123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918 |
- /* renesas_tsip_util.c
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
- #include <wolfssl/wolfcrypt/settings.h>
- #if defined(WOLFSSL_RENESAS_TSIP)
- #include <wolfssl/wolfcrypt/wc_port.h>
- #include <wolfssl/wolfcrypt/types.h>
- #include <wolfssl/wolfcrypt/asn.h>
- #include <wolfssl/wolfcrypt/memory.h>
- #include <wolfssl/wolfcrypt/error-crypt.h>
- #include <wolfssl/wolfcrypt/aes.h>
- #ifdef NO_INLINE
- #include <wolfssl/wolfcrypt/misc.h>
- #else
- #define WOLFSSL_MISC_INCLUDED
- #include <wolfcrypt/src/misc.c>
- #endif
- #include <wolfssl/ssl.h>
- #include <wolfssl/internal.h>
- #include <wolfssl/error-ssl.h>
- #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
- #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
- #include <stdio.h>
- #define TSIP_SIGNING_DATA_PREFIX_SZ 64
- #define TSIP_SIGNING_DATA_PREFIX_BYTE 0x20
- #define TSIP_MAX_SIG_DATA_SZ 130
- #define TSIP_CERT_VFY_LABEL_SZ 34
- /* function pointer typedefs for TSIP SHAxx HMAC Verification */
- typedef e_tsip_err_t (*shaHmacInitFn)
- (tsip_hmac_sha_handle_t*, tsip_hmac_sha_key_index_t*);
- typedef e_tsip_err_t (*shaHmacUpdateFn)
- (tsip_hmac_sha_handle_t*, uint8_t*, uint32_t);
- typedef e_tsip_err_t (*shaHmacFinalFn)
- (tsip_hmac_sha_handle_t*, uint8_t*, uint32_t);
- /* ./ca-cert.der.sign, */
- /* expect to have these variables defined at user application */
- #if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=109)
- extern uint32_t s_inst2[R_TSIP_SINST2_WORD_SIZE];
- #elif defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=106)
- extern uint32_t s_flash[];
- extern uint32_t s_inst1[R_TSIP_SINST_WORD_SIZE];
- #endif
- wolfSSL_Mutex tsip_mutex;
- static int tsip_CryptHwMutexInit_ = 0;
- static const byte* ca_cert_sig = NULL;
- static tsip_key_data g_user_key_info;
- struct WOLFSSL_HEAP_HINT* tsip_heap_hint = NULL;
- /* tsip only keep one encrypted ca public key */
- #if defined(WOLFSSL_RENESAS_TSIP_TLS)
- static uint32_t g_encrypted_publicCA_key[R_TSIP_SINST_WORD_SIZE];
- /* index of CM table. must be global since renesas_common access it. */
- extern uint32_t g_CAscm_Idx;
- #if defined(WOLFSSL_TLS13)
- /* The server certificate verification label. */
- static const byte serverCertVfyLabel[TSIP_CERT_VFY_LABEL_SZ] =
- "TLS 1.3, server CertificateVerify";
- static const byte clientCertVfyLabel[TSIP_CERT_VFY_LABEL_SZ] =
- "TLS 1.3, client CertificateVerify";
- #endif /* WOLFSSL_TLS13 */
- #endif /* WOLFSSL_RENESAS_TSIP_TLS */
- static int tsip_CryptHwMutexInit(wolfSSL_Mutex* mutex)
- {
- return wc_InitMutex(mutex);
- }
- static int tsip_CryptHwMutexLock(wolfSSL_Mutex* mutex)
- {
- return wc_LockMutex(mutex);
- }
- static int tsip_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
- {
- return wc_UnLockMutex(mutex);
- }
- #ifdef WOLF_PRIVATE_KEY_ID
- /* Set client encrypted private key data.
- * parameters:
- * ssl WOLFSSL object
- * keyBuf buffer holding wrapped key which Renesas key tool generated.
- * keyBufLen buffer length
- * keyType 0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
- * return 0 on success, others on failure.
- */
- WOLFSSL_API int tsip_use_PrivateKey_buffer(struct WOLFSSL* ssl,
- const char* keyBuf, int keyBufLen, int keyType)
- {
- int ret = 0;
- TsipUserCtx* tuc = NULL;
-
- WOLFSSL_ENTER("tsip_use_PrivateKey_buffer");
- if (ssl == NULL || keyBuf == NULL || keyBufLen == 0 ) {
- ret = BAD_FUNC_ARG;
- }
- if (ret == 0){
- tuc = ssl->RenesasUserCtx;
- tuc->wrappedPrivateKey = (uint8_t*)keyBuf;
- tuc->wrappedKeyType = keyType;
- /* store keyType as Id since Id capacity is 32 bytes */
- ret = wolfSSL_use_PrivateKey_Id(ssl,
- (const unsigned char*)keyBuf, 32, tuc->devId);
- if (ret == WOLFSSL_SUCCESS) {
- ret = 0;
- }
- }
- WOLFSSL_LEAVE("tsip_use_PrivateKey_buffer", ret);
- return ret;
- }
- /* Set client encrypted public key data.
- * parameters:
- * ssl WOLFSSL object
- * keyBuf buffer holding wrapped key which Renesas key tool generated.
- * keyBufLen buffer length
- * keyType 0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
- * return 0 on success, others on failure.
- */
- WOLFSSL_API int tsip_use_PublicKey_buffer(WOLFSSL* ssl,
- const char* keyBuf, int keyBufLen, int keyType)
- {
- int ret = 0;
- TsipUserCtx* tuc = NULL;
- WOLFSSL_ENTER("tsip_use_PublicKey_buffer");
- if (ssl == NULL || keyBuf == NULL || keyBufLen == 0) {
- ret = BAD_FUNC_ARG;
- }
- if (ret == 0){
- tuc = ssl->RenesasUserCtx;
- tuc->wrappedPublicKey = (uint8_t*)keyBuf;
- tuc->wrappedKeyType = keyType;
- }
- WOLFSSL_LEAVE("tsip_use_PublicKey_buffer", ret);
- return ret;
- }
- #endif /* WOLF_PRIVATE_KEY_ID */
- /* Obsolete function. Use tsip_use_PrivateKey_buffer instead.
- * Set client encrypted private key data.
- * parameters:
- * key Renesas Secure Flash Programmer generated key.
- * keyType 0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
- * return 0 on success, others on failure.
- */
- WOLFSSL_API int tsip_set_clientPrivateKeyEnc(const byte* encKey, int keyType)
- {
- int ret = 0;
- WOLFSSL_ENTER("tsip_set_clientPrivateKeyEnc");
- if (ret == 0) {
- g_user_key_info.encrypted_user_private_key = (uint8_t*)encKey;
- g_user_key_info.encrypted_user_private_key_type = keyType;
- }
-
- WOLFSSL_LEAVE("tsip_set_clientPrivateKeyEnc", ret);
- return ret;
- }
- /* Flush raw handshake messages in MsgBag
- *
- */
- static void tsipFlushMessages(struct WOLFSSL* ssl)
- {
- TsipUserCtx* tuc = NULL;
- MsgBag* bag = NULL;
- if (ssl == NULL)
- return;
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- return;
- }
- bag = &(tuc->messageBag);
- ForceZero(bag, sizeof(MsgBag));
- }
- WOLFSSL_LOCAL int tsip_TlsCleanup(struct WOLFSSL* ssl)
- {
- int ret = 0;
- TsipUserCtx* tuc = NULL;
- if (ssl == NULL)
- return BAD_FUNC_ARG;
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL)
- return ret;
- /* free stored messages */
- tsipFlushMessages(ssl);
-
- return ret;
- }
- #if defined(WOLFSSL_TLS13)
- /* generate ECC P265 key pair for ECDHE.
- * generated public key is stored in KeyShareEntry.pubkey and private key is
- * stored in TsipUserCtx.EcdhPrivKey13Idx as tsip specific format.
- * return 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
- * expecting to fallback to S/W, other negative values on error.
- */
- WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- int isTLS13 = 0;
- word16 curveId;
- ecc_key* ecckey = NULL;
- TsipUserCtx* tuc = NULL;
- WOLFSSL_ENTER("tsip_Tls13GenEccKeyPair");
-
- if (ssl == NULL || kse == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- /* TSIP works only in TLS13 client side */
- if (!isTLS13 || ssl->options.side != WOLFSSL_CLIENT_END) {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* TSIP can handle SECP256R1 */
- if (kse->group != WOLFSSL_ECC_SECP256R1) {
- WOLFSSL_MSG("TSIP can't handle the specified ECC curve.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- curveId = ECC_SECP256R1;
- /* Allocate space for the public key */
- if (ret == 0) {
- kse->pubKey = (byte*)XMALLOC(kse->pubKeyLen, ssl->heap,
- DYNAMIC_TYPE_PUBLIC_KEY);
- if (kse->pubKey == NULL) {
- WOLFSSL_MSG("Key data Memory error");
- ret = MEMORY_E;
- }
- else {
- ForceZero(kse->pubKey, kse->pubKeyLen);
- }
- }
- /* Allocate an ECC key to hold private key. */
- if (ret == 0) {
- kse->key = (byte*)XMALLOC(sizeof(ecc_key), ssl->heap, DYNAMIC_TYPE_ECC);
- if (kse->key == NULL) {
- WOLFSSL_MSG("EccTempKey Memory error");
- ret = MEMORY_E;
- }
- else {
- ret = wc_ecc_init_ex((ecc_key*)kse->key, ssl->heap, ssl->devId);
- }
- }
- if (ret == 0) {
- ecckey = (ecc_key*)kse->key;
- ret = wc_ecc_set_curve(ecckey, kse->keyLen, curveId);
- }
-
- kse->pubKey[0] = ECC_POINT_UNCOMP;
- /* generate ecc key pair with TSIP */
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
- tuc->Dhe_key_set =0;
- err = R_TSIP_GenerateTls13P256EccKeyIndex(
- &(tuc->handle13),
- TSIP_TLS13_MODE_FULL_HANDSHAKE,
- &(tuc->EcdhPrivKey13Idx), /* private key index */
- &(kse->pubKey[1])); /* generated public key */
- if (err != TSIP_SUCCESS){ret = WC_HW_E;}
- if (ret == 0) {
- WOLFSSL_MSG("ECDH private key-index is stored by TSIP");
- tuc->Dhe_key_set =1;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- if (ret != 0) {
- if (kse->key != NULL)
- XFREE(kse->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY);
- if (kse->pubKey != NULL)
- XFREE(kse->pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
- }
- WOLFSSL_LEAVE("tsip_Tls13GenEccKeyPair", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- /* generate shared secret(pre-master secret)
- * get peer's raw ECDHE public key from KeyShareEntry.
- * The pre-master secret generated by TSIP is stored into
- * TsipUserCtx.sharedSecret13Idx as TSIP specific format.
- *
- * return 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
- * expecting to fallback to S/W, other negative values on error.
- */
- WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
- struct KeyShareEntry* kse)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- int isTLS13 = 0;
- uint8_t* pubkeyraw = NULL;
- TsipUserCtx* tuc = NULL;
- WOLFSSL_ENTER("tsip_Tls13GenSharedSecret");
- if (ssl == NULL || kse == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- if (!isTLS13 || ssl->options.side != WOLFSSL_CLIENT_END) {
- WOLFSSL_MSG("Not in TLS1.3 or in client");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* make sure it is in TLS13 and in client side */
- if (kse->group != WOLFSSL_ECC_SECP256R1) {
- WOLFSSL_MSG("TSIP can't handle the specified group");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- if (!tuc->Dhe_key_set) {
- WOLFSSL_MSG("TSIP wasn't involved in the key-exchange.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
- tuc->SharedSecret_set = 0;
- pubkeyraw = kse->ke + 1; /* peer's raw public key data */
- /* derive shared secret */
- err = R_TSIP_Tls13GenerateEcdheSharedSecret(
- TSIP_TLS13_MODE_FULL_HANDSHAKE,
- pubkeyraw, /* peer's ECDHE public key */
- &(tuc->EcdhPrivKey13Idx), /*(out) own ECDHE priv key */
- &(tuc->sharedSecret13Idx)); /*(out) PreMasterSecret */
- if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_Tls13GenerateEcdheSharedSecret error");
- ret = WC_HW_E;
- }
- if (ret == 0) {
- /* set flag for later tsip operations */
- tuc->SharedSecret_set = 1;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsip_Tls13GenSharedSecret", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
- {
- int ret = 0;
- TsipUserCtx* tuc = NULL;
- WOLFSSL_ENTER("tsip_Tls13DeriveEarlySecret");
- if (ssl == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- else {
- tuc->EarlySecret_set = 1;
- }
- }
-
- WOLFSSL_LEAVE("tsip_Tls13DeriveEarlySecret", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- /* derive handshake secret.
- * get pre-master secret stored in TsipUserCtx.sharedSecret13Idx.
- * Derived handshake secret is stored into TsipUserCtx.handshakeSecret13Idx
- * as tsip specific format.
- *
- * return 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
- * expecting to fallback to S/W, other negative values on error.
- */
- WOLFSSL_LOCAL int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- int isTLS13 = 0;
- TsipUserCtx* tuc = NULL;
- WOLFSSL_ENTER("tsip_Tls13DeriveHandshakeSecret");
- if (ssl == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- if (!isTLS13 || (ssl->options.side != WOLFSSL_CLIENT_END)) {
- ret = CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* check if pre-master secret is generated by tsip */
- if (!tuc->SharedSecret_set) {
- WOLFSSL_MSG("TSIP wasn't involved in the key-exchange.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
-
- tuc->HandshakeSecret_set = 0;
- err = R_TSIP_Tls13GenerateHandshakeSecret(
- &(tuc->sharedSecret13Idx),
- &(tuc->handshakeSecret13Idx));
- if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_Tls13GenerateHandshakeSecret error");
- ret = WC_HW_E;
- }
- if (ret == 0) {
- tuc->HandshakeSecret_set = 1;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsip_Tls13DeriveHandshakeSecret", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- int isTLS13 = 0;
- TsipUserCtx* tuc = NULL;
- byte hash[WC_SHA256_DIGEST_SIZE];
- WOLFSSL_ENTER("tsipTls13DeriveClientHandshakeKeys");
- if (ssl == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- if (!isTLS13 || (ssl->options.side != WOLFSSL_CLIENT_END)) {
- ret = CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* make sure client handshake secret is generated by tsip */
- if (!tuc->HandshakeSecret_set) {
- WOLFSSL_MSG("TSIP wasn't involved in the key-exchange.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* get digest of handshake messages */
- ret = tsip_GetMessageSha256(ssl, hash, NULL);
- }
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
-
- tuc->HandshakeClientTrafficKey_set = 0;
-
- err = R_TSIP_Tls13GenerateClientHandshakeTrafficKey(
- &(tuc->handle13),
- TSIP_TLS13_MODE_FULL_HANDSHAKE,
- &(tuc->handshakeSecret13Idx),
- hash,
- &(tuc->clientWriteKey13Idx),
- &(tuc->clientFinished13Idx));
- if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG(
- "R_TSIP_Tls13GenerateClientHandshakeTrafficKey error");
- ret = WC_HW_E;
- }
- /* key derivation succeeded */
- if (ret == 0) {
- tuc->HandshakeClientTrafficKey_set = 1;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsipTls13DeriveClientHandshakeKeys", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- int isTLS13 = 0;
- TsipUserCtx* tuc = NULL;
- byte hash[WC_SHA256_DIGEST_SIZE];
- WOLFSSL_ENTER("tsipTls13DeriveServerHandshakeKeys");
- if (ssl == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- if (!isTLS13 || (ssl->options.side != WOLFSSL_CLIENT_END)) {
- ret = CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* make sure client handshake secret is generated by tsip */
- if (!tuc->HandshakeSecret_set) {
- WOLFSSL_MSG("TSIP wasn't involved in the key-exchange.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* get digest of handshake packets */
- ret = tsip_GetMessageSha256(ssl, hash, NULL);
- }
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
-
- tuc->HandshakeServerTrafficKey_set = 0;
- err = R_TSIP_Tls13GenerateServerHandshakeTrafficKey(
- &(tuc->handle13),
- TSIP_TLS13_MODE_FULL_HANDSHAKE,
- &(tuc->handshakeSecret13Idx),
- hash,
- &(tuc->serverWriteKey13Idx),
- &(tuc->serverFinished13Idx));
- if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG(
- "R_TSIP_Tls13GenerateServerHandshakeTrafficKey error");
- ret = WC_HW_E;
- }
-
- /* key derivation succeeded */
- if (ret == 0) {
- tuc->HandshakeServerTrafficKey_set = 1;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsipTls13DeriveServerHandshakeKeys", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- int isTLS13 = 0;
- TsipUserCtx* tuc = NULL;
- byte hash[WC_SHA256_DIGEST_SIZE];
- WOLFSSL_ENTER("tsipTls13DeriveTrafficKeys");
- if (ssl == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- if (!isTLS13 || (ssl->options.side != WOLFSSL_CLIENT_END)) {
- ret = CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* make sure master secret is generated by tsip */
- if (!tuc->MasterSecret_set) {
- WOLFSSL_MSG("TSIP wasn't involved in the key-exchange.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* get digest of handshake messages */
- ret = tsip_GetMessageSha256(ssl, hash, NULL);
- }
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
-
- tuc->ServerTrafficSecret_set = 0;
- tuc->ClientTrafficSecret_set = 0;
- tuc->ServerWriteTrafficKey_set = 0;
- tuc->ClientWriteTrafficKey_set = 0;
- err = R_TSIP_Tls13GenerateApplicationTrafficKey(
- &(tuc->handle13),
- TSIP_TLS13_MODE_FULL_HANDSHAKE,
- &(tuc->masterSecret13Idx),
- (uint8_t*)hash,
- &(tuc->serverAppTraffic13Secret),
- &(tuc->clientAppTraffic13Secret),
- &(tuc->serverAppWriteKey13Idx),
- &(tuc->clientAppWriteKey13Idx));
- if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG(
- "R_TSIP_Tls13GenerateApplicationTrafficKey error");
- ret = WC_HW_E;
- }
-
- /* key derivation succeeded */
- if (ret == 0) {
- tuc->ServerTrafficSecret_set = 1;
- tuc->ClientTrafficSecret_set = 1;
- tuc->ServerWriteTrafficKey_set = 1;
- tuc->ClientWriteTrafficKey_set = 1;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsipTls13DeriveTrafficKeys", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- int isTLS13 = 0;
- TsipUserCtx* tuc = NULL;
- WOLFSSL_ENTER("tsipTls13UpdateClientTrafficKeys");
- if (ssl == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- if (!isTLS13 || (ssl->options.side != WOLFSSL_CLIENT_END)) {
- ret = CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* make sure application secret is generated by tsip */
- if (!tuc->ClientTrafficSecret_set) {
- WOLFSSL_MSG("TSIP wasn't involved in the key-exchange.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
- tuc->ClientWriteTrafficKey_set = 0;
- err = R_TSIP_Tls13UpdateApplicationTrafficKey(
- &(tuc->handle13),
- TSIP_TLS13_MODE_FULL_HANDSHAKE,
- TSIP_TLS13_UPDATE_CLIENT_KEY,
- &(tuc->clientAppTraffic13Secret),
- &(tuc->clientAppTraffic13Secret),
- &(tuc->clientAppWriteKey13Idx));
- if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_Tls13UpdateApplicationTrafficKey error");
- ret = WC_HW_E;
- }
- else {
- tuc->ClientWriteTrafficKey_set = 1;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsipTls13UpdateClientTrafficKeys", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- int isTLS13 = 0;
- TsipUserCtx* tuc = NULL;
- WOLFSSL_ENTER("tsipTls13UpdateServerTrafficKeys");
- if (ssl == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- if (!isTLS13 || (ssl->options.side != WOLFSSL_CLIENT_END)) {
- ret = CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* make sure application secret is generated by tsip */
- if (!tuc->ServerTrafficSecret_set) {
- WOLFSSL_MSG("TSIP wasn't involved in the key-exchange.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
- tuc->ServerWriteTrafficKey_set = 0;
- err = R_TSIP_Tls13UpdateApplicationTrafficKey(
- &(tuc->handle13),
- TSIP_TLS13_MODE_FULL_HANDSHAKE,
- TSIP_TLS13_UPDATE_SERVER_KEY,
- &(tuc->serverAppTraffic13Secret),
- &(tuc->serverAppTraffic13Secret),
- &(tuc->serverAppWriteKey13Idx));
- if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_Tls13UpdateApplicationTrafficKey error");
- ret = WC_HW_E;
- }
- else {
- tuc->ServerWriteTrafficKey_set = 1;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsipTls13UpdateServerTrafficKeys", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- /* Derive the keys for TLS v1.3.
- *
- * ssl The WOLFSSL object.
- * keyType kind of keys to derive.
- * handshake_key: when deriving keys for encrypting handshake messages.
- * traffic_key: when deriving first keys for encrypting traffic messages.
- * update_traffic_key: when deriving next keys for encrypting
- * traffic messages.
- *
- * side ENCRYPT_SIDE_ONLY: when only encryption secret needs to be derived.
- * DECRYPT_SIDE_ONLY: when only decryption secret needs to be derived.
- * ENCRYPT_AND_DECRYPT_SIDE: when both secret needs to be derived.
- *
- * returns 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
- * expecting to fallback to S/W, other negative values on error.
- */
- WOLFSSL_LOCAL int tsip_Tls13DeriveKeys(struct WOLFSSL* ssl,
- int keyType, int side)
- {
- int ret = 0;
- int provision;
- WOLFSSL_ENTER("tsip_Tls13DeriveKeys");
- if (side == ENCRYPT_AND_DECRYPT_SIDE) {
- provision = PROVISION_CLIENT_SERVER;
- }
- else {
- provision = ((ssl->options.side != WOLFSSL_CLIENT_END) ^
- (side == ENCRYPT_SIDE_ONLY)) ? PROVISION_CLIENT :
- PROVISION_SERVER;
- }
- /* derive client key */
- switch (keyType) {
- case early_data_key:
- WOLFSSL_MSG("TSIP can't handle early data key");
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- case handshake_key:
- if (provision & PROVISION_CLIENT) {
- ret = tsipTls13DeriveClientHandshakeKeys(ssl);
- }
- break;
- case traffic_key:
- ret = tsipTls13DeriveTrafficKeys(ssl);
- break;
- case update_traffic_key:
- if (provision & PROVISION_CLIENT) {
- ret = tsipTls13UpdateClientTrafficKeys(ssl);
- }
- break;
- default:
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- }
- if (ret == 0) {
- /* derive server key */
- switch (keyType) {
- case early_data_key:
- WOLFSSL_MSG("TSIP can't handle early data key");
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- case handshake_key:
- if (provision & PROVISION_SERVER) {
- ret = tsipTls13DeriveServerHandshakeKeys(ssl);
- }
- break;
- case traffic_key:
- /* traffic key for server was derived in
- * tsipTls13DeriveTrafficKeys
- */
- break;
- case update_traffic_key:
- if (provision & PROVISION_SERVER) {
- ret = tsipTls13UpdateServerTrafficKeys(ssl);
- }
- break;
- default:
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- }
- }
- WOLFSSL_LEAVE("tsip_Tls13DeriveKeys", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- int isTLS13 = 0;
- TsipUserCtx* tuc = NULL;
- WOLFSSL_ENTER("tsip_Tls13DeriveMasterSecret");
- if (ssl == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- if (!isTLS13 || (ssl->options.side != WOLFSSL_CLIENT_END)) {
- ret = CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* make sure handshake secret and verify data has been set by TSIP */
- if (!tuc->HandshakeSecret_set ||
- !tuc->HandshakeVerifiedData_set) {
- WOLFSSL_MSG("TSIP wasn't involved in the key-exchange.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
-
- tuc->MasterSecret_set = 0;
- err = R_TSIP_Tls13GenerateMasterSecret(
- &(tuc->handle13),
- TSIP_TLS13_MODE_FULL_HANDSHAKE,
- &(tuc->handshakeSecret13Idx),
- (uint32_t*)tuc->verifyData13Idx,
- &(tuc->masterSecret13Idx));
- if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG(
- "R_TSIP_Tls13GenerateMasterSecret( error");
- ret = WC_HW_E;
- }
-
- if (ret == 0) {
- tuc->MasterSecret_set = 1;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsip_Tls13DeriveMasterSecret", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- /* verify handshake
- * ssl WOLFSSL object
- * hash buffer holding decrypted finished message content from server.
- *
- */
- static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl,
- const byte* hash)/*finished message*/
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- int isTLS13 = 0;
- TsipUserCtx* tuc = NULL;
- word32 msgHash[WC_SHA256_DIGEST_SIZE/sizeof(word32)];
- WOLFSSL_ENTER("tsipTls13VerifyHandshake");
- if (ssl == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- if (!isTLS13 || (ssl->options.side != WOLFSSL_CLIENT_END)) {
- ret = CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* make sure handshake secret is generated by tsip */
- if (!tuc->HandshakeServerTrafficKey_set) {
- WOLFSSL_MSG("TSIP wasn't involved in the key-exchange.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- /* get digest of handshake messages */
- if (ret == 0) {
- ret = tsip_GetMessageSha256(ssl, (byte*)msgHash, NULL);
- }
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
-
- tuc->HandshakeVerifiedData_set = 0;
- err = R_TSIP_Tls13ServerHandshakeVerification(
- TSIP_TLS13_MODE_FULL_HANDSHAKE,
- &(tuc->serverFinished13Idx),
- (uint8_t*)msgHash,
- (uint8_t*)hash,
- (uint32_t*)(tuc->verifyData13Idx));
- if (err == TSIP_ERR_VERIFICATION_FAIL) {
- WOLFSSL_MSG("Handshake verification error");
- ret = VERIFY_FINISHED_ERROR;
- }
- else if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_Tls13ServerHandshakeVerification error");
- ret = WC_HW_E;
- }
- if (ret == 0) {
- WOLFSSL_MSG("Verified handshake");
- tuc->HandshakeVerifiedData_set = 1;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsipTls13VerifyHandshake", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- /* handles finished message from server.
- * verify hmac in the message. Also output verify data to
- * TsipUserCtx.verifyDataIdx, which is used for deriving master secret.
- *
- * ssl WOLFSSL object
- * input the buffer holding decrypted finished message, type and padding
- * inOutIdx On entry, the index into the message content of Finished.
- * On exit, the index of byte after the Finished message and padding.
- * size Length of message content(excluding type and padding)
- * totalSz Length in the record header. means message + type + pad.
- * return 0, on success, others on failure.
- */
- WOLFSSL_LOCAL int tsip_Tls13HandleFinished(
- struct WOLFSSL* ssl,
- const byte* input,
- word32* inOutIdx,
- word32 size,
- word32 totalSz)
- {
- int ret = 0;
- WOLFSSL_ENTER("tsip_Tls13HandleFinished");
- if (ssl == NULL || input == NULL || inOutIdx == NULL) {
- ret = BAD_FUNC_ARG;
- }
- if (ret == 0) {
- ret = tsipTls13VerifyHandshake(ssl, input + *inOutIdx);
- }
- if (ret == 0) {
- /* Force input exhaustion at ProcessReply by consuming padSz. */
- *inOutIdx += size + ssl->keys.padSz;
- ssl->options.serverState = SERVER_FINISHED_COMPLETE;
- }
- WOLFSSL_LEAVE("tsip_Tls13HandleFinished", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- /* Build TLS v1.3 Message and make it encrypted with AEAD algorithm.
- * TSIP supports AES-GCM and AES-CCM.
- * ssl The WOLFSSL object.
- * output The buffer to write record message to.
- * outSz Size of the buffer being written into.
- * input The handshake message data to encrypt (excluding trailing type).
- * inSz The size of the handshake message (including message header).
- * type The real content type being put after the message data.
- * hashOutput Whether to hash the unencrypted record data.
- * returns the size of the record including header, CRYPTOCB_UNAVAILABLE
- * when tsip can not handle and is expecting to fallback to S/W,
- * other negative values on error.
- */
- WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl,
- byte* output,
- int outSz,
- const byte* input,
- int inSz,
- int type,
- int hashOutput)
- {
- int ret = 0;
- int recSz;
- int isTLS13 = 0;
- RecordLayerHeader* rl = NULL;
- (void)outSz;
-
- WOLFSSL_ENTER("tsip_Tls13BuildMessage");
- if (ssl == NULL || output == NULL || input == NULL) {
- ret = BAD_FUNC_ARG;
- }
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- isTLS13 = 1;
- }
- if (!isTLS13 || (ssl->options.side != WOLFSSL_CLIENT_END)) {
- ret = CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
- }
- }
- if (ret == 0) {
- /* make sure hash algorithm is SHA256 */
- if (ssl->specs.mac_algorithm != sha256_mac ) {
- WOLFSSL_MSG("TSIP can't handle this hash algorithm.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- if ((ssl->specs.bulk_cipher_algorithm != wolfssl_aes_gcm) &&
- (ssl->specs.bulk_cipher_algorithm != wolfssl_aes_ccm)) {
- WOLFSSL_MSG("TSIP can't handle the specified algorithm");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* set size in record header */
- recSz = inSz + 1 + ssl->specs.aead_mac_size;
- /* update the record header with the new size. */
- rl = (RecordLayerHeader*)output;
- rl->type = application_data;
- rl->pvMajor = ssl->version.major;
- rl->pvMinor = TLSv1_2_MINOR;
- c16toa((word16)recSz, rl->length);
- if (input != output + RECORD_HEADER_SZ) {
- XMEMCPY(output + RECORD_HEADER_SZ, input, inSz);
- }
- if (hashOutput) {
- ret = HashOutput(ssl, output, RECORD_HEADER_SZ + inSz, 0);
- }
- }
- if (ret == 0) {
- /* The real record content type goes at the end of the data. */
- output[RECORD_HEADER_SZ + inSz] = (byte)type;
- ret = tsip_Tls13AesEncrypt(ssl,
- output + RECORD_HEADER_SZ, /* output */
- output + RECORD_HEADER_SZ, /* plain message */
- inSz + 1); /* plain data size(= inSz + 1 for type) */
- if (ret > 0) {
- ret = recSz + RECORD_HEADER_SZ; /* return record size */
- }
- }
- WOLFSSL_LEAVE("tsip_Tls13BuildMessage", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- /* Send finished message to the server.
- *
- * ssl WOLFSSL object
- * output buffer to output packet, including packet header and finished message
- * outSz buffer size of output
- * input buffer holding finished message
- * hashOut
- * return 0 on success, CRYPTOCB_UNAVAILABLE when TSIP can not handle,
- * other negative values on error.
- */
- WOLFSSL_LOCAL int tsip_Tls13SendFinished(
- struct WOLFSSL* ssl,
- byte* output,
- int outSz,
- const byte* input,
- int hashOut)
- {
- int ret = 0;
- int finishedSz;
- int headerSz = HANDSHAKE_HEADER_SZ;
- int recordSz;
- WOLFSSL_ENTER("tsip_Tls13SendFinished");
- if (ssl == NULL || output == NULL || input == NULL || outSz == 0) {
- ret = BAD_FUNC_ARG;
- }
-
- if (ret == 0) {
- finishedSz = ssl->specs.hash_size;
- ret = tsip_Tls13GetHmacMessages(ssl, (byte*)&input[headerSz]);
- }
- if (ret == 0) {
- recordSz = WC_MAX_DIGEST_SIZE + DTLS_HANDSHAKE_HEADER_SZ + MAX_MSG_EXTRA;
- /* check for available size */
- ret = CheckAvailableSize(ssl, recordSz);
- recordSz = 0;
- }
- if (ret == 0) {
- recordSz = tsip_Tls13BuildMessage(ssl,
- output, outSz,
- input, headerSz + finishedSz,
- handshake, hashOut);
-
- if (recordSz > 0) {
- ssl->options.clientState = CLIENT_FINISHED_COMPLETE;
- ssl->options.handShakeState = HANDSHAKE_DONE;
- ssl->options.handShakeDone = 1;
- ssl->buffers.outputBuffer.length += recordSz; /* advance length */
- ret = SendBuffered(ssl);
- }
- else {
- ret = recordSz;
- }
- }
- WOLFSSL_LEAVE("tsip_Tls13SendFinished", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_TLS13)
- /* Parse and handle a TLS v1.3 CertificateVerify message sent from a server.
- *
- * ssl WOLFSSL object
- * input buffer holding certificate verify message
- * inOutIdx On entry, the index into the message buffer of
- * CertificateVerify.
- * On exit, the index of byte after the CertificateVerify message.
- * totalSz The length of the current handshake message.
- * return 0 on success, CRYPTOCB_UNAVAILABLE when TSIP can not handle,
- * other negative values on error.
- */
- WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
- const byte* input, word32* inOutIdx,
- word32 totalSz)
- {
- int ret = 0;
- byte* sigData = NULL;
- byte hiAlgo,loAlgo;
- int messageSz;
- word16 signatureLen;
- word16 idx;
- e_tsip_err_t err = TSIP_SUCCESS;
- TsipUserCtx* tuc = NULL;
- e_tsip_tls13_signature_scheme_type_t sig_scheme;
-
- WOLFSSL_ENTER("tsip_Tls13CertificateVerify");
- if (ssl == NULL || input == NULL || inOutIdx == NULL) {
- ret = BAD_FUNC_ARG;
- }
- if (ret == 0) {
- if (ENUM_LEN + ENUM_LEN > totalSz) {
- ret = BUFFER_ERROR;
- }
- /* parse certificate verify message to get hash-algo */
- hiAlgo = *(input + *inOutIdx);
- loAlgo = *(input + *inOutIdx + 1);
- }
- if (ret == 0) {
- /* get signature length */
- ato16(input + *inOutIdx + 2, &signatureLen);
- if (ENUM_LEN + ENUM_LEN + OPAQUE16_LEN > totalSz) {
- ret = BUFFER_ERROR;
- }
- }
- if (ret == 0) {
- if (ENUM_LEN + ENUM_LEN + OPAQUE16_LEN + signatureLen > totalSz) {
- ret = BUFFER_ERROR;
- }
- }
- if (ret == 0) {
- /* check if tsip accepts signature algorithm */
- if (hiAlgo == NEW_SA_MAJOR && loAlgo == sha256_mac) {
- /* rsa_pss_rsae_sha256 0x0804 */
- WOLFSSL_MSG("Peer sent RSA sig");
- sig_scheme = TSIP_TLS13_SIGNATURE_SCHEME_RSA_PSS_RSAE_SHA256;
- }
- else if (hiAlgo == 0x04 && loAlgo == ecc_dsa_sa_algo) {
- /* ecdsa_secp256r1_sha256 0x0403 */
- WOLFSSL_MSG("Peer sent ECC sig");
- sig_scheme = TSIP_TLS13_SIGNATURE_SCHEME_ECDSA_SECP256R1_SHA256;
- }
- else {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- WOLFSSL_MSG("TsipUserCtx is not set to ssl.");
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- /* check if peer's public key is stored */
- if (ret == 0) {
- if (ssl->peerSceTsipEncRsaKeyIndex == NULL) {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* create sign data */
- sigData = tuc->sigDataCertVerify;
- idx = 0;
- ForceZero(sigData, sizeof(tuc->sigDataCertVerify));
- XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE,
- TSIP_SIGNING_DATA_PREFIX_SZ);
- idx += TSIP_SIGNING_DATA_PREFIX_SZ;
- XMEMCPY(&sigData[idx], serverCertVfyLabel, TSIP_CERT_VFY_LABEL_SZ);
- idx += TSIP_CERT_VFY_LABEL_SZ;
- ret = tsip_GetMessageSha256(ssl, &sigData[idx], &messageSz);
- }
-
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
- err = R_TSIP_Tls13CertificateVerifyVerification(
- (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex,
- sig_scheme,
- &sigData[idx],
- (uint8_t*)(input + *inOutIdx),
- totalSz);
- if (err == TSIP_SUCCESS) {
-
- *inOutIdx += totalSz;
- *inOutIdx += ssl->keys.padSz;
- ssl->options.peerAuthGood = 1;
- ssl->options.havePeerVerify = 1;
- #if !defined(NO_WOLFSSL_CLIENT)
- if (ssl->options.side == WOLFSSL_CLIENT_END)
- ssl->options.serverState = SERVER_CERT_VERIFY_COMPLETE;
- #endif
- }
- else {
- ret = WC_HW_E;
- if (err == TSIP_ERR_AUTHENTICATION) {
- WOLFSSL_MSG("Certificate Verification failed.");
- }
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsip_Tls13CertificateVerify", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- /*
- * Import wrapped private key then convert it into TSIP key_index format.
- * The target key should be set with tsip_use_PrivateKey_buffer in advance.
- * Acceptable key types are:
- * TSIP_KEY_TYPE_RSA2048 rsa 2048 bit key
- * TSIP_KEY_TYPE_RSA4096 rsa 4096 bit key(Not supported as of now)
- * TSIP_KEY_TYPE_ECDSAP256 ecdsa p256r1 key
- */
- static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- uint8_t* provisioning_key = g_user_key_info.encrypted_provisioning_key;
- uint8_t* iv = g_user_key_info.iv;
- uint8_t* encPrivKey;
- WOLFSSL_ENTER("tsipImportPrivateKey");
- if (tuc == NULL)
- return BAD_FUNC_ARG;
- encPrivKey = tuc->wrappedPrivateKey;
- if (encPrivKey == NULL || provisioning_key == NULL || iv == NULL) {
- WOLFSSL_MSG("Missing some key materials used for import" );
- return CRYPTOCB_UNAVAILABLE;
- }
- if (ret == 0) {
- if (keyType != tuc->wrappedKeyType) {
- WOLFSSL_MSG("No public key of specified type is set" );
- return CRYPTOCB_UNAVAILABLE;
- }
- }
- if ((ret = tsip_hw_lock()) == 0) {
- switch (keyType) {
- #if !defined(NO_RSA)
- case TSIP_KEY_TYPE_RSA2048:
-
- tuc->ClientRsa2048PrivKey_set = 0;
- err = R_TSIP_GenerateRsa2048PrivateKeyIndex(
- provisioning_key, iv, (uint8_t*)encPrivKey,
- &(tuc->Rsa2048PrivateKeyIdx));
- if (err == TSIP_SUCCESS) {
- tuc->ClientRsa2048PrivKey_set = 1;
- }
- else {
- ret = WC_HW_E;
- }
- break;
- #endif
- case TSIP_KEY_TYPE_RSA4096:
- /* not supported as of TSIPv1.15 */
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- #if defined(HAVE_ECC)
- case TSIP_KEY_TYPE_ECDSAP256:
- tuc->ClientEccP256PrivKey_set = 0;
- err = R_TSIP_GenerateEccP256PrivateKeyIndex(
- provisioning_key, iv, (uint8_t*)encPrivKey,
- &(tuc->EcdsaP256PrivateKeyIdx));
- if (err == TSIP_SUCCESS) {
- tuc->ClientEccP256PrivKey_set = 1;
- }
- else {
- ret = WC_HW_E;
- }
- break;
- #endif
- default:
- ret = BAD_FUNC_ARG;
- break;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- WOLFSSL_LEAVE("tsipImportPrivateKey", ret);
- return ret;
- }
- /*
- * Import wrapped public key then convert it into TSIP key_index format.
- * The target key should be set with tsip_use_PublicKey_buffer in advance.
- * Acceptable key types are:
- * TSIP_KEY_TYPE_RSA2048 rsa 2048 bit key
- * TSIP_KEY_TYPE_RSA4096 rsa 4096 bit key(Not supported as of now)
- * TSIP_KEY_TYPE_ECDSAP256 ecdsa p256r1 key
- */
- static int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- uint8_t* provisioning_key = g_user_key_info.encrypted_provisioning_key;
- uint8_t* iv = g_user_key_info.iv;
- uint8_t* encPubKey;
- WOLFSSL_ENTER("tsipImportPublicKey");
- if (tuc == NULL ) {
- return BAD_FUNC_ARG;
- }
- encPubKey = tuc->wrappedPublicKey;
- if (encPubKey == NULL || provisioning_key == NULL || iv == NULL) {
- WOLFSSL_MSG("Missing some key materials used for import" );
- return CRYPTOCB_UNAVAILABLE;
- }
- if (ret == 0) {
- if (keyType != tuc->wrappedKeyType) {
- WOLFSSL_MSG("No public key of specified type is set" );
- return CRYPTOCB_UNAVAILABLE;
- }
- }
- if ((ret = tsip_hw_lock()) == 0) {
- switch(keyType) {
-
- #if !defined(NO_RSA)
- case TSIP_KEY_TYPE_RSA2048:
-
- tuc->ClientRsa2048PubKey_set = 0;
- err = R_TSIP_GenerateRsa2048PublicKeyIndex(
- provisioning_key, iv, (uint8_t*)encPubKey,
- &(tuc->Rsa2048PublicKeyIdx));
- if (err == TSIP_SUCCESS) {
- tuc->ClientRsa2048PubKey_set = 1;
- }
- else {
- ret = WC_HW_E;
- }
- break;
- #endif
-
- #if !defined(NO_RSA)
- case TSIP_KEY_TYPE_RSA4096:
- /* not supported as of TSIPv1.15 */
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- #endif
-
- #if defined(HAVE_ECC)
- case TSIP_KEY_TYPE_ECDSAP256:
- tuc->ClientEccP256PubKey_set = 0;
- err = R_TSIP_GenerateEccP256PublicKeyIndex(
- provisioning_key, iv, (uint8_t*)encPubKey,
- &(tuc->EcdsaP256PublicKeyIdx));
- if (err == TSIP_SUCCESS) {
- tuc->ClientEccP256PubKey_set = 1;
- }
- else {
- ret = WC_HW_E;
- }
- break;
- #endif
- default:
- ret = BAD_FUNC_ARG;
- break;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- WOLFSSL_LEAVE("tsipImportPublicKey", ret);
- return ret;
- }
- #if defined(WOLFSSL_TLS13)
- /* Send the TLS v1.3 CertificateVerify message. A part of the message is
- * processed by TSIP for acceleration.
- *
- * Prior to this function call, the appropriate key-pair should be set via
- * tsip_use_PrivateKey_buffer and tsip_use_PublicKey_buffer APIs. Those key pair
- * can be generated by the tool named "Renesas secure flash programmer".
- * When RSA certificate is used, both public and private keys should be set.
- * The public key is used for self-verify the generated certificateVerify
- * message. When ECC certificate is used, the self-verify will be performed only
- * WOLFSSL_CHECK_SIG_FAULTS is defined.
- *
- * Returns 0 on success, CRYPTOCB_UNAVAILABLE when the required key is not
- * provided or unsupported algo is specified and otherwise failure.
- */
- WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- byte* sigData = NULL;
- word16 idx;
- int isTLS13 = 0;
- TsipUserCtx* tuc = NULL;
- byte* output = NULL;
- byte* message = NULL;
- byte* derSig = NULL;
- int isRsa = -1;
- uint32_t messageSz,recordSz,hashSz;
- byte hash[WC_SHA256_DIGEST_SIZE];
- byte sig_rs[R_TSIP_ECDSA_DATA_BYTE_SIZE];
- tsip_rsa_byte_data_t rsa_sig,rsa_hash;
- tsip_ecdsa_byte_data_t ecdsa_sig,ecdsa_hash;
- WOLFSSL_ENTER("tsip_Tls13SendCertVerify");
- (void)derSig;
- (void)rsa_sig;
- (void)rsa_hash;
- (void)ecdsa_sig;
- (void)ecdsa_hash;
- (void)sig_rs;
- if (ssl == NULL) {
- ret = BAD_FUNC_ARG;
- }
- if (ret == 0) {
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR)
- isTLS13 = 1;
- /* check if it's TLS13 and client side */
- if (!isTLS13 || ssl->options.side != WOLFSSL_CLIENT_END) {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
-
- if (ret == 0) {
- /* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
- if (tuc == NULL) {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- #if !defined(NO_RSA)
- if (ssl->options.haveRSA)
- isRsa = 1;
- else
- #endif
- #ifdef HAVE_ECC
- if (ssl->options.haveECC)
- isRsa = 0;
- else
- #endif /* HAVE_ECC */
- isRsa = -1;
- if (isRsa != 0 && isRsa != 1) {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- ret = tsipImportPrivateKey(tuc, tuc->wrappedKeyType);
- }
- if (ret == 0) {
- if (isRsa) {
- if (!tuc->ClientRsa2048PrivKey_set) {
- ret = NO_PRIVATE_KEY;
- }
- }
- else {
- if (!tuc->ClientEccP256PrivKey_set) {
- ret = NO_PRIVATE_KEY;
- }
- }
- }
- if (ret == 0) {
- /* get message hash */
- ForceZero(hash, sizeof(hash));
- ret = tsip_GetMessageSha256(ssl, hash, (int*)&hashSz);
- }
- if (ret == 0) {
- recordSz = MAX_CERT_VERIFY_SZ + MAX_MSG_EXTRA * 2;
- /* check for available size */
- ret = CheckAvailableSize(ssl, recordSz);
- recordSz = 0;
- }
- if (ret == 0) {
- /* get output buffer for record header */
- output = ssl->buffers.outputBuffer.buffer +
- ssl->buffers.outputBuffer.length;
- /* buffer for message header */
- message = output + RECORD_HEADER_SZ;
- }
- /* generate signature */
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
- if (isRsa) {
- err = R_TSIP_Tls13CertificateVerifyGenerate(
- (uint32_t*)&(tuc->Rsa2048PrivateKeyIdx),
- TSIP_TLS13_SIGNATURE_SCHEME_RSA_PSS_RSAE_SHA256,
- hash,
- message + HANDSHAKE_HEADER_SZ,
- &messageSz);
- }
- else {
- err = R_TSIP_Tls13CertificateVerifyGenerate(
- (uint32_t*)&(tuc->EcdsaP256PrivateKeyIdx),
- TSIP_TLS13_SIGNATURE_SCHEME_ECDSA_SECP256R1_SHA256,
- hash,
- message + HANDSHAKE_HEADER_SZ,
- &messageSz);
- }
- if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG("failed to make certificate verify message");
- ret = WC_HW_E;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- if (ret == 0) {
- if (isRsa) {
- ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
- }
- else {
- #if defined(WOLFSSL_CHECK_SIG_FAULTS)
- ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
- #endif
- }
- }
- if (ret == 0) {
- if (isRsa) {
- if (!tuc->ClientRsa2048PubKey_set) {
- ret = NO_PRIVATE_KEY;
- }
- }
- else {
- #if defined(WOLFSSL_CHECK_SIG_FAULTS)
- if (!tuc->ClientEccP256PubKey_set) {
- ret = NO_PRIVATE_KEY;
- }
- #endif /* WOLFSSL_CHECK_SIG_FAULTS */
- }
- }
- if (ret == 0) {
- sigData = tuc->sigDataCertVerify;
- idx = 0;
- ForceZero(sigData, sizeof(tuc->sigDataCertVerify));
- XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE,
- TSIP_SIGNING_DATA_PREFIX_SZ);
- idx += TSIP_SIGNING_DATA_PREFIX_SZ;
- XMEMCPY(&sigData[idx], clientCertVfyLabel, TSIP_CERT_VFY_LABEL_SZ);
- idx += TSIP_CERT_VFY_LABEL_SZ;
- XMEMCPY(&sigData[idx], hash, hashSz);
- }
- if (ret == 0) {
- /* extract signature data from generated CertificateVerify message */
- if (!isRsa) {
- #if defined(WOLFSSL_CHECK_SIG_FAULTS)
- idx = 4;
- derSig = message +
- HANDSHAKE_HEADER_SZ + HASH_SIG_SIZE + VERIFY_HEADER;
- if (derSig[idx] == 0x00)
- idx++;
- XMEMCPY(sig_rs, &derSig[idx], R_TSIP_ECDSA_DATA_BYTE_SIZE / 2);
- idx += (R_TSIP_ECDSA_DATA_BYTE_SIZE / 2) + ASN_TAG_SZ + 1;
- if (derSig[idx] == 0x00)
- idx++;
- XMEMCPY(&sig_rs[R_TSIP_ECDSA_DATA_BYTE_SIZE / 2],
- &derSig[idx], R_TSIP_ECDSA_DATA_BYTE_SIZE / 2);
- #endif /* WOLFSSL_CHECK_SIG_FAULTS */
- }
- }
- if (ret == 0) {
- if ((ret = tsip_hw_lock()) == 0) {
- if (isRsa) {
- rsa_sig.pdata = message + HANDSHAKE_HEADER_SZ +
- HASH_SIG_SIZE + VERIFY_HEADER;
- rsa_hash.pdata = sigData;
- rsa_hash.data_length = TSIP_SIGNING_DATA_PREFIX_SZ +
- TSIP_CERT_VFY_LABEL_SZ + sizeof(hash);
- rsa_hash.data_type = 0;
- err = R_TSIP_RsassaPss2048SignatureVerification(
- &rsa_sig, &rsa_hash,
- &tuc->Rsa2048PublicKeyIdx,
- R_TSIP_RSA_HASH_SHA256);
- WOLFSSL_MSG("Perform self-verify for rsa signature");
- }
- else {
- err = TSIP_SUCCESS;
- #if defined(WOLFSSL_CHECK_SIG_FAULTS)
- ecdsa_sig.pdata = sig_rs;
- ecdsa_hash.pdata = sigData;
- ecdsa_hash.data_length = TSIP_SIGNING_DATA_PREFIX_SZ +
- TSIP_CERT_VFY_LABEL_SZ + sizeof(hash);
- ecdsa_hash.data_type = 0;
- err = R_TSIP_EcdsaP256SignatureVerification(
- &ecdsa_sig, &ecdsa_hash,
- &tuc->EcdsaP256PublicKeyIdx);
- WOLFSSL_MSG("Perform self-verify for ecc signature");
- #endif /* WOLFSSL_CHECK_SIG_FAULTS */
- }
- if (err != TSIP_SUCCESS) {
- WOLFSSL_MSG("Failed to verify signature");
- ret = VERIFY_SIGN_ERROR;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- /* create message header */
- if (ret == 0) {
- ((HandShakeHeader*)message)->type = certificate_verify;
- c32to24(messageSz, ((HandShakeHeader*)message)->length);
-
- recordSz = tsip_Tls13BuildMessage(ssl, output, 0, message,
- messageSz + HANDSHAKE_HEADER_SZ,
- handshake, 1);
- if (recordSz > 0) {
- ssl->buffers.outputBuffer.length += recordSz;
- ret = SendBuffered(ssl);
- }
- else {
- ret = recordSz;
- }
- }
- WOLFSSL_LEAVE("tsip_Tls13SendCertVerify", ret);
- return ret;
- }
- #endif /* WOLFSSL_TLS13 */
- #if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER >=109)
- static uint32_t GetTsipCipherSuite(
- uint8_t cipherSuiteFirst,
- uint8_t cipherSuite)
- {
- WOLFSSL_ENTER("GetTsipCipherSuite");
- uint32_t tsipCipher;
- if (cipherSuiteFirst == CIPHER_BYTE)
- {
- switch(cipherSuite) {
- case TLS_RSA_WITH_AES_128_CBC_SHA: /*2F*/
- tsipCipher = R_TSIP_TLS_RSA_WITH_AES_128_CBC_SHA; /*0*/
- break;
- case TLS_RSA_WITH_AES_128_CBC_SHA256:
- tsipCipher = R_TSIP_TLS_RSA_WITH_AES_128_CBC_SHA256;
- break;
- case TLS_RSA_WITH_AES_256_CBC_SHA:
- tsipCipher = R_TSIP_TLS_RSA_WITH_AES_256_CBC_SHA;
- break;
- case TLS_RSA_WITH_AES_256_CBC_SHA256:
- tsipCipher = R_TSIP_TLS_RSA_WITH_AES_256_CBC_SHA256;
- break;
- default:
- tsipCipher = (uint32_t)WOLFSSL_TSIP_ILLEGAL_CIPHERSUITE;
- break;
- }
- WOLFSSL_LEAVE("GetTsipCipherSuite", tsipCipher);
- return tsipCipher;
- }
- else if (cipherSuiteFirst == ECC_BYTE)
- {
- tsipCipher = (uint32_t)WOLFSSL_TSIP_ILLEGAL_CIPHERSUITE;
- switch(cipherSuite) {
- case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
- tsipCipher = R_TSIP_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
- break;
- case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
- tsipCipher = R_TSIP_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256;
- break;
- case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
- tsipCipher = R_TSIP_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
- break;
- case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
- tsipCipher = R_TSIP_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
- break;
- default:
- tsipCipher = (uint32_t)WOLFSSL_TSIP_ILLEGAL_CIPHERSUITE;
- break;
- }
- }
- else {
- tsipCipher = (uint32_t)WOLFSSL_TSIP_ILLEGAL_CIPHERSUITE;
- }
- WOLFSSL_LEAVE("GetTsipCipherSuite", tsipCipher);
- return tsipCipher;
- }
- /* Attempt to get a public key exchanged with the peer in ECDHE.
- * the public key is verified by given signature then stored into ctx.
- *
- * return WOLFSSL_SUCCESS on success, WOLFSSL_FAILURE on failure.
- */
- static int tsip_ServerKeyExVerify(
- word32 type, /* public key type 0:RSA2048 2:ECDSA P-256 */
- WOLFSSL* ssl,
- const byte* sig,
- word32 sigSz,
- void* ctx)
- {
- int ret = WOLFSSL_FAILURE;
- byte qx[MAX_ECC_BYTES], qy[MAX_ECC_BYTES];
- byte* peerkey = NULL;
- word32 qxLen = sizeof(qx), qyLen = sizeof(qy);
- TsipUserCtx* userCtx = NULL;
- WOLFSSL_ENTER("tsip_ServerKeyExVerify");
- /* sanity check */
- if (ssl == NULL || sig == NULL || ctx == NULL)
- return ret;
- userCtx = (TsipUserCtx*)ctx;
- /* export public peer public key */
- ret = wc_ecc_export_public_raw(ssl->peerEccKey, qx, &qxLen, qy, &qyLen);
- if (ret != 0) {
- WOLFSSL_MSG("failed to export peer ecc key");
- WOLFSSL_LEAVE("tsip_ServerKeyExVerify", ret);
- return ret;
- }
- /* make peer ecc key data for SCE */
- /* 0padding(24bit) || 04(8bit) || Qx(256bit) || Qy(256bit) */
- peerkey = (byte*)XMALLOC((3 + 1 + qxLen + qyLen), NULL,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (peerkey == NULL) {
- WOLFSSL_MSG("failed to malloc ecc key");
- WOLFSSL_LEAVE("tsip_ServerKeyExVerify", ret);
- return WOLFSSL_FAILURE;
- }
- ForceZero(peerkey, (3 + 1 + qxLen + qyLen));
- peerkey[3] = ECC_POINT_UNCOMP;
- XMEMCPY(&peerkey[4], qx, qxLen);
- XMEMCPY(&peerkey[4+qxLen], qy, qyLen);
- /* 0 : RSA 2048bit, 1 : Reserved, 2 : ECDSA P-256 */
- if ((ret = tsip_hw_lock()) == 0) {
- ret = R_TSIP_TlsServersEphemeralEcdhPublicKeyRetrieves(
- type,
- (uint8_t*) ssl->arrays->clientRandom,
- (uint8_t*) ssl->arrays->serverRandom,
- (uint8_t*) peerkey,
- (uint8_t*) sig,
- (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex,
- (uint32_t*)userCtx->encrypted_ephemeral_ecdh_public_key);
- if (ret !=TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_TlsServersEphemeralEcdhPublicKeyRetrieves failed");
- }
- else {
- ret = WOLFSSL_SUCCESS;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("Failed to lock tsip hw");
- }
- XFREE(peerkey, 0, DYNAMIC_TYPE_TMP_BUFFER);
- WOLFSSL_LEAVE("tsip_ServerKeyExVerify", ret);
- return ret;
- }
- /*
- * return 0 on success
- */
- int wc_tsip_RsaVerify(
- WOLFSSL* ssl,
- byte* sig, word32 sigSz,
- byte** out,
- const byte* key,
- word32 keySz,
- void* ctx)
- {
- int ret;
- WOLFSSL_ENTER("tsip_RsaVerify");
- if (tsip_usable(ssl, 0))
- ret = tsip_ServerKeyExVerify(0, ssl, sig, sigSz, ctx);
- else
- ret = CRYPTOCB_UNAVAILABLE;
- if (ret == WOLFSSL_SUCCESS)
- ret = 0;
- WOLFSSL_LEAVE("tsip_RsaVerify", ret);
- return ret;
- }
- /* Verify signature for Server Key Exchange with TSIP
- * TSIP can handle prime256v1 curve and sha256 hash
- * parameters:
- * ssl WOLFSSL object
- * sig buffer holding DER encoded ecdsa signature data
- * sigSz signature data size
- * hash buffer holding sha256 hash data
- * hashSz hash data size
- * key buffer holding peer's public key (NOT used in this function)
- * keySz public key size((NOT used in this function))
- * result address of the variable to output result
- * ctx context
- * return 0 on success, CRYPTOCB_UNAVAILABLE in case TSIP cannot handle
- */
- int wc_tsip_EccVerify(
- WOLFSSL* ssl,
- const byte* sig, word32 sigSz,
- const byte* hash, word32 hashSz,
- const byte* key, word32 keySz,
- int* result, void* ctx)
- {
- int ret = WOLFSSL_FAILURE;
- uint8_t sigforSCE [R_TSIP_ECDSA_DATA_BYTE_SIZE] = {0};
- const byte rs_size = R_TSIP_ECDSA_DATA_BYTE_SIZE/2;
- byte offset = 0x3;
- WOLFSSL_ENTER("wc_tsip_EccVerify");
- /* check if TSIP can handle given cipher suite */
- if (!tsip_usable(ssl, 0)) {
- WOLFSSL_MSG("Cannot handle cipher suite by TSIP");
- WOLFSSL_LEAVE("wc_tsip_EccVerify", CRYPTOCB_UNAVAILABLE);
- return CRYPTOCB_UNAVAILABLE;
- }
- /* in TLS1.3 */
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- WOLFSSL_LEAVE("wc_tsip_EccVerify", CRYPTOCB_UNAVAILABLE);
- return CRYPTOCB_UNAVAILABLE;
- }
- /* concatenate r and s parts of the signature so that TSIP can handle it*/
- /* r */
- if (sig[offset] == 0x20) {
- XMEMCPY(sigforSCE, &sig[offset+1], rs_size);
- offset = 0x25;
- /* s */
- if (sig[offset] == 0x20) {
- XMEMCPY(&sigforSCE[rs_size], &sig[offset+1], rs_size);
- }
- else {
- XMEMCPY(&sigforSCE[rs_size], &sig[offset+2], rs_size);
- }
- }
- else {
- XMEMCPY(sigforSCE, &sig[offset+2], rs_size);
- offset = 0x26;
- /* s */
- if (sig[offset] == rs_size) {
- XMEMCPY(&sigforSCE[rs_size], &sig[offset+1], rs_size);
- }
- else {
- XMEMCPY(&sigforSCE[rs_size], &sig[offset+2], rs_size);
- }
- }
- ret = tsip_ServerKeyExVerify(2, ssl, sigforSCE, 64, ctx);
- if (ret == WOLFSSL_SUCCESS) {
- *result = 1;
- ret = 0; /* for success */
- }
- else
- *result = 0;
- WOLFSSL_LEAVE("wc_tsip_EccVerify", ret);
- return ret;
- }
- /*
- * generate premaster secret
- * 1. generate P256 ECC key pair for ECDHE key exchange
- * 2. generate pre-master secret
- * output 64 bytes premaster secret to "out" buffer.
- */
- int wc_tsip_EccSharedSecret(
- WOLFSSL* ssl,
- ecc_key* otherKey,
- unsigned char* pubKeyDer, unsigned int* pubKeySz,
- unsigned char* out, unsigned int* outlen,
- int side, void* ctx)
- {
- int ret;
- TsipUserCtx* usrCtx = (TsipUserCtx*)ctx;
- (void)ssl;
- (void)otherKey;
- WOLFSSL_ENTER("wc_tsip_EccSharedSecret");
- /* sanity check */
- if (ssl == NULL || pubKeyDer == NULL || pubKeySz == NULL ||
- out == NULL || outlen == NULL || ctx == NULL) {
- WOLFSSL_LEAVE("wc_tsip_EccSharedSecret", WOLFSSL_FAILURE);
- return WOLFSSL_FAILURE;
- }
- if ((ret = tsip_hw_lock()) == 0) {
- /* Generate ECC public key for key exchange */
- ret = R_TSIP_GenerateTlsP256EccKeyIndex(
- &usrCtx->ecc_p256_wrapped_key,
- (uint8_t*)&usrCtx->ecc_ecdh_public_key);
- if (ret == TSIP_SUCCESS) {
- /* copy generated ecdh public key into buffer */
- pubKeyDer[0] = ECC_POINT_UNCOMP;
- *pubKeySz = 1 + sizeof(usrCtx->ecc_ecdh_public_key);
- XMEMCPY(&pubKeyDer[1], &usrCtx->ecc_ecdh_public_key,
- sizeof(usrCtx->ecc_ecdh_public_key));
- /* Generate Premaster Secret */
- ret = R_TSIP_TlsGeneratePreMasterSecretWithEccP256Key(
- (uint32_t*)&usrCtx->encrypted_ephemeral_ecdh_public_key,
- &usrCtx->ecc_p256_wrapped_key,
- (uint32_t*)out/* pre-master secret 64 bytes */);
- }
- if (ret == TSIP_SUCCESS) {
- *outlen = 64;
- wolfSSL_CTX_SetGenMasterSecretCb(ssl->ctx,
- Renesas_cmn_genMasterSecret);
- wolfSSL_SetGenMasterSecretCtx(ssl, usrCtx);
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("Failed to lock tsip hw");
- }
- WOLFSSL_LEAVE("wc_tsip_EccSharedSecret", ret);
- return ret;
- }
- WOLFSSL_API void tsip_set_callbacks(WOLFSSL_CTX* ctx)
- {
- WOLFSSL_ENTER("tsip_set_callbacks");
- wolfSSL_CTX_SetEccVerifyCb(ctx, (CallbackEccVerify)Renesas_cmn_EccVerify);
- wolfSSL_CTX_SetRsaVerifyCb(ctx, (CallbackRsaVerify)Renesas_cmn_RsaVerify);
- wolfSSL_CTX_SetGenPreMasterCb(ctx, Renesas_cmn_generatePremasterSecret);
- wolfSSL_CTX_SetRsaEncCb(ctx, Renesas_cmn_RsaEnc);
- #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY)
- wolfSSL_CTX_SetVerifyMacCb(ctx, (CallbackVerifyMac)Renesas_cmn_VerifyHmac);
- #endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_AEAD_ONLY */
- wolfSSL_CTX_SetEccSharedSecretCb(ctx, NULL);
- /* Set ssl-> options.sendVerify to SEND_CERT by the following two
- * registrations. This will allow the client certificate to be sent to
- * the server even if the private key is empty. The two callbacks do
- * virtually nothing.
- */
- #ifdef WOLFSSL_TLS13
- #ifdef HAVE_ECC
- wolfSSL_CTX_SetEccSignCb(ctx, Renesas_cmn_EccSignCb);
- #endif
- #ifndef NO_RSA
- wolfSSL_CTX_SetRsaSignCb(ctx, Renesas_cmn_RsaSignCb);
- #endif
- #endif /* WOLFSSL_TLS13 */
- wolfSSL_CTX_SetRsaSignCheckCb(ctx, Renesas_cmn_RsaSignCheckCb);
- /* set heap-hint to tsip_heap_hint so that tsip sha funcs can refer it */
- if (ctx->heap != NULL) {
- tsip_heap_hint = ctx->heap;
- }
- WOLFSSL_LEAVE("tsip_set_callbacks", 0);
- }
- WOLFSSL_API int tsip_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
- {
- WOLFSSL_ENTER("tsip_set_callback_ctx");
- TsipUserCtx* uCtx = (TsipUserCtx*)user_ctx;
- if (user_ctx == NULL) {
- WOLFSSL_LEAVE("tsip_set_callback_ctx", 0);
- return 0;
- }
- ForceZero(uCtx, sizeof(TsipUserCtx));
- uCtx->ssl = ssl;
- uCtx->ctx = ssl->ctx;
- uCtx->heap = ssl->heap;
- uCtx->side = ssl->ctx->method->side;
- ssl->RenesasUserCtx = user_ctx; /* ssl doesn't own user_ctx */
- wolfSSL_SetEccVerifyCtx(ssl, user_ctx);
- wolfSSL_SetRsaEncCtx(ssl, user_ctx);
- wolfSSL_SetRsaVerifyCtx(ssl, user_ctx);
- wolfSSL_SetRsaSignCtx(ssl, user_ctx);
- wolfSSL_SetGenPreMasterCtx(ssl, user_ctx);
- wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
- #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY)
- wolfSSL_SetVerifyMacCtx(ssl, user_ctx);
- #endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_AEAD_ONLY */
- /* set up crypt callback */
- wc_CryptoCb_CryptInitRenesasCmn(ssl, user_ctx);
- WOLFSSL_LEAVE("tsip_set_callback_ctx", 0);
- return 0;
- }
- #elif defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER >=106)
- /* convert def to tsip define */
- static byte _tls2tsipdef(byte cipher)
- {
- byte def = R_TSIP_TLS_RSA_WITH_AES_128_CBC_SHA;
- switch(cipher) {
- case l_TLS_RSA_WITH_AES_128_CBC_SHA:
- break;
- case l_TLS_RSA_WITH_AES_128_CBC_SHA256:
- def = R_TSIP_TLS_RSA_WITH_AES_128_CBC_SHA256;
- break;
- case l_TLS_RSA_WITH_AES_256_CBC_SHA:
- def = R_TSIP_TLS_RSA_WITH_AES_256_CBC_SHA;
- break;
- case l_TLS_RSA_WITH_AES_256_CBC_SHA256:
- def = R_TSIP_TLS_RSA_WITH_AES_256_CBC_SHA256;
- break;
- default:break;
- }
- return def;
- }
- #endif
- /*
- * lock hw engine.
- * this should be called before using engine.
- */
- WOLFSSL_LOCAL int tsip_hw_lock(void)
- {
- int ret = 0;
- if (tsip_CryptHwMutexInit_ == 0) {
- ret = tsip_CryptHwMutexInit(&tsip_mutex);
- if (ret == 0) {
- tsip_CryptHwMutexInit_ = 1;
- }
- else {
- WOLFSSL_MSG(" mutex initialization failed.");
- return -1;
- }
- }
- if (tsip_CryptHwMutexLock(&tsip_mutex) != 0) {
- /* this should not happens */
- return -1;
- }
- return ret;
- }
- /*
- * release hw engine
- */
- WOLFSSL_LOCAL void tsip_hw_unlock(void)
- {
- tsip_CryptHwMutexUnLock(&tsip_mutex);
- }
- /* check if tsip tls functions can be used for the cipher */
- /* return :1 when tsip can be used , 0 not be used. */
- int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated)
- {
- byte cipher0 = ssl->options.cipherSuite0;
- byte cipher = ssl->options.cipherSuite;
- byte side = ssl->options.side;
- int ret = WOLFSSL_SUCCESS;
- const Ciphers *enc;
- const Ciphers *dec;
- WOLFSSL_ENTER("tsip_usable");
- /* sanity check */
- if (ssl == NULL) {
- WOLFSSL_MSG("ssl is NULL");
- ret = BAD_FUNC_ARG;
- }
- /* when rsa key index == NULL, tsip isn't used for cert verification. */
- /* in the case, we cannot use TSIP. */
- if (ret == WOLFSSL_SUCCESS) {
- if (!ssl->peerSceTsipEncRsaKeyIndex) {
- WOLFSSL_MSG("ssl->peerSceTsipEncRsaKeyIndex is NULL");
- ret = WOLFSSL_FAILURE;
- }
- }
- if (ret == WOLFSSL_SUCCESS) {
- if (session_key_generated) {
- enc = &ssl->encrypt;
- dec = &ssl->decrypt;
- if (enc == NULL || dec == NULL) {
- /* something wrong */
- ret = WOLFSSL_FAILURE;
- }
- if (enc->aes == NULL || dec->aes == NULL) {
- ret = WOLFSSL_FAILURE;
- }
- if (enc->aes->ctx.setup == 0) {
- /* session key for SCE is not created */
- ret = WOLFSSL_FAILURE;
- }
- }
- }
- /* when enabled Extended Master Secret, we cannot use TSIP. */
- if (ret == WOLFSSL_SUCCESS) {
- if (ssl->options.haveEMS) {
- WOLFSSL_MSG("ssl->options.haveEMS");
- ret = WOLFSSL_FAILURE;
- }
- }
- /* TSIP works only for TLS client */
- if (ret == WOLFSSL_SUCCESS) {
- if (side != WOLFSSL_CLIENT_END) {
- WOLFSSL_MSG("Not client side");
- ret = WOLFSSL_FAILURE;
- }
- }
- /* Check if TSIP can handle cipher suite */
- if (ret == WOLFSSL_SUCCESS) {
- if (
- (cipher0 == CIPHER_BYTE &&
- (cipher == l_TLS_RSA_WITH_AES_128_CBC_SHA ||
- cipher == l_TLS_RSA_WITH_AES_128_CBC_SHA256 ||
- cipher == l_TLS_RSA_WITH_AES_256_CBC_SHA ||
- cipher == l_TLS_RSA_WITH_AES_256_CBC_SHA256))
- #if (WOLFSSL_RENESAS_TSIP_VER >= 109)
- ||
- (cipher0 == ECC_BYTE &&
- (cipher == l_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ||
- cipher == l_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ||
- cipher == l_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ||
- cipher == l_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256))
- #endif
- #if (WOLFSSL_RENESAS_TSIP_VER >= 114)
- ||
- (cipher0 == TLS13_BYTE &&
- (cipher == l_TLS_AES_128_GCM_SHA256 ||
- cipher == l_TLS_AES_128_CCM_SHA256))
- #endif
- ) {
- WOLFSSL_MSG("supported cipher suite");
- }
- else {
- WOLFSSL_MSG("unsupported cipher suite");
- ret = WOLFSSL_FAILURE;;
- }
- }
- WOLFSSL_LEAVE("tsip_usable", ret);
- return ret;
- }
- /* open TSIP driver
- * return 0 on success.
- */
- WOLFSSL_LOCAL int tsip_Open(void)
- {
- int ret = TSIP_SUCCESS;
- WOLFSSL_ENTER("tsip_Open");
- if ((ret = tsip_hw_lock()) == 0) {
- #if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=109)
- ret = R_TSIP_Open(NULL,NULL);
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("RENESAS TSIP Open failed");
- }
- if (ret == TSIP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
- ret = R_TSIP_GenerateTlsRsaPublicKeyIndex(
- g_user_key_info.encrypted_provisioning_key,
- g_user_key_info.iv,
- g_user_key_info.encrypted_user_tls_key,
- &g_user_key_info.user_rsa2048_tls_pubindex); /* OUT */
- R_TSIP_Close(); /* close once */
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_GenerateTlsRsa: NG");
- }
- else {
- /* open again with newly created TLS public key index*/
- ret = R_TSIP_Open(
- &g_user_key_info.user_rsa2048_tls_pubindex,
- (tsip_update_key_ring_t*)s_inst2);
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_(Re)Open: NG");
- }
- /* init vars */
- g_CAscm_Idx = (uint32_t)-1;
- }
- }
- #elif defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=106)
- ret = R_TSIP_Open((uint32_t*)s_flash, s_inst1, s_inst2);
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("RENESAS TSIP Open failed");
- }
- /* generate TLS Rsa public key for Certificate verification */
- if (ret == TSIP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
- ret = R_TSIP_GenerateTlsRsaPublicKeyIndex(
- g_user_key_info.encrypted_session_key,
- g_user_key_info.iv,
- g_user_key_info.encrypted_user_tls_key,
- &g_user_key_info.user_rsa2048_tls_pubindex);
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_GenerateTlsRsaPublicKeyIndex failed");
- }
- else {
- /* close once */
- tsip_Close();
- /* open again with s_inst[] */
- XMEMCPY(s_inst1,
- g_user_key_info.user_rsa2048_tls_pubindex.value,
- sizeof(s_inst1));
- ret = R_TSIP_Open((uint32_t*)s_flash, s_inst1, s_inst2);
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_(Re)Open failed");
- }
- /* init vars */
- g_CAscm_Idx = (uint32_t)-1;
- }
- }
- #else
- ret = R_TSIP_Open((uint32_t*)s_flash, s_inst1, s_inst2);
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("RENESAS TSIP Open failed");
- }
- #endif
- /* unlock hw */
- tsip_hw_unlock();
- }
- else
- WOLFSSL_MSG("Failed to lock tsip hw ");
- WOLFSSL_LEAVE("tsip_Open", ret);
- return ret;
- }
- /* close TSIP driver */
- WOLFSSL_LOCAL void tsip_Close(void)
- {
- WOLFSSL_ENTER("tsip_Close");
- int ret;
- if ((ret = tsip_hw_lock()) == 0) {
- /* close TSIP */
- ret = R_TSIP_Close();
- #if defined(WOLFSSL_RENESAS_TSIP_TLS)
- g_CAscm_Idx = (uint32_t)-1;
- #endif
- /* unlock hw */
- tsip_hw_unlock();
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("RENESAS TSIP Close failed");
- }
- }
- else
- WOLFSSL_MSG("Failed to unlock tsip hw");
- WOLFSSL_LEAVE("tsip_Close", 0);
- }
- /* Support functions for TSIP TLS Capability */
- #if defined(WOLFSSL_RENESAS_TSIP_TLS)
- /* to inform ca certificate sign */
- /* signature format expects RSA 2048 PSS with SHA256 */
- void tsip_inform_cert_sign(const byte *sign)
- {
- if (sign)
- ca_cert_sig = sign;
- }
- #if (WOLFSSL_RENESAS_TSIP_VER>=109)
- void tsip_inform_user_keys_ex(
- byte* encrypted_provisioning_key,
- byte* iv,
- byte* encrypted_user_tls_key,
- word32 encrypted_user_tls_key_type)
- {
- WOLFSSL_ENTER("tsip_inform_user_keys_ex");
- ForceZero(&g_user_key_info, sizeof(g_user_key_info));
- g_user_key_info.encrypted_provisioning_key = NULL;
- g_user_key_info.iv = NULL;
- if (encrypted_provisioning_key) {
- g_user_key_info.encrypted_provisioning_key = encrypted_provisioning_key;
- }
- if (iv) {
- g_user_key_info.iv = iv;
- }
- if (encrypted_user_tls_key) {
- g_user_key_info.encrypted_user_tls_key = encrypted_user_tls_key;
- }
- g_user_key_info.encrypted_user_tls_key_type = encrypted_user_tls_key_type;
- WOLFSSL_LEAVE("tsip_inform_user_keys_ex", 0);
- }
- #elif (WOLFSSL_RENESAS_TSIP_VER>=106)
- /* inform user key */
- /* the function expects to be called from user application */
- /* user has to create these key information by Renesas tool in advance.*/
- void tsip_inform_user_keys(
- byte *encrypted_session_key,
- byte *iv,
- byte *encrypted_user_tls_key)
- {
- g_user_key_info.encrypted_session_key = NULL;
- g_user_key_info.iv = NULL;
- g_user_key_info.encrypted_user_tls_key = NULL;
- if (encrypted_session_key) {
- g_user_key_info.encrypted_session_key = encrypted_session_key;
- }
- if (iv) {
- g_user_key_info.iv = iv;
- }
- if (encrypted_user_tls_key) {
- g_user_key_info.encrypted_user_tls_key = encrypted_user_tls_key;
- }
- }
- #endif
- /* Sha1Hmac */
- int wc_tsip_Sha1HmacGenerate(
- const WOLFSSL *ssl,
- const byte* myInner,
- word32 innerSz,
- const byte* in,
- word32 sz,
- byte* digest)
- {
- WOLFSSL_ENTER("wc_tsip_Sha1HmacGenerate");
- tsip_hmac_sha_handle_t _handle;
- tsip_hmac_sha_key_index_t key_index;
- int ret;
- if ((ssl == NULL) || (myInner == NULL) || (in == NULL) ||
- (digest == NULL)) {
- WOLFSSL_LEAVE("wc_tsip_Sha1HmacGenerate", BAD_FUNC_ARG);
- return BAD_FUNC_ARG;
- }
- if ((ret = tsip_hw_lock()) != 0) {
- WOLFSSL_MSG("hw lock failed");
- WOLFSSL_LEAVE("wc_tsip_Sha1HmacGenerate", ret);
- return ret;
- }
- key_index = ssl->keys.tsip_client_write_MAC_secret;
- ret = R_TSIP_Sha1HmacGenerateInit(
- &_handle,
- &key_index);
- if (ret == TSIP_SUCCESS)
- ret = R_TSIP_Sha1HmacGenerateUpdate(
- &_handle,
- (uint8_t*)myInner,
- (uint32_t)innerSz);
- if (ret == TSIP_SUCCESS)
- ret = R_TSIP_Sha1HmacGenerateUpdate(
- &_handle,
- (uint8_t*)in,
- sz);
- if (ret == TSIP_SUCCESS)
- ret = R_TSIP_Sha1HmacGenerateFinal(
- &_handle,
- digest);
- tsip_hw_unlock();
- WOLFSSL_LEAVE("wc_tsip_Sha1HmacGenerate", ret);
- return ret;
- }
- /* Sha256Hmac */
- int wc_tsip_Sha256HmacGenerate(
- const WOLFSSL *ssl,
- const byte* myInner,
- word32 innerSz,
- const byte* in,
- word32 sz,
- byte* digest)
- {
- WOLFSSL_ENTER("wc_tsip_Sha256HmacGenerate");
- tsip_hmac_sha_handle_t _handle;
- tsip_hmac_sha_key_index_t key_index;
- int ret;
- if ((ssl == NULL) || (myInner == NULL) || (in == NULL) ||
- (digest == NULL))
- return BAD_FUNC_ARG;
- key_index = ssl->keys.tsip_client_write_MAC_secret;
- if ((ret = tsip_hw_lock()) != 0) {
- WOLFSSL_MSG("hw lock failed");
- return ret;
- }
- ret = R_TSIP_Sha256HmacGenerateInit(
- &_handle,
- &key_index);
- if (ret == TSIP_SUCCESS) {
- ret = R_TSIP_Sha256HmacGenerateUpdate(
- &_handle,
- (uint8_t*)myInner,
- innerSz);
- }
- else {
- WOLFSSL_MSG("R_TSIP_Sha256HmacGenerateInit failed");
- }
- if (ret == TSIP_SUCCESS) {
- ret = R_TSIP_Sha256HmacGenerateUpdate(
- &_handle,
- (uint8_t*)in,
- sz);
- }
- else {
- WOLFSSL_MSG("R_TSIP_Sha256HmacGenerateUpdate: inner failed");
- }
- if (ret == TSIP_SUCCESS) {
- ret = R_TSIP_Sha256HmacGenerateFinal(
- &_handle,
- digest);
- }
- else {
- WOLFSSL_MSG("R_TSIP_Sha256HmacGenerateUpdate: in failed");
- }
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_Sha256HmacGenerateFinal failed");
- ret = 1;
- }
- /* unlock hw */
- tsip_hw_unlock();
- WOLFSSL_LEAVE("wc_tsip_Sha256HmacGenerate", ret);
- return ret;
- }
- /*
- * Perform SHA1 and SHA256 Hmac verification
- */
- int wc_tsip_ShaXHmacVerify(
- const WOLFSSL *ssl,
- const byte* message,
- word32 messageSz,
- word32 macSz,
- word32 content)
- {
- WOLFSSL_ENTER("tsip_ShaXHmacVerify");
- tsip_hmac_sha_handle_t handle;
- tsip_hmac_sha_key_index_t wrapped_key;
- shaHmacInitFn initFn = NULL;
- shaHmacUpdateFn updateFn = NULL;
- shaHmacFinalFn finalFn = NULL;
- byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ];
- int ret;
- if ((ssl == NULL) || (message == NULL)) {
- WOLFSSL_LEAVE("tsip_ShaXHmacVerify", BAD_FUNC_ARG);
- return BAD_FUNC_ARG;
- }
- wrapped_key = ssl->keys.tsip_server_write_MAC_secret;
- if (wrapped_key.type == TSIP_KEY_INDEX_TYPE_HMAC_SHA1_FOR_TLS) {
- WOLFSSL_MSG("perform Sha1-Hmac verification");
- initFn = R_TSIP_Sha1HmacVerifyInit;
- updateFn = R_TSIP_Sha1HmacVerifyUpdate;
- finalFn = R_TSIP_Sha1HmacVerifyFinal;
- }
- else if (wrapped_key.type == TSIP_KEY_INDEX_TYPE_HMAC_SHA256_FOR_TLS) {
- WOLFSSL_MSG("perform Sha256-Hmac verification");
- initFn = R_TSIP_Sha256HmacVerifyInit;
- updateFn = R_TSIP_Sha256HmacVerifyUpdate;
- finalFn = R_TSIP_Sha256HmacVerifyFinal;
- }
- else {
- WOLFSSL_MSG("unsupported key type");
- WOLFSSL_LEAVE("tsip_ShaXHmacVerify", BAD_FUNC_ARG);
- return BAD_FUNC_ARG;
- }
- if ((ret = tsip_hw_lock()) != 0) {
- WOLFSSL_MSG("hw lock failed\n");
- WOLFSSL_LEAVE("tsip_ShaXHmacVerify", ret);
- return ret;
- }
- wolfSSL_SetTlsHmacInner((WOLFSSL*)ssl, (byte*)myInner,
- messageSz, content, 1);
- ret = initFn(&handle, &wrapped_key);
- if (ret == TSIP_SUCCESS) {
- ret = updateFn(&handle, myInner, WOLFSSL_TLS_HMAC_INNER_SZ);
- }
- if (ret == TSIP_SUCCESS) {
- ret = updateFn(&handle, (uint8_t*)message, (uint32_t)messageSz);
- }
- if (ret == TSIP_SUCCESS) {
- ret = finalFn(&handle, (uint8_t*)(message + messageSz), (uint32_t)macSz);
- }
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("TSIP Mac verification failed");
- }
- /* unlock hw */
- tsip_hw_unlock();
- WOLFSSL_LEAVE("tsip_ShaXHmacVerify", ret);
- return ret;
- }
- /* generate Verify Data based on master secret */
- int wc_tsip_generateVerifyData(
- const byte* ms, /* master secret */
- const byte* side, /* 0:client-side 1:server-side */
- const byte* handshake_hash,
- byte* hashes) /* out */
- {
- int ret ;
- uint32_t l_side = R_TSIP_TLS_GENERATE_CLIENT_VERIFY;
- WOLFSSL_ENTER("tsip_generateVerifyData");
- if ((ms == NULL) || (side == NULL) || (handshake_hash == NULL) ||
- (hashes == NULL)) {
- WOLFSSL_LEAVE("tsip_generateVerifyData", BAD_FUNC_ARG);
- return BAD_FUNC_ARG;
- }
- if (XSTRNCMP((const char*)side, (const char*)kTlsServerFinStr,
- FINISHED_LABEL_SZ) == 0) {
- l_side = R_TSIP_TLS_GENERATE_SERVER_VERIFY;
- }
- if ((ret = tsip_hw_lock()) == 0) {
- ret = R_TSIP_TlsGenerateVerifyData(l_side, (uint32_t*)ms,
- (uint8_t*)handshake_hash, hashes/* out */);
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_TlsGenerateSessionKey failed");
- }
- }
- /* unlock hw */
- tsip_hw_unlock();
- WOLFSSL_LEAVE("tsip_generateVerifyData", ret);
- return ret;
- }
- /* generate keys for TLS communication */
- int wc_tsip_generateSessionKey(
- WOLFSSL *ssl,
- TsipUserCtx* ctx,
- int devId)
- {
- int ret;
- Ciphers *enc;
- Ciphers *dec;
- tsip_hmac_sha_key_index_t key_client_mac;
- tsip_hmac_sha_key_index_t key_server_mac;
- tsip_aes_key_index_t key_client_aes;
- tsip_aes_key_index_t key_server_aes;
- WOLFSSL_ENTER("wc_tsip_generateSessionKey");
- if (ssl== NULL)
- return BAD_FUNC_ARG;
- if ((ret = tsip_hw_lock()) == 0) {
- #if (WOLFSSL_RENESAS_TSIP_VER>=109)
- uint32_t tsipCS = GetTsipCipherSuite(ssl->options.cipherSuite0,
- ssl->options.cipherSuite);
- if (tsipCS == R_TSIP_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ||
- tsipCS == R_TSIP_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) {
- WOLFSSL_MSG("Session key for AES-GCM generation skipped.");
- /* Do not release ssl-> arrays to reference the master secret and
- * randoms, as the AES GCM session key will be generated in
- * encryption or description timing.
- */
- wolfSSL_KeepArrays(ssl);
- ret = TSIP_SUCCESS;
- }
- else {
- ret = R_TSIP_TlsGenerateSessionKey(
- tsipCS,
- (uint32_t*)ssl->arrays->tsip_masterSecret,
- (uint8_t*) ssl->arrays->clientRandom,
- (uint8_t*) ssl->arrays->serverRandom,
- NULL, /* nonce is required only for AES-GCM key */
- &key_client_mac,
- &key_server_mac,
- &key_client_aes,
- &key_server_aes,
- NULL, NULL);
- }
- #else /* WOLFSSL_RENESAS_TSIP_VER < 109 */
- ret = R_TSIP_TlsGenerateSessionKey(
- _tls2tsipdef(ssl->options.cipherSuite),
- (uint32_t*)ssl->arrays->tsip_masterSecret,
- (uint8_t*)ssl->arrays->clientRandom,
- (uint8_t*)ssl->arrays->serverRandom,
- &key_client_mac,
- &key_server_mac,
- &key_client_aes,
- &key_server_aes,
- NULL, NULL);
- #endif
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_TlsGenerateSessionKey failed");
- }
- else {
- /* succeeded creating session keys */
- /* alloc aes instance for both enc and dec */
- enc = &ssl->encrypt;
- dec = &ssl->decrypt;
- if (enc) {
- if (enc->aes == NULL) {
- enc->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap,
- DYNAMIC_TYPE_CIPHER);
- if (enc->aes == NULL)
- return MEMORY_E;
- }
- ForceZero(enc->aes, sizeof(Aes));
- }
- if (dec) {
- if (dec->aes == NULL) {
- dec->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap,
- DYNAMIC_TYPE_CIPHER);
- if (dec->aes == NULL) {
- if (enc) {
- XFREE(enc->aes, NULL, DYNAMIC_TYPE_CIPHER);
- }
- return MEMORY_E;
- }
- }
- ForceZero(dec->aes, sizeof(Aes));
- }
- /* copy key index into aes */
- if (ssl->options.side == PROVISION_CLIENT) {
- XMEMCPY(&enc->aes->ctx.tsip_keyIdx, &key_client_aes,
- sizeof(key_client_aes));
- XMEMCPY(&dec->aes->ctx.tsip_keyIdx, &key_server_aes,
- sizeof(key_server_aes));
- }
- else {
- XMEMCPY(&enc->aes->ctx.tsip_keyIdx, &key_server_aes,
- sizeof(key_server_aes));
- XMEMCPY(&dec->aes->ctx.tsip_keyIdx, &key_client_aes,
- sizeof(key_client_aes));
- }
- /* copy hac key index into keys */
- ssl->keys.tsip_client_write_MAC_secret = key_client_mac;
- ssl->keys.tsip_server_write_MAC_secret = key_server_mac;
- /* set up key size and marked ready */
- if (enc) {
- enc->aes->ctx.keySize = ssl->specs.key_size;
- enc->aes->ctx.setup = 1;
- /* ready for use */
- enc->setup = 1;
- }
- /* set up key size and marked ready */
- if (dec) {
- dec->aes->ctx.keySize = ssl->specs.key_size;
- dec->aes->ctx.setup = 1;
- /* ready for use */
- dec->setup = 1;
- }
- if (ctx->tsip_cipher ==
- R_TSIP_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ||
- ctx->tsip_cipher ==
- R_TSIP_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
- enc->aes->nonceSz = AEAD_MAX_IMP_SZ;
- dec->aes->nonceSz = AEAD_MAX_IMP_SZ;
- }
- enc->aes->devId = devId;
- dec->aes->devId = devId;
- ctx->session_key_set = 1;
- }
- /* unlock hw */
- tsip_hw_unlock();
- }
- else
- WOLFSSL_MSG("hw lock failed");
- WOLFSSL_LEAVE("wc_tsip_generateSessionKey", ret);
- return ret;
- }
- /* generate Master secrete by TSIP */
- #if (WOLFSSL_RENESAS_TSIP_VER>=109)
- int wc_tsip_generateMasterSecretEx(
- byte cipherSuiteFirst,
- byte cipherSuite,
- const byte *pr, /* pre-master */
- const byte *cr, /* client random */
- const byte *sr, /* server random */
- byte *ms)
- {
- int ret;
- WOLFSSL_ENTER("tsip_generateMasterSecretEx");
- if ((pr == NULL) || (cr == NULL) || (sr == NULL) ||
- (ms == NULL))
- return BAD_FUNC_ARG;
- uint32_t tsipCS = GetTsipCipherSuite(cipherSuiteFirst,cipherSuite);
- if (tsipCS == 0xffffffff)
- return BAD_FUNC_ARG;
- if ((ret = tsip_hw_lock()) == 0) {
- ret = R_TSIP_TlsGenerateMasterSecret(
- tsipCS,
- (uint32_t*)pr,
- (uint8_t*)cr, (uint8_t*)sr, (uint32_t*)ms);
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_TlsGenerateMasterSecret failed");
- }
- /* unlock hw */
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG(" hw lock failed ");
- }
- WOLFSSL_LEAVE("tsip_generateMasterSecretEx", ret);
- return ret;
- }
- #else /* WOLFSSL_RENESAS_TSIP_VER < 109 */
- int wc_tsip_generateMasterSecret(
- const byte* pr, /* pre-master */
- const byte* cr, /* client random */
- const byte* sr, /* server random */
- byte* ms)
- {
- int ret;
- WOLFSSL_ENTER("tsip_generateMasterSecret");
- if ((pr == NULL) || (cr == NULL) || (sr == NULL) ||
- (ms == NULL))
- return BAD_FUNC_ARG;
- if ((ret = tsip_hw_lock()) == 0) {
- ret = R_TSIP_TlsGenerateMasterSecret(
- (uint32_t*)pr,
- (uint8_t*)cr,
- (uint8_t*)sr,
- (uint32_t*)ms);
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG("R_TSIP_TlsGenerateMasterSecret failed");
- }
- /* unlock hw */
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG(" hw lock failed ");
- }
- WOLFSSL_LEAVE("tsip_generateMasterSecret", ret);
- return ret;
- }
- #endif /* WOLFSSL_RENESAS_TSIP_VER */
- /* store elements for session key generation into ssl->keys.
- * return 0 on success, negative value on failure
- */
- int wc_tsip_storeKeyCtx(WOLFSSL* ssl, TsipUserCtx* userCtx)
- {
- int ret = 0;
- WOLFSSL_ENTER("tsip_storeKeyCtx");
- if (ssl == NULL || userCtx == NULL)
- ret = BAD_FUNC_ARG;
- if (ret == 0) {
- XMEMCPY(userCtx->tsip_masterSecret, ssl->arrays->tsip_masterSecret,
- TSIP_TLS_MASTERSECRET_SIZE);
- XMEMCPY(userCtx->tsip_clientRandom, ssl->arrays->clientRandom,
- TSIP_TLS_CLIENTRANDOM_SZ);
- XMEMCPY(userCtx->tsip_serverRandom, ssl->arrays->serverRandom,
- TSIP_TLS_SERVERRANDOM_SZ);
- userCtx->tsip_cipher = GetTsipCipherSuite(ssl->options.cipherSuite0,
- ssl->options.cipherSuite);
- }
- WOLFSSL_LEAVE("tsip_storeKeyCtx", ret);
- return ret;
- }
- /* generate pre-Master secrete by TSIP */
- int wc_tsip_generatePremasterSecret(byte *premaster, word32 preSz)
- {
- WOLFSSL_ENTER("tsip_generatePremasterSecret");
- int ret;
- if (premaster == NULL)
- return BAD_FUNC_ARG;
- if ((ret = tsip_hw_lock()) == 0 && preSz >=
- (R_TSIP_TLS_MASTER_SECRET_WORD_SIZE*4)) {
- /* generate pre-master, 80 bytes */
- ret = R_TSIP_TlsGeneratePreMasterSecret((uint32_t*)premaster);
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG(" R_TSIP_TlsGeneratePreMasterSecret failed");
- }
- /* unlock hw */
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG(" hw lock failed or preSz is smaller than 80");
- }
- WOLFSSL_LEAVE("tsip_generatePremasterSecret", ret);
- return ret;
- }
- /*
- * generate encrypted pre-Master secrete by TSIP
- */
- int wc_tsip_generateEncryptPreMasterSecret(
- WOLFSSL* ssl,
- byte* out,
- word32* outSz)
- {
- int ret;
- WOLFSSL_ENTER("tsip_generateEncryptPreMasterSecret");
- if ((ssl == NULL) || (out == NULL) || (outSz == NULL))
- return BAD_FUNC_ARG;
- if ((ret = tsip_hw_lock()) == 0) {
- if (*outSz >= 256)
- #if (WOLFSSL_RENESAS_TSIP_VER>=109)
- ret = R_TSIP_TlsEncryptPreMasterSecretWithRsa2048PublicKey(
- (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex,
- (uint32_t*)ssl->arrays->preMasterSecret,
- (uint8_t*)out);
- #else
- ret = R_TSIP_TlsEncryptPreMasterSecret(
- (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex,
- (uint32_t*)ssl->arrays->preMasterSecret,
- (uint8_t*)out);
- #endif
- else
- ret = -1;
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG(" R_TSIP_TlsEncryptPreMasterSecret failed");
- }
- else {
- *outSz = 256; /* TSIP can only handles 2048 RSA */
- void* ctx = wolfSSL_GetRsaVerifyCtx(ssl);
- wolfSSL_CTX_SetGenMasterSecretCb(ssl->ctx,
- Renesas_cmn_genMasterSecret);
- wolfSSL_SetGenMasterSecretCtx(ssl, ctx);
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG(" hw lock failed ");
- }
- WOLFSSL_LEAVE("tsip_generateEncryptPreMasterSecret", ret);
- return ret;
- }
- /* Certificate verification by TSIP */
- int wc_tsip_tls_CertVerify(
- const uint8_t* cert, uint32_t certSz,
- const uint8_t* signature, uint32_t sigSz,
- uint32_t key_n_start, uint32_t key_n_len,
- uint32_t key_e_start, uint32_t key_e_len,
- uint8_t* tsip_encRsaKeyIndex)
- {
- int ret;
- uint8_t *sigforSCE = NULL;
- uint8_t *pSig = NULL;
- const byte rs_size = 0x20;
- byte offset = 0x3;
- WOLFSSL_ENTER("wc_tsip_tls_CertVerify");
- if (cert == NULL)
- return BAD_FUNC_ARG;
- if (!signature) {
- WOLFSSL_MSG(" signature for ca verification is not set");
- return -1;
- }
- if (!tsip_encRsaKeyIndex) {
- WOLFSSL_MSG(" tsip_encRsaKeyIndex is NULL.");
- return -1;
- }
- /* Public key type: Prime256r1 */
- if (g_user_key_info.encrypted_user_tls_key_type ==
- R_TSIP_TLS_PUBLIC_KEY_TYPE_ECDSA_P256) {
- if ((sigforSCE = (uint8_t*)XMALLOC(R_TSIP_ECDSA_DATA_BYTE_SIZE,
- NULL, DYNAMIC_TYPE_ECC)) == NULL) {
- WOLFSSL_MSG("failed to malloc memory");
- return MEMORY_E;
- }
- /* initialization */
- ForceZero(sigforSCE, R_TSIP_ECDSA_DATA_BYTE_SIZE);
- if (signature[offset] == 0x20) {
- XMEMCPY(sigforSCE, &signature[offset+1], rs_size);
- offset = 0x25;
- if (signature[offset] == 0x20) {
- XMEMCPY(&sigforSCE[rs_size], &signature[offset+1], rs_size);
- }
- else {
- XMEMCPY(&sigforSCE[rs_size], &signature[offset+2], rs_size);
- }
- }
- else {
- XMEMCPY(sigforSCE, &signature[offset+2], rs_size);
- offset = 0x26;
- if (signature[offset] == rs_size) {
- XMEMCPY(&sigforSCE[rs_size], &signature[offset+1], rs_size);
- }
- else {
- XMEMCPY(&sigforSCE[rs_size], &signature[offset+2], rs_size);
- }
- }
- pSig = sigforSCE;
- }
- /* Public key type: RSA 2048bit */
- else {
- pSig = (uint8_t*)signature;
- }
- if ((ret = tsip_hw_lock()) == 0) {
- #if (WOLFSSL_RENESAS_TSIP_VER>=109)
- ret = R_TSIP_TlsCertificateVerification(
- g_user_key_info.encrypted_user_tls_key_type,
- (uint32_t*)g_encrypted_publicCA_key,/* encrypted public key */
- (uint8_t*)cert, /* certificate der */
- certSz, /* length of der */
- (uint8_t*)pSig, /* sign data by RSA PSS */
- key_n_start, /* start position of public key n in bytes */
- (key_n_start + key_n_len), /* length of the public key n */
- key_e_start, /* start pos, key e in bytes */
- (key_e_start + key_e_len), /* length of the public key e */
- (uint32_t*)tsip_encRsaKeyIndex /* returned encrypted key */
- );
- #elif (WOLFSSL_RENESAS_TSIP_VER>=106)
- ret = R_TSIP_TlsCertificateVerification(
- (uint32_t*)g_encrypted_publicCA_key,/* encrypted public key */
- (uint8_t*)cert, /* certificate der */
- certSz, /* length of der */
- (uint8_t*)pSig, /* sign data by RSA PSS */
- key_n_start, /* start position of public key n in bytes */
- (key_n_start + key_n_len), /* length of the public key n */
- key_e_start, /* start pos, key e in bytes */
- (key_e_start + key_e_len), /* length of the public key e */
- (uint32_t*)tsip_encRsaKeyIndex /* returned encrypted key */
- );
- #endif
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG(" R_TSIP_TlsCertificateVerification failed");
- }
- if (sigforSCE) {
- XFREE(sigforSCE, NULL, DYNAMIC_TYPE_ECC);
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG(" hw lock failed ");
- }
- WOLFSSL_LEAVE("wc_tsip_tls_CertVerify", ret);
- return ret;
- }
- /* Root Certificate verification */
- int wc_tsip_tls_RootCertVerify(
- const byte* cert, word32 cert_len,
- word32 key_n_start, word32 key_n_len,
- word32 key_e_start, word32 key_e_len,
- word32 cm_row)
- {
- int ret;
- /* call to generate encrypted public key for certificate verification */
- uint8_t *signature = (uint8_t*)ca_cert_sig;
- WOLFSSL_ENTER("wc_tsip_tls_RootCertVerify");
- if (cert == NULL)
- return BAD_FUNC_ARG;
- if (!signature) {
- WOLFSSL_MSG(" signature for ca verification is not set");
- return -1;
- }
- if ((ret = tsip_hw_lock()) == 0) {
- #if (WOLFSSL_RENESAS_TSIP_VER>=109)
- ret = R_TSIP_TlsRootCertificateVerification(
- g_user_key_info.encrypted_user_tls_key_type,
- (uint8_t*)cert, /* CA cert */
- (uint32_t)cert_len, /* length of CA cert */
- key_n_start, /* Byte position of public key */
- (key_n_start + key_n_len),
- key_e_start,
- (key_e_start + key_e_len),
- (uint8_t*)ca_cert_sig, /* RSA 2048 PSS with SHA256 */
- g_encrypted_publicCA_key /* RSA-2048 public key 560 bytes */
- );
- #else /* WOLFSSL_RENESAS_TSIP_VER < 109 */
- ret = R_TSIP_TlsRootCertificateVerification(
- (uint8_t*)cert,/* CA cert */
- (uint32_t)cert_len,/* length of CA cert */
- key_n_start, /* Byte position of public key */
- (key_n_start + key_n_len),
- key_e_start,
- (key_e_start + key_e_len),
- (uint8_t*)ca_cert_sig,/* "RSA 2048 PSS with SHA256" */
- /* RSA-2048 public key used by RSA-2048 PSS with SHA256. 560 Bytes */
- g_encrypted_publicCA_key
- );
- #endif
- if (ret != TSIP_SUCCESS) {
- WOLFSSL_MSG(" R_TSIP_TlsRootCertificateVerification failed");
- }
- else {
- g_CAscm_Idx = cm_row;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG(" hw lock failed ");
- }
- WOLFSSL_LEAVE("wc_tsip_tls_RootCertVerify", ret);
- return ret;
- }
- #endif /* WOLFSSL_RENESAS_TSIP_TLS */
- #if !defined(NO_RSA)
- /* Perform signing with the client's RSA private key on hash value of messages
- * exchanged with server.
- *
- * parameters
- * info->pk.rsa.in : not used
- * info->pk.rsa.inlen : not used
- * info->pk.rsa.out : the buffer where the signature data is output to
- * info->pk.rsa.outlen: the length of the pk.rsa.out
- * tuc: the pointer to the TsipUserCtx structure
- * returns
- * 0 on success, CRYPTOCB_UNAVAILABLE on unsupported key type specified.
- *
- */
- WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- tsip_rsa_byte_data_t hashData, sigData;
- WOLFSSL* ssl = NULL;
- uint8_t tsip_hash_type;
- WOLFSSL_ENTER("tsip_SignRsaPkcs");
- if (info == NULL || tuc == NULL || tuc->ssl == NULL) {
- ret = BAD_FUNC_ARG;
- }
- if (ret == 0) {
- ssl = tuc->ssl;
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* import private key_index from wrapped key */
- ret = tsipImportPrivateKey(tuc, tuc->wrappedKeyType);
- }
- if (ret == 0) {
- if (ssl->options.hashAlgo == md5_mac)
- tsip_hash_type = R_TSIP_RSA_HASH_MD5;
- else if (ssl->options.hashAlgo == sha_mac)
- tsip_hash_type = R_TSIP_RSA_HASH_SHA1;
- else if (ssl->options.hashAlgo == sha256_mac)
- tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
- else
- ret = CRYPTOCB_UNAVAILABLE;
- }
- if (ret == 0) {
- hashData.pdata = (uint8_t*)ssl->buffers.digest.buffer;
- hashData.data_type = 1;
- sigData.pdata = (uint8_t*)info->pk.rsa.in;
- sigData.data_length = 0; /* signature size will be returned here */
- if ((ret = tsip_hw_lock()) == 0) {
- switch (tuc->wrappedKeyType) {
-
- case TSIP_KEY_TYPE_RSA2048:
- err = R_TSIP_RsassaPkcs2048SignatureGenerate(
- &hashData, &sigData,
- &tuc->Rsa2048PrivateKeyIdx,
- tsip_hash_type);
- if (err != TSIP_SUCCESS) {
- ret = WC_HW_E;
- }
- break;
- case TSIP_KEY_TYPE_RSA4096:
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- default:
- WOLFSSL_MSG("wrapped private key is not supported");
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsip_SignRsaPkcs", ret);
- return ret;
- }
- #endif /* !NO_RSA */
- #if !defined(NO_RSA)
- WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
- WOLFSSL* ssl,
- unsigned char* sig, unsigned int sigSz,
- unsigned char** out,
- const unsigned char* keyDer, unsigned int keySz,
- void* ctx)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- tsip_rsa_byte_data_t hashData, sigData;
- TsipUserCtx* tuc = NULL;
- uint8_t tsip_hash_type;
- (void)keyDer;
- (void)keySz;
- WOLFSSL_ENTER("tsip_VerifyRsaPkcsCb");
- if (sig == NULL || out == NULL || ctx == NULL) {
- ret = BAD_FUNC_ARG;
- }
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- if (ret == 0) {
- tuc = (TsipUserCtx*)ctx;
- if (tuc == NULL)
- ret = CRYPTOCB_UNAVAILABLE;
- }
- if (ret == 0) {
- /* import public key_index from wrapped key */
- ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
- }
-
- if (ret == 0) {
- if (ssl->options.hashAlgo == md5_mac)
- tsip_hash_type = R_TSIP_RSA_HASH_MD5;
- else if (ssl->options.hashAlgo == sha_mac)
- tsip_hash_type = R_TSIP_RSA_HASH_SHA1;
- else if (ssl->options.hashAlgo == sha256_mac)
- tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
- else {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- sigData.pdata = (uint8_t*)sig;
- hashData.pdata = (uint8_t*)ssl->buffers.digest.buffer;
- hashData.data_type = 1; /* hash value */
- if ((ret = tsip_hw_lock()) == 0) {
- switch (tuc->wrappedKeyType) {
-
- case TSIP_KEY_TYPE_RSA2048:
- sigData.data_length = 256;
- err = R_TSIP_RsassaPkcs2048SignatureVerification(
- &sigData, &hashData,
- &tuc->Rsa2048PublicKeyIdx,
- tsip_hash_type);
- if (err == TSIP_ERR_AUTHENTICATION) {
- ret = VERIFY_CERT_ERROR;
- }
- else if (err == TSIP_SUCCESS) {
- ret = 0;
- }
- else {
- ret = WC_HW_E;
- }
- break;
- case TSIP_KEY_TYPE_RSA4096:
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- default:
- WOLFSSL_MSG("wrapped private key is not supported");
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsip_VerifyRsaPkcsCb", ret);
- return ret;
- }
- #endif /* !NO_RSA */
- #if defined(HAVE_ECC)
- /* Perform signing with the client's ECC private key on hash value of messages
- * exchanged with server.
- *
- * parameters
- * info->pk.eccsign.in : the buffer holding hash value of messages
- * info->pk.eccsign.inlen : hash data size
- * info->pk.eccsign.out : the buffer where the signature data is output to
- * info->pk.eccsign.outlen: the length of the buffer pk.eccsign.out
- * tuc: the pointer to the TsipUserCtx structure
- * returns
- * 0 on success, CRYPTOCB_UNAVAILABLE on unsupported key type specified.
- * note
- * signature will be DER encoded and stored into out buffer.
- * the private key must be imported as TSIP specific format.
- */
- WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
- {
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- tsip_rsa_byte_data_t hashData, sigData;
- byte offsetForWork;
- byte* out = NULL;
- byte* sig = NULL;
- int rSz = 0;
- int sSz = 0;
- int idx = 0;
- int sz = 0;
- WOLFSSL* ssl = NULL;
- WOLFSSL_ENTER("tsip_SignEcdsa");
- if (info == NULL || tuc == NULL) {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- if (ret == 0) {
- ssl = tuc->ssl;
- if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
- ret = CRYPTOCB_UNAVAILABLE;
- }
- }
- if (ret == 0) {
- /* import private key_index from wrapped key */
- ret = tsipImportPrivateKey(tuc, tuc->wrappedKeyType);
- }
-
- if (ret == 0) {
- hashData.pdata = (uint8_t*)info->pk.eccsign.in;
- hashData.data_type = 1;
- sigData.pdata = (uint8_t*)info->pk.eccsign.out;
- sigData.data_length = 0; /* signature size will be returned here */
- if ((ret = tsip_hw_lock()) == 0) {
- switch (tuc->wrappedKeyType) {
- #if defined(HAVE_ECC)
- case TSIP_KEY_TYPE_ECDSAP256:
- offsetForWork = R_TSIP_ECDSA_DATA_BYTE_SIZE + 32;
- if (*(info->pk.eccsign.outlen) <
- R_TSIP_ECDSA_DATA_BYTE_SIZE + offsetForWork) {
- ret = BUFFER_E;
- break;
- }
- sigData.pdata = (uint8_t*)info->pk.eccsign.out +
- offsetForWork;
- err = R_TSIP_EcdsaP256SignatureGenerate(
- &hashData, &sigData,
- &tuc->EcdsaP256PrivateKeyIdx);
- if (err != TSIP_SUCCESS) {
- ret = WC_HW_E;
- break;
- }
- out = info->pk.eccsign.out;
- sig = sigData.pdata;
- rSz = sSz = R_TSIP_ECDSA_DATA_BYTE_SIZE / 2;
- rSz += (sig[0] & 0x80)?1:0;
- sSz += (sig[sSz] & 0x80)?1:0;
- sz = (ASN_TAG_SZ + 1) * 2 + rSz + sSz;
- /* encode ASN sequence */
- out[idx++] = ASN_SEQUENCE | ASN_CONSTRUCTED;
- out[idx++] = sz;
-
- /* copy r part */
- out[idx++] = ASN_INTEGER;
- out[idx++] = rSz;
- if (rSz > R_TSIP_ECDSA_DATA_BYTE_SIZE / 2)
- out[idx++] = 0x00;
- XMEMCPY(&out[idx], sig, R_TSIP_ECDSA_DATA_BYTE_SIZE / 2);
- idx += R_TSIP_ECDSA_DATA_BYTE_SIZE / 2;
- sig += R_TSIP_ECDSA_DATA_BYTE_SIZE / 2;
- /* copy s part */
- out[idx++] = ASN_INTEGER;
- out[idx++] = sSz;
- if (sSz > R_TSIP_ECDSA_DATA_BYTE_SIZE / 2)
- out[idx++] = 0x00;
- XMEMCPY(&out[idx], sig, R_TSIP_ECDSA_DATA_BYTE_SIZE / 2);
-
- /* out size */
- *(info->pk.eccsign.outlen) = ASN_TAG_SZ + 1 + sz;
- break;
- #endif
- #if defined(HAVE_ECC192)
- case TSIP_KEY_TYPE_ECDSAP192:
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- #endif
- #if defined(HAVE_ECC224)
- case TSIP_KEY_TYPE_ECDSAP224:
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- #endif
- #if defined(HAVE_ECC384)
- case TSIP_KEY_TYPE_ECDSAP384:
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- #endif
- default:
- WOLFSSL_MSG("wrapped private key is not supported");
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- }
- WOLFSSL_LEAVE("tsip_SignEcdsa", ret);
- return ret;
- }
- #endif /* HAVE_ECC */
- #ifdef WOLFSSL_RENESAS_TSIP_CRYPT_DEBUG
- /* err
- * e_tsip_err
- TSIP_SUCCESS = 0,
- TSIP_ERR_SELF_CHECK1, // Self-check 1 fail or TSIP function internal err.
- TSIP_ERR_RESOURCE_CONFLICT, // A resource conflict occurred.
- TSIP_ERR_SELF_CHECK2, // Self-check 2 fail.
- TSIP_ERR_KEY_SET, // setting the invalid key.
- TSIP_ERR_AUTHENTICATION, // Authentication failed.
- TSIP_ERR_CALLBACK_UNREGIST, // Callback function is not registered.
- TSIP_ERR_PARAMETER, // Illegal Input data.
- TSIP_ERR_PROHIBIT_FUNCTION, // An invalid function call occurred.
- * TSIP_RESUME_FIRMWARE_GENERATE_MAC,
- // There is a continuation of R_TSIP_GenerateFirmwareMAC.
- */
- static void hexdump(const uint8_t* in, uint32_t len)
- {
- uint32_t i;
- if (in == NULL)
- return;
- for (i = 0; i <= len;i++, in++) {
- printf("%02x:", *in);
- if (((i+1)%16)==0) {
- printf("\n");
- }
- }
- printf("\n");
- }
- byte *ret2err(word32 ret)
- {
- switch(ret) {
- case TSIP_SUCCESS: return "success";
- case TSIP_ERR_SELF_CHECK1: return "selfcheck1";
- case TSIP_ERR_RESOURCE_CONFLICT: return "rsconflict";
- case TSIP_ERR_SELF_CHECK2: return "selfcheck2";
- case TSIP_ERR_KEY_SET: return "keyset";
- case TSIP_ERR_AUTHENTICATION: return "authentication";
- case TSIP_ERR_CALLBACK_UNREGIST: return "callback unreg";
- case TSIP_ERR_PARAMETER: return "badarg";
- case TSIP_ERR_PROHIBIT_FUNCTION: return "prohibitfunc";
- case TSIP_RESUME_FIRMWARE_GENERATE_MAC: return "conti-generate-mac";
- default:return "unknown";
- }
- }
- #endif /* WOLFSSL_RENESAS_TSIP_CRYPT_DEBUG */
- #endif /* WOLFSSL_RENESAS_TSIP */
|