (aes->ctx.keySize == 16) - ret = R_TSIP_Aes128CtrUpdate(&_handle, (uint8_t*)in, - (uint8_t*)out, sz); - else - ret = R_TSIP_Aes256CtrUpdate(&_handle, (uint8_t*)in, - (uint8_t*)out, sz); - - if (ret == TSIP_SUCCESS) { - if (aes->ctx.keySize == 16) { - ret = R_TSIP_Aes128CtrFinal(&_handle); - } - else { - ret = R_TSIP_Aes256CtrFinal(&_handle); - } - } - else { + if (ret != TSIP_SUCCESS) { + WOLFSSL_ERROR(ret); WOLFSSL_MSG("TSIP AES CTR failed"); ret = -1; } tsip_hw_unlock(); + return ret; } #endif /* WOLFSSL_AES_COUNTER */ @@ -720,7 +726,7 @@ int wc_tsip_AesGcmEncrypt( if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) { WOLFSSL_MSG("illegal key size"); WOLFSSL_LEAVE("wc_tsip_AesGcmEncrypt", BAD_FUNC_ARG); - return BAD_FUNC_ARG; + return BAD_FUNC_ARG; } if (aes->ctx.keySize == 16) { diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c index 54fd8f8b9..842a5bc69 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c @@ -72,8 +72,10 @@ extern uint32_t s_flash[]; extern uint32_t s_inst1[R_TSIP_SINST_WORD_SIZE]; #endif +#ifndef SINGLE_THREADED wolfSSL_Mutex tsip_mutex; static int tsip_CryptHwMutexInit_ = 0; +#endif static tsip_key_data g_user_key_info; struct WOLFSSL_HEAP_HINT* tsip_heap_hint = NULL; @@ -2476,6 +2478,7 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType) tuc->keyflgs_crypt.bits.eccpub_key_set = 0; #endif if (keyType == TSIP_KEY_TYPE_ECDSAP256) { + #if defined(TSIP_ECDSA_P256) && TSIP_ECDSA_P256 == 1 err = R_TSIP_GenerateEccP256PublicKeyIndex( provisioning_key, iv, (uint8_t*)encPubKey, #if defined(WOLFSSL_RENESAS_TSIP_TLS) @@ -2484,8 +2487,12 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType) &tuc->eccpub_keyIdx #endif ); + #else + err = NOT_COMPILED_IN; + #endif } else if (keyType == TSIP_KEY_TYPE_ECDSAP384) { + #if defined(TSIP_ECDSA_P384) && TSIP_ECDSA_P384 == 1 err = R_TSIP_GenerateEccP384PublicKeyIndex( provisioning_key, iv, (uint8_t*)encPubKey, #if defined(WOLFSSL_RENESAS_TSIP_TLS) @@ -2494,6 +2501,9 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType) &tuc->eccpub_keyIdx #endif ); + #else + err = NOT_COMPILED_IN; + #endif } if (err == TSIP_SUCCESS) { #if defined(WOLFSSL_RENESAS_TSIP_TLS) @@ -2619,6 +2629,7 @@ int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated) } #endif /* WOLFSSL_RENESAS_TSIP_TLS */ +#ifndef SINGLE_THREADED /* * lock hw engine. * this should be called before using engine. @@ -2654,6 +2665,7 @@ void tsip_hw_unlock(void) { tsip_CryptHwMutexUnLock(&tsip_mutex); } +#endif /* open TSIP driver * return 0 on success. diff --git a/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h b/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h index b1c5f7d1a..832163ea3 100644 --- a/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h +++ b/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h @@ -639,13 +639,17 @@ WOLFSSL_API int wc_tsip_Sha256HmacGenerate( word32 sz, byte* digest); -WOLFSSL_LOCAL int tsip_Open(); +WOLFSSL_LOCAL int tsip_Open(void); -WOLFSSL_LOCAL void tsip_Close(); +WOLFSSL_LOCAL void tsip_Close(void); -WOLFSSL_LOCAL int tsip_hw_lock(); - -WOLFSSL_LOCAL void tsip_hw_unlock( void ); +#ifdef SINGLE_THREADED +#define tsip_hw_lock() 0 +#define tsip_hw_unlock() +#else +WOLFSSL_LOCAL int tsip_hw_lock(void); +WOLFSSL_LOCAL void tsip_hw_unlock(void); +#endif WOLFSSL_LOCAL int tsip_usable(const struct WOLFSSL *ssl, uint8_t session_key_generated); From c7f6673e53c3374d7e42992527a9c955e9c7396d Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 10 Jun 2025 10:24:36 -0700 Subject: [PATCH 3/9] Fixup the `.wolfssl_known_macro_extras` --- .wolfssl_known_macro_extras | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras index b41ed942d..cd7ce919d 100644 --- a/.wolfssl_known_macro_extras +++ b/.wolfssl_known_macro_extras @@ -519,6 +519,10 @@ TIF_NEED_FPU_LOAD TIME_T_NOT_LONG TI_DUMMY_BUILD TLS13_RSA_PSS_SIGN_CB_NO_PREHASH +TSIP_AES_128_CTR +TSIP_AES_256_CTR +TSIP_ECDSA_P256 +TSIP_ECDSA_P384 TSIP_RSAES_1024 TSIP_RSAES_2048 TSIP_RSASSA_1024 From 111feedadc6c362f6248a143edfa42dc20e424e9 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 10 Jun 2025 14:57:25 -0700 Subject: [PATCH 4/9] Add build guards on the crypto callback ECC items. --- wolfcrypt/src/cryptocb.c | 8 ++++++++ wolfssl/wolfcrypt/cryptocb.h | 10 +++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index a83e529f9..7476245f9 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -577,6 +577,7 @@ int wc_CryptoCb_RsaGetSize(const RsaKey* key, int* keySize) #endif /* !NO_RSA */ #ifdef HAVE_ECC +#ifdef HAVE_ECC_DHE int wc_CryptoCb_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); @@ -629,7 +630,9 @@ int wc_CryptoCb_Ecdh(ecc_key* private_key, ecc_key* public_key, return wc_CryptoCb_TranslateErrorCode(ret); } +#endif +#ifdef HAVE_ECC_SIGN int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out, word32 *outlen, WC_RNG* rng, ecc_key* key) { @@ -658,7 +661,9 @@ int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out, return wc_CryptoCb_TranslateErrorCode(ret); } +#endif +#ifdef HAVE_ECC_VERIFY int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen, const byte* hash, word32 hashlen, int* res, ecc_key* key) { @@ -687,7 +692,9 @@ int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen, return wc_CryptoCb_TranslateErrorCode(ret); } +#endif +#ifdef HAVE_ECC_CHECK_KEY int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey, word32 pubKeySz) { @@ -713,6 +720,7 @@ int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey, return wc_CryptoCb_TranslateErrorCode(ret); } +#endif #endif /* HAVE_ECC */ #ifdef HAVE_CURVE25519 diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h index 9bcb35900..8db23f407 100644 --- a/wolfssl/wolfcrypt/cryptocb.h +++ b/wolfssl/wolfcrypt/cryptocb.h @@ -176,6 +176,7 @@ typedef struct wc_CryptoInfo { } rsa_get_size; #endif #ifdef HAVE_ECC + #ifdef HAVE_ECC_DHE struct { WC_RNG* rng; int size; @@ -188,6 +189,8 @@ typedef struct wc_CryptoInfo { byte* out; word32* outlen; } ecdh; + #endif + #ifdef HAVE_ECC_SIGN struct { const byte* in; word32 inlen; @@ -196,6 +199,8 @@ typedef struct wc_CryptoInfo { WC_RNG* rng; ecc_key* key; } eccsign; + #endif + #ifdef HAVE_ECC_VERIFY struct { const byte* sig; word32 siglen; @@ -204,12 +209,15 @@ typedef struct wc_CryptoInfo { int* res; ecc_key* key; } eccverify; + #endif + #ifdef HAVE_ECC_CHECK_KEY struct { ecc_key* key; const byte* pubKey; word32 pubKeySz; } ecc_check; - #endif + #endif + #endif /* HAVE_ECC */ #ifdef HAVE_CURVE25519 struct { WC_RNG* rng; From ad9d068174454cd1a69cc9a34b517a87bf687532 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 11 Jun 2025 10:09:34 -0700 Subject: [PATCH 5/9] Fix issues with crypto callbacks and `HAVE_ECC_DHE`. Fix issues with `ecc_onlycb_test`. --- wolfcrypt/src/ecc.c | 7 ++-- wolfcrypt/test/test.c | 76 +++++++++++++++++++++++-------------------- 2 files changed, 44 insertions(+), 39 deletions(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index ea9db7e6f..f7d3c4b32 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -5395,6 +5395,7 @@ static WC_INLINE void wc_ecc_reset(ecc_key* key) key->state = ECC_STATE_NONE; } + /* create the public ECC key from a private key * * key an initialized private key to generate public part from @@ -5680,7 +5681,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, #endif key->flags = (byte)flags; -#ifdef WOLF_CRYPTO_CB +#if defined(WOLF_CRYPTO_CB) && defined(HAVE_ECC_DHE) #ifndef WOLF_CRYPTO_CB_FIND if (key->devId != INVALID_DEVID) #endif @@ -10263,7 +10264,7 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime) * (!WOLFSSL_SP_MATH && WOLFSSL_VALIDATE_ECC_IMPORT) */ #if (FIPS_VERSION_GE(5,0) || defined(WOLFSSL_VALIDATE_ECC_KEYGEN)) && \ - !defined(WOLFSSL_KCAPI_ECC) + !defined(WOLFSSL_KCAPI_ECC) && defined(HAVE_ECC_DHE) /* check privkey generator helper, creates prime needed */ static int ecc_check_privkey_gen_helper(ecc_key* key) @@ -10378,7 +10379,7 @@ static int _ecc_pairwise_consistency_test(ecc_key* key, WC_RNG* rng) return err; } #endif /* (FIPS v5 or later || WOLFSSL_VALIDATE_ECC_KEYGEN) && \ - !WOLFSSL_KCAPI_ECC */ + !WOLFSSL_KCAPI_ECC && HAVE_ECC_DHE */ #ifndef WOLFSSL_SP_MATH /* validate order * pubkey = point at infinity, 0 on success */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 002096167..604a3df53 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -59469,7 +59469,6 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) { wc_test_ret_t ret = 0; #if defined(HAVE_ECC) - #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) ecc_key* key = (ecc_key *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -59477,21 +59476,19 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); byte* out = (byte*)XMALLOC(sizeof(byte), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - #ifdef OPENSSL_EXTRA - byte* check = (byte*)XMALLOC(sizeof(byte)*(256), HEAP_HINT, - DYNAMIC_TYPE_TMP_BUFFER); - + #if !defined(WOLFCRYPT_ONLY) && defined(OPENSSL_EXTRA) + byte* check = (byte*)XMALLOC(256, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif #else ecc_key key[1]; + #ifdef HAVE_ECC_DHE ecc_key pub[1]; - byte out[256]; - #ifdef OPENSSL_EXTRA - unsigned char check[256]; + #endif + #if !defined(WOLFCRYPT_ONLY) && defined(OPENSSL_EXTRA) + byte check[256]; #endif #endif - - #ifdef OPENSSL_EXTRA +#if !defined(WOLFCRYPT_ONLY) && defined(OPENSSL_EXTRA) WOLFSSL_EVP_PKEY* privKey = NULL; WOLFSSL_EVP_PKEY* pubKey = NULL; #ifdef USE_CERT_BUFFERS_256 @@ -59530,17 +59527,22 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) 0x94,0x1d,0x7a,0x66,0xf8,0xd1,0x1d,0xcf,0xb0,0x48, 0xef,0x8c,0x94,0x6f,0xdd,0x62, }; - #endif - +#endif +#ifdef HAVE_ECC_DHE WC_RNG rng; +#endif EncryptedInfo encInfo; int keyFormat = 0; +#ifdef USE_CERT_BUFFERS_256 word32 keyIdx = 0; - +#endif +#if defined(HAVE_ECC_SIGN) && defined(HAVE_ECC_VERIFY) byte in[] = "Everyone gets Friday off. ecc p"; word32 inLen = (word32)XSTRLEN((char*)in); + byte out[256]; word32 outLen; int verify; +#endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if (key == NULL || pub == NULL) { @@ -59551,7 +59553,8 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_onlycb); - /* wc_CryptoCb_MakeEccKey cb test, , no actual testing */ + /* wc_CryptoCb_MakeEccKey cb test, no actual testing */ +#ifdef HAVE_ECC_DHE ctx->exampleVar = 99; ret = wc_ecc_make_key(&rng, ECC_KEYGEN_SIZE, key); if (ret != 0) @@ -59563,7 +59566,7 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) } else /* reset return code */ ret = 0; - +#endif #ifdef USE_CERT_BUFFERS_256 if (ret == 0) { /* load ECC private key and perform private transform */ @@ -59572,6 +59575,9 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) } if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_onlycb); +#endif + +#ifdef HAVE_ECC_SIGN /* wc_CryptoCb_EccSign cb test, no actual testing */ ctx->exampleVar = 99; if (ret == 0) { @@ -59589,6 +59595,7 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) else ret = 0; +#ifdef HAVE_ECC_VERIFY /* wc_CryptoCb_EccVerify cb test, no actual testing */ ctx->exampleVar = 99; if (ret == 0) { @@ -59606,7 +59613,10 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) } else ret = 0; +#endif /* HAVE_ECC_VERIFY */ +#endif /* HAVE_ECC_SIGN */ +#ifdef HAVE_ECC_DHE /* wc_CryptoCb_Ecdh cb test, no actual testing */ /* make public key for shared secret */ @@ -59628,9 +59638,9 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) else ret = 0; +#endif /* HAVE_ECC_DHE */ - #ifdef OPENSSL_EXTRA - +#if !defined(WOLFCRYPT_ONLY) && defined(OPENSSL_EXTRA) (void)pkey; cp = ecc_clikey_der_256; privKey = d2i_PrivateKey(WC_EVP_PKEY_EC, NULL, &cp, @@ -59691,7 +59701,6 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) } /* verify */ - wolfSSL_EVP_MD_CTX_init(&mdCtx); if (ret == WOLFSSL_SUCCESS) { @@ -59727,24 +59736,11 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) ERROR_OUT(WC_TEST_RET_ENC_NC, exit_onlycb); } else ret = 0; - #endif -#else - (void)verify; - (void)outLen; - (void)inLen; - (void)out; - (void)pub; - #ifdef OPENSSL_EXTRA - (void)privKey; - (void)pubKey; - (void)mdCtx; - (void)check; - (void)checkSz; - (void)p; - #endif -#endif +#endif /* !WOLFCRYPT_ONLY && OPENSSL_EXTRA */ + (void)keyFormat; (void)encInfo; + (void)ctx; exit_onlycb: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) @@ -59754,14 +59750,14 @@ exit_onlycb: } XFREE(pub, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - #ifdef OPENSSL_EXTRA + #if !defined(WOLFCRYPT_ONLY) && defined(OPENSSL_EXTRA) if (check) { FREE(check, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); } #endif #else wc_ecc_free(key); - #ifdef OPENSSL_EXTRA + #if !defined(WOLFCRYPT_ONLY) && defined(OPENSSL_EXTRA) if (privKey) wolfSSL_EVP_PKEY_free(privKey); if (pubKey) @@ -59896,6 +59892,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) #endif /* !NO_RSA */ #ifdef HAVE_ECC if (info->pk.type == WC_PK_TYPE_EC_KEYGEN) { + #ifdef HAVE_ECC_DHE /* set devId to invalid, so software is used */ info->pk.eckg.key->devId = INVALID_DEVID; #if defined(WOLF_CRYPTO_CB_ONLY_ECC) @@ -59912,8 +59909,10 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) /* reset devId */ info->pk.eckg.key->devId = devIdArg; + #endif } else if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) { + #ifdef HAVE_ECC_SIGN /* set devId to invalid, so software is used */ info->pk.eccsign.key->devId = INVALID_DEVID; #if defined(WOLF_CRYPTO_CB_ONLY_ECC) @@ -59932,8 +59931,10 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) /* reset devId */ info->pk.eccsign.key->devId = devIdArg; + #endif } else if (info->pk.type == WC_PK_TYPE_ECDSA_VERIFY) { + #ifdef HAVE_ECC_VERIFY /* set devId to invalid, so software is used */ info->pk.eccverify.key->devId = INVALID_DEVID; #if defined(WOLF_CRYPTO_CB_ONLY_ECC) @@ -59952,8 +59953,10 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) /* reset devId */ info->pk.eccverify.key->devId = devIdArg; + #endif } else if (info->pk.type == WC_PK_TYPE_ECDH) { + #ifdef HAVE_ECC_DHE /* set devId to invalid, so software is used */ info->pk.ecdh.private_key->devId = INVALID_DEVID; #if defined(WOLF_CRYPTO_CB_ONLY_ECC) @@ -59971,6 +59974,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) /* reset devId */ info->pk.ecdh.private_key->devId = devIdArg; + #endif } #endif /* HAVE_ECC */ #ifdef HAVE_CURVE25519 From c7ff3b99b769b8dbc2b3be19b3580617191b6a13 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 11 Jun 2025 14:46:17 -0700 Subject: [PATCH 6/9] Allow for calling the Renesas RX TSIP AES crypto callback without a user context. --- wolfcrypt/src/port/Renesas/renesas_tsip_aes.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c index 3df6890fb..27786591d 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c @@ -390,7 +390,7 @@ int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, void* ctx) WOLFSSL_ENTER("wc_tsip_AesCipher"); - if (info == NULL || ctx == NULL) { + if (info == NULL) { return BAD_FUNC_ARG; } @@ -479,6 +479,7 @@ int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, void* ctx) #endif /* !NO_AES */ } + (void)cbInfo; WOLFSSL_LEAVE("wc_tsip_AesCipher", ret); return ret; } From dc57adcfedc3e491f93c6889c7f567751a374b5d Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 12 Jun 2025 11:33:50 -0700 Subject: [PATCH 7/9] Fix to increment IV for AES CTR with TSIP (allow encrypt to be called multiple times without having to manually reset the IV). --- wolfcrypt/src/port/Renesas/renesas_tsip_aes.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c index 27786591d..df7c41ada 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c @@ -654,7 +654,18 @@ int wc_tsip_AesCtr(struct Aes* aes, byte* out, const byte* in, word32 sz) #endif } - if (ret != TSIP_SUCCESS) { + if (ret == TSIP_SUCCESS) { + /* increment IV counter */ + int i, blocks = (int)(sz / WC_AES_BLOCK_SIZE); + while (blocks--) { + /* in network byte order so start at end and work back */ + for (i = WC_AES_BLOCK_SIZE - 1; i >= 0; i--) { + if (++iv[i]) /* we're done unless we overflow */ + break; + } + } + } + else { WOLFSSL_ERROR(ret); WOLFSSL_MSG("TSIP AES CTR failed"); ret = -1; From 191165a0214b779634d520485e707149128b3da4 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 16 Jun 2025 09:55:47 -0700 Subject: [PATCH 8/9] Test case created by @miyazakh. --- .../test/src/client/simple_tls_tsip_client.c | 4 +- .../test/src/server/simple_tls_server.c | 3 + .../RX72N/EnvisionKit/Simple/test/test.scfg | 6 +- .../EnvisionKit/wolfssl_demo/user_settings.h | 2 + .../wolfssl_demo/wolfssl_tsip_unit_test.c | 332 ++++++++++++++++++ 5 files changed, 343 insertions(+), 4 deletions(-) diff --git a/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c b/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c index 5dfb51c33..08530ba9e 100644 --- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c +++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c @@ -31,7 +31,8 @@ #include #endif -#define SIMPLE_TLSSEVER_IP "192.168.11.5" +#if defined(SIMPLE_TLS_TSIP_CLIENT) || defined(SIMPLE_TLS_CLIENT) +#define SIMPLE_TLSSEVER_IP "192.168.11.11" #define SIMPLE_TLSSERVER_PORT "11111" ER t4_tcp_callback(ID cepid, FN fncd , VP p_parblk); @@ -360,3 +361,4 @@ void wolfSSL_TLS_client( ) return; } +#endif /* SIMPLE_TSIP TLS_CLIENT || SIMPLE_TLS_CLIENT */ diff --git a/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/server/simple_tls_server.c b/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/server/simple_tls_server.c index df55941c4..e2a0d8532 100644 --- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/server/simple_tls_server.c +++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/server/simple_tls_server.c @@ -27,6 +27,8 @@ #include "wolfssl/certs_test.h" #include +#if defined(SIMPLE_TLS_SERVER) + static WOLFSSL_CTX *server_ctx; static int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx) @@ -192,3 +194,4 @@ out: tcp_sht_cep(cepid); tcp_cls_cep(cepid, TMO_FEVR); } +#endif diff --git a/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg b/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg index d5c797c88..0417e25f4 100644 --- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg +++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg @@ -11,7 +11,7 @@ -