esp32-crypt.h 33 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914
  1. /* esp32-crypt.h
  2. *
  3. * Copyright (C) 2006-2024 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. #ifndef __ESP32_CRYPT_H__
  22. #define __ESP32_CRYPT_H__
  23. /* WOLFSSL_USER_SETTINGS must be defined, typically in the CMakeLists.txt:
  24. *
  25. * set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS") */
  26. #include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
  27. #if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
  28. #ifndef WOLFSSL_USER_SETTINGS
  29. #error "WOLFSSL_USER_SETTINGS must be defined for Espressif targts"
  30. #endif
  31. #include "sdkconfig.h" /* ensure ESP-IDF settings are available everywhere */
  32. /* wolfSSL */
  33. #include <wolfssl/wolfcrypt/error-crypt.h>
  34. #include <wolfssl/wolfcrypt/types.h> /* for MATH_INT_T */
  35. /* Espressif */
  36. #include <esp_idf_version.h>
  37. #include <esp_types.h>
  38. #include <esp_log.h>
  39. #if ESP_IDF_VERSION_MAJOR >= 4
  40. #define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE ""
  41. #else
  42. /* Older ESP-IDF such as that for ESP8266 do not support empty strings */
  43. #define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE "."
  44. #endif
  45. #if defined(CONFIG_IDF_TARGET)
  46. #define FOUND_CONFIG_IDF_TARGET CONFIG_IDF_TARGET
  47. #else
  48. #define FOUND_CONFIG_IDF_TARGET "(unknown device)"
  49. #endif
  50. /* Optional exit message.
  51. * The WOLFSSL_COMPLETE keyword exits wolfSSL test harness script. */
  52. #define WOLFSSL_ESPIDF_EXIT_MESSAGE \
  53. "\n\nDone!" \
  54. "\n\nWOLFSSL_COMPLETE" \
  55. "\n\nIf running from idf.py monitor, press twice: Ctrl+]"
  56. #define WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE(s, err) \
  57. "\n\nDevice: " FOUND_CONFIG_IDF_TARGET \
  58. "\n\nExit code: %d " \
  59. "\n\n"s \
  60. "\n\nWOLFSSL_COMPLETE" \
  61. "\n\nIf running from idf.py monitor, press twice: Ctrl+]", \
  62. (err)
  63. /* exit codes to be used in tfm.c, sp_int.c, integer.c, etc.
  64. *
  65. * see wolfssl/wolfcrypt/error-crypt.h
  66. *
  67. * WC_HW_E - generic hardware failure. Consider falling back to SW.
  68. * WC_HW_WAIT_E - waited too long for HW, fall back to SW
  69. */
  70. /* Exit codes only used in Espressif port: */
  71. enum {
  72. ESP_MP_HW_FALLBACK = (WC_LAST_E - 2),
  73. ESP_MP_HW_VALIDATION_ACTIVE = (WC_LAST_E - 3)
  74. };
  75. /* MP_HW_FALLBACK: signal to caller to fall back to SW for math:
  76. * algorithm not supported in SW
  77. * known state needing only SW, (e.g. ctx copy)
  78. * any other reason to force SW (was -108)*/
  79. #define MP_HW_FALLBACK ESP_MP_HW_FALLBACK
  80. /* MP_HW_VALIDATION_ACTIVE this is informative only:
  81. * typically also means "MP_HW_FALLBACK": fall back to SW.
  82. * optional HW validation active, so compute in SW to compare.
  83. * fall back to SW, typically only used during debugging. (was -109)
  84. */
  85. #define MP_HW_VALIDATION_ACTIVE ESP_MP_HW_VALIDATION_ACTIVE
  86. /*
  87. *******************************************************************************
  88. *******************************************************************************
  89. ** Global Settings:
  90. **
  91. ** Settings that start with "CONFIG_" are typically defined in sdkconfig.h
  92. **
  93. ** Primary Settings:
  94. **
  95. ** WC_NO_HARDEN
  96. ** Disables some timing resistance / side-channel attack prevention.
  97. **
  98. ** NO_ESPIDF_DEFAULT
  99. ** When defined, disables some default definitions. See wolfcrypt/settings.h
  100. **
  101. ** NO_ESP32_CRYPT
  102. ** When defined, disables all hardware acceleration on the ESP32
  103. **
  104. ** NO_WOLFSSL_ESP32_CRYPT_HASH
  105. ** Used to disabled only hash hardware, all algorithms: SHA2, etc.
  106. **
  107. ** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
  108. ** When defined, disables only SHA hardware acceleration, uses SW.
  109. **
  110. ** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
  111. ** When defined, disables only SHA-224 hardware acceleration, uses SW.
  112. **
  113. ** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
  114. ** When defined, disables only SHA-384 hardware acceleration, uses SW.
  115. **
  116. ** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
  117. ** When defined, disables only SHA-256 hardware acceleration, uses SW.
  118. **
  119. ** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
  120. ** When defined, disables only SHA-512 hardware acceleration, uses SW.
  121. **
  122. ** WOLFSSL_NOSHA512_224
  123. ** Define to disable SHA-512/224
  124. **
  125. ** WOLFSSL_NOSHA512_256
  126. ** Define to disable SHA-512/512
  127. **
  128. ** WOLFSSL_ESP32_CRYPT_RSA_PRI
  129. ** Defined in wolfSSL settings.h: this turns on or off esp32_mp math library.
  130. ** Unless turned off, this is enabled by default for the ESP32
  131. **
  132. ** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
  133. ** Turns off hardware acceleration esp_mp_mul()
  134. **
  135. ** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
  136. ** Turns off hardware acceleration esp_mp_exptmod()
  137. **
  138. ** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
  139. ** Turns off hardware acceleration esp_mp_mulmod()
  140. **
  141. ** NO_WOLFSSL_ESP32_CRYPT_AES
  142. ** Used to disable only AES hardware algorithms. Software used instead.
  143. **
  144. *******************************************************************************
  145. ** Math library settings: TFM
  146. *******************************************************************************
  147. ** Listed in increasing order of complexity:
  148. **
  149. ** WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
  150. ** When defined, use hardware acceleration esp_mp_mul()
  151. ** for Large Number Multiplication: Z = X * Y
  152. ** Currently defined by default in tfm.c, see above to disable.
  153. **
  154. ** WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
  155. ** When defined, use hardware acceleration esp_mp_exptmod()
  156. ** for Large Number Modular Exponentiation Z = X^Y mod M
  157. ** Currently defined by default in tfm.c, see above to disable.
  158. **
  159. ** WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
  160. ** When defined, use hardware acceleration esp_mp_mulmod()
  161. ** for Large Number Modular Multiplication: Z = X * Y mod M
  162. ** Currently defined by default in tfm.c, see above to disable.
  163. **
  164. **
  165. *******************************************************************************
  166. ** Optional Settings:
  167. *******************************************************************************
  168. **
  169. ** WOLFSSL_HW_METRICS
  170. ** Enables metric counters for calls to HW, success, fall back, oddities.
  171. **
  172. ** WOLFSSL_HAS_METRICS
  173. ** Indicates that we actually have metrics to show. Useful for old wolfSSL
  174. ** libraries tested with newer examples, or when all HW turned off.
  175. **
  176. ** DEBUG_WOLFSSL
  177. ** Turns on development testing. Validates HW accelerated results to software
  178. ** - Automatically turns on WOLFSSL_HW_METRICS
  179. **
  180. ** DEBUG_WOLFSSL_SHA_MUTEX
  181. ** Turns on diagnostic messages for SHA mutex. Note that given verbosity,
  182. ** there may be TLS timing issues encountered. Use with caution.
  183. **
  184. ** LOG_LOCAL_LEVEL
  185. ** Debugging. Default value is ESP_LOG_DEBUG
  186. **
  187. ** ESP_VERIFY_MEMBLOCK
  188. ** Used to re-read data from registers in esp32_mp & verify written contents
  189. ** actually match the source data.
  190. **
  191. ** WOLFSSL_ESP32_CRYPT_DEBUG
  192. ** When defined, enables hardware cryptography debugging.
  193. **
  194. ** WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
  195. ** Shows a warning when mulm falls back for minimum number of bits.
  196. **
  197. ** NO_HW_MATH_TEST
  198. ** Even if HW is enabled, do not run HW math tests. See HW_MATH_ENABLED.
  199. **
  200. ** NO_ESP_MP_MUL_EVEN_ALT_CALC
  201. ** Used during Z = X × Y mod M
  202. ** By default, even moduli use a two step HW esp_mp_mul with SW mp_mod.
  203. ** Enable this to instead fall back to pure software mp_mulmod.
  204. **
  205. ** NO_RECOVER_SOFTWARE_CALC
  206. ** When defined, will NOT recover software calculation result when not
  207. ** matched with hardware. Useful only during development. Needs DEBUG_WOLFSSL
  208. **
  209. ** ESP_PROHIBIT_SMALL_X
  210. ** When set to 1 X operands less than 8 bits will fall back to SW.
  211. **
  212. ** ESP_NO_ERRATA_MITIGATION
  213. ** Disable all errata mitigation code.
  214. **
  215. ** USE_ESP_DPORT_ACCESS_READ_BUFFER
  216. ** Sets ESP_NO_ERRATA_MITIGATION and uses esp_dport_access_read_buffer()
  217. **
  218. ** ESP_MONITOR_HW_TASK_LOCK
  219. ** Although wolfSSL is in general not fully thread safe, this option
  220. ** enables some features that can be useful in a multi-threaded environment.
  221. **
  222. *******************************************************************************
  223. ** Settings used from <esp_idf_version.h>
  224. ** see .\esp-idf\v[N]\components\esp_common\include
  225. *******************************************************************************
  226. **
  227. ** ESP_IDF_VERSION_MAJOR
  228. ** Espressif ESP-IDF Version (e.g. 4, 5)
  229. **
  230. *******************************************************************************
  231. ** Settings used from ESP-IDF (sdkconfig.h)
  232. *******************************************************************************
  233. **
  234. ** CONFIG_IDF_TARGET_[SoC]
  235. ** CONFIG_IDF_TARGET_ESP32
  236. ** CONFIG_IDF_TARGET_ESP32C2
  237. ** CONFIG_IDF_TARGET_ESP32C3
  238. ** CONFIG_IDF_TARGET_ESP32C6
  239. ** CONFIG_IDF_TARGET_ESP32S2
  240. ** CONFIG_IDF_TARGET_ESP32S3
  241. ** CONFIG_IDF_TARGET_ESP32H2
  242. **
  243. ]*******************************************************************************
  244. ** Informative settings. Not meant to be edited:
  245. *******************************************************************************
  246. **
  247. ** HW_MATH_ENABLED
  248. ** Used to detect if any hardware math acceleration algorithms are used.
  249. ** This is typically only used to flag wolfCrypt tests to run HW tests.
  250. ** See NO_HW_MATH_TEST.
  251. **
  252. *******************************************************************************
  253. ** WOLFSSL_FULL_WOLFSSH_SUPPORT
  254. ** TODO - there's a known, unresolved problem with SHA256 in wolfSSH
  255. ** Until fixed by a release version or this macro being define once resolved,
  256. ** this macro should remain undefined.
  257. **
  258. */
  259. #ifdef WOLFSSL_ESP32_CRYPT_DEBUG
  260. #undef LOG_LOCAL_LEVEL
  261. #define LOG_LOCAL_LEVEL ESP_LOG_DEBUG
  262. #else
  263. #undef LOG_LOCAL_LEVEL
  264. #define LOG_LOCAL_LEVEL CONFIG_LOG_DEFAULT_LEVEL
  265. #endif
  266. #include <freertos/FreeRTOS.h>
  267. #if defined(CONFIG_IDF_TARGET_ESP32)
  268. /* there's no SHA-224 HW on the ESP32 */
  269. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
  270. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
  271. #include "soc/dport_reg.h"
  272. #include <soc/hwcrypto_reg.h>
  273. #if ESP_IDF_VERSION_MAJOR < 5
  274. #include <soc/cpu.h>
  275. #endif
  276. #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
  277. #include <esp_private/periph_ctrl.h>
  278. #else
  279. #include <driver/periph_ctrl.h>
  280. #endif
  281. #if ESP_IDF_VERSION_MAJOR >= 4
  282. #include <esp32/rom/ets_sys.h>
  283. #else
  284. #include <rom/ets_sys.h>
  285. #endif
  286. #define ESP_PROHIBIT_SMALL_X FALSE
  287. /***** END CONFIG_IDF_TARGET_ESP32 *****/
  288. #elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
  289. defined(CONFIG_IDF_TARGET_ESP8684)
  290. /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
  291. * single QFN 4x4 mm package. Out of released documentation, Technical
  292. * Reference Manual as well as ESP-IDF Programming Guide is applicable
  293. * to both ESP32-C2 and ESP8684.
  294. *
  295. * Note there is not currently an expected CONFIG_IDF_TARGET_ESP8684.
  296. * The ESP8684 is detected with CONFIG_IDF_TARGET_ESP32C2.
  297. * The macro is included for clarity, and possible future rename. */
  298. /* #define NO_ESP32_CRYPT */
  299. /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
  300. #define NO_WOLFSSL_ESP32_CRYPT_AES /* No AES HW */
  301. #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI /* No RSA HW*/
  302. #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL /* No RSA, so no mp_mul */
  303. #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD /* No RSA, so no mp_mulmod */
  304. #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD /* No RSA, no mp_exptmod */
  305. #include <soc/dport_access.h>
  306. #include <soc/hwcrypto_reg.h>
  307. #if ESP_IDF_VERSION_MAJOR < 5
  308. #include <soc/cpu.h>
  309. #endif
  310. #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
  311. #include <esp_private/periph_ctrl.h>
  312. #else
  313. #include <driver/periph_ctrl.h>
  314. #endif
  315. #if ESP_IDF_VERSION_MAJOR >= 4
  316. /* #include <esp32/rom/ets_sys.h> */
  317. #else
  318. #include <rom/ets_sys.h>
  319. #endif
  320. /* If for some reason there's a desire to disable specific HW on the C2: */
  321. /* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
  322. /* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there is SHA HW on C2 */
  323. /* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
  324. /* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there is SHA224 HW on C2 */
  325. /* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
  326. /* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there is SHA256 HW on C2 */
  327. /* Code will fall back to SW with warning if these are removed:
  328. * Note there is no SHA384/SHA512 HW on ESP32-C3 */
  329. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
  330. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
  331. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
  332. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
  333. /***** END CONFIG_IDF_TARGET_ESP32C2 aka CONFIG_IDF_TARGET_ESP8684 *****/
  334. #elif defined(CONFIG_IDF_TARGET_ESP32C3)
  335. #include <soc/dport_access.h>
  336. #include <soc/hwcrypto_reg.h>
  337. #if ESP_IDF_VERSION_MAJOR < 5
  338. #include <soc/cpu.h>
  339. #endif
  340. #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
  341. #include <esp_private/periph_ctrl.h>
  342. #else
  343. #include <driver/periph_ctrl.h>
  344. #endif
  345. #if ESP_IDF_VERSION_MAJOR >= 4
  346. /* #include <esp32/rom/ets_sys.h> */
  347. #else
  348. #include <rom/ets_sys.h>
  349. #endif
  350. /* If for some reason there's a desire to disable specific HW on the C3: */
  351. /* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
  352. /* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there is SHA HW on C3 */
  353. /* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
  354. /* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there is SHA224 HW on C3 */
  355. /* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
  356. /* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there is SHA256 HW on C3 */
  357. /* Code will fall back to SW with warning if these are removed:
  358. * Note there is no SHA384/SHA512 HW on ESP32-C3 */
  359. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
  360. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
  361. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
  362. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
  363. /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
  364. #elif defined(CONFIG_IDF_TARGET_ESP32C6)
  365. #include <soc/dport_access.h>
  366. #include <soc/hwcrypto_reg.h>
  367. #if ESP_IDF_VERSION_MAJOR < 5
  368. #include <soc/cpu.h>
  369. #endif
  370. #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
  371. #include <esp_private/periph_ctrl.h>
  372. #else
  373. #include <driver/periph_ctrl.h>
  374. #endif
  375. #if ESP_IDF_VERSION_MAJOR >= 4
  376. /* #include <esp32/rom/ets_sys.h> */
  377. #else
  378. #include <rom/ets_sys.h>
  379. #endif
  380. /* If for some reason there's a desire to disable specific SHA HW on the C6: */
  381. /* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
  382. /* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there *is* SHA HW on C6 */
  383. /* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
  384. /* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there *is* SHA224 HW on C6 */
  385. /* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
  386. /* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there *is* SHA225 HW on C6 */
  387. /* Code will fall back to SW with warning if these are removed:
  388. * note there is no SHA384/SHA512 HW on C6 */
  389. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
  390. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
  391. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
  392. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
  393. /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
  394. #elif defined(CONFIG_IDF_TARGET_ESP32S2)
  395. #include "soc/dport_reg.h"
  396. #include <soc/hwcrypto_reg.h>
  397. #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
  398. #include <esp_private/periph_ctrl.h>
  399. #else
  400. #include <driver/periph_ctrl.h>
  401. #endif
  402. #define ESP_PROHIBIT_SMALL_X 0
  403. /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
  404. #elif defined(CONFIG_IDF_TARGET_ESP32S3)
  405. #include "soc/dport_reg.h"
  406. #include <soc/hwcrypto_reg.h>
  407. #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
  408. #include <esp_private/periph_ctrl.h>
  409. #else
  410. #include <driver/periph_ctrl.h>
  411. #endif
  412. #define ESP_PROHIBIT_SMALL_X 0
  413. #else
  414. /* not yet supported. no HW */
  415. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
  416. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
  417. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
  418. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
  419. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
  420. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
  421. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
  422. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
  423. #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
  424. #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
  425. /***** END CONFIG_IDF_TARGET_[x] config unknown *****/
  426. #endif /* CONFIG_IDF_TARGET target check */
  427. #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
  428. #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL) && \
  429. defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD) && \
  430. defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
  431. #warning "MP_MUL, MULMOD, EXPTMOD all turned off. " && \
  432. "Define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI to disable all math HW"
  433. #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
  434. #endif
  435. #endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
  436. #if defined(USE_ESP_DPORT_ACCESS_READ_BUFFER)
  437. #define ESP_NO_ERRATA_MITIGATION
  438. #endif
  439. #ifdef SINGLE_THREADED
  440. #ifdef WOLFSSL_DEBUG_MUTEX
  441. #undef ESP_MONITOR_HW_TASK_LOCK
  442. #define ESP_MONITOR_HW_TASK_LOCK
  443. #endif
  444. #else
  445. /* Unless explicitly disabled, monitor task lock when not single thread. */
  446. #ifndef ESP_DISABLE_HW_TASK_LOCK
  447. #define ESP_MONITOR_HW_TASK_LOCK
  448. #endif
  449. #endif
  450. #ifdef __cplusplus
  451. extern "C"
  452. {
  453. #endif
  454. /*
  455. ******************************************************************************
  456. ** Some common esp utilities
  457. ******************************************************************************
  458. */
  459. WOLFSSL_LOCAL int esp_ShowExtendedSystemInfo(void);
  460. WOLFSSL_LOCAL esp_err_t esp_DisableWatchdog(void);
  461. WOLFSSL_LOCAL esp_err_t esp_EnableWatchdog(void);
  462. /* Compare MATH_INT_T A to MATH_INT_T B
  463. * During debug, the strings name_A and name_B can help
  464. * identify variable name. */
  465. WOLFSSL_LOCAL int esp_mp_cmp(char* name_A, MATH_INT_T* A,
  466. char* name_B, MATH_INT_T* B);
  467. /* Show MATH_INT_T value attributes. */
  468. WOLFSSL_LOCAL int esp_show_mp_attributes(char* c, MATH_INT_T* X);
  469. /* Show MATH_INT_T value.
  470. *
  471. * Calls esp_show_mp_attributes().
  472. *
  473. * During debug, the string name_A can help
  474. * identify variable name. */
  475. WOLFSSL_LOCAL int esp_show_mp(char* name_X, MATH_INT_T* X);
  476. /* To use a Mutex, it must first be initialized. */
  477. WOLFSSL_LOCAL int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex);
  478. /* Take the mutex to indicate the HW is in use. Wait up to [block_time].
  479. * When the HW in use the mutex will be locked. */
  480. WOLFSSL_LOCAL int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex,
  481. TickType_t block_time);
  482. /* Release the mutex to indicate the HW is no longer in use. */
  483. WOLFSSL_LOCAL int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
  484. /* Validation active check. When active, we'll fall back to SW. */
  485. WOLFSSL_LOCAL int esp_hw_validation_active(void);
  486. /*
  487. *******************************************************************************
  488. ** AES features:
  489. *******************************************************************************
  490. */
  491. #ifndef NO_AES
  492. #if ESP_IDF_VERSION_MAJOR >= 4
  493. #include "esp32/rom/aes.h"
  494. #elif defined(CONFIG_IDF_TARGET_ESP8266)
  495. /* no hardware includes for ESP8266*/
  496. #else
  497. #include "rom/aes.h"
  498. #endif
  499. typedef enum tagES32_AES_PROCESS /* TODO what's this ? */
  500. {
  501. ESP32_AES_LOCKHW = 1,
  502. ESP32_AES_UPDATEKEY_ENCRYPT = 2,
  503. ESP32_AES_UPDATEKEY_DECRYPT = 3,
  504. ESP32_AES_UNLOCKHW = 4
  505. } ESP32_AESPROCESS;
  506. struct Aes; /* see aes.h */
  507. #if defined(WOLFSSL_HW_METRICS)
  508. WOLFSSL_LOCAL int esp_hw_show_aes_metrics(void);
  509. WOLFSSL_LOCAL int wc_esp32AesUnupportedLengthCountAdd(void);
  510. #endif
  511. WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLenValue(int keylen);
  512. WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLen(struct Aes* aes);
  513. WOLFSSL_LOCAL int wc_esp32AesCbcEncrypt(struct Aes* aes,
  514. byte* out,
  515. const byte* in,
  516. word32 sz);
  517. WOLFSSL_LOCAL int wc_esp32AesCbcDecrypt(struct Aes* aes,
  518. byte* out,
  519. const byte* in,
  520. word32 sz);
  521. WOLFSSL_LOCAL int wc_esp32AesEncrypt( struct Aes* aes,
  522. const byte* in,
  523. byte* out);
  524. WOLFSSL_LOCAL int wc_esp32AesDecrypt( struct Aes* aes,
  525. const byte* in,
  526. byte* out);
  527. #endif /* ! NO_AES */
  528. #ifdef WOLFSSL_ESP32_CRYPT_DEBUG
  529. void wc_esp32TimerStart(void);
  530. uint64_t wc_esp32elapsedTime(void);
  531. #endif /* WOLFSSL_ESP32_CRYPT_DEBUG */
  532. /*
  533. *******************************************************************************
  534. ** Cryptographic hash algorithms (e.g. SHA[x]):
  535. *******************************************************************************
  536. */
  537. #if !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
  538. (!defined(NO_SHA) || !defined(NO_SHA256) || \
  539. defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) \
  540. )
  541. #define SHA_CTX ETS_SHAContext
  542. #if ESP_IDF_VERSION_MAJOR >= 4
  543. #if defined(CONFIG_IDF_TARGET_ESP32)
  544. #include "esp32/rom/sha.h"
  545. #define WC_ESP_SHA_TYPE enum SHA_TYPE
  546. #elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
  547. defined(CONFIG_IDF_TARGET_ESP8684)
  548. #include "esp32c2/rom/sha.h"
  549. #define WC_ESP_SHA_TYPE SHA_TYPE
  550. #elif defined(CONFIG_IDF_TARGET_ESP32C3)
  551. #include "esp32c3/rom/sha.h"
  552. #define WC_ESP_SHA_TYPE SHA_TYPE
  553. #elif defined(CONFIG_IDF_TARGET_ESP32C6)
  554. #include "esp32c6/rom/sha.h"
  555. #define WC_ESP_SHA_TYPE SHA_TYPE
  556. #elif defined(CONFIG_IDF_TARGET_ESP32H2)
  557. #include "esp32h2/rom/sha.h"
  558. #define WC_ESP_SHA_TYPE SHA_TYPE
  559. #elif defined(CONFIG_IDF_TARGET_ESP32S2)
  560. #include "esp32s2/rom/sha.h"
  561. #define WC_ESP_SHA_TYPE SHA_TYPE
  562. #elif defined(CONFIG_IDF_TARGET_ESP32S3)
  563. #include "esp32s3/rom/sha.h"
  564. #define WC_ESP_SHA_TYPE SHA_TYPE
  565. #else
  566. #include "rom/sha.h"
  567. #define WC_ESP_SHA_TYPE SHA_TYPE
  568. #endif
  569. #else
  570. #include "rom/sha.h"
  571. #endif
  572. #undef SHA_CTX
  573. typedef enum
  574. {
  575. ESP32_SHA_INIT = 0,
  576. ESP32_SHA_HW = 1,
  577. ESP32_SHA_SW = 2,
  578. ESP32_SHA_HW_COPY = 3,
  579. ESP32_SHA_FREED = 4,
  580. ESP32_SHA_FAIL_NEED_UNROLL = -1
  581. } ESP32_MODE;
  582. typedef struct
  583. {
  584. /* pointer to object the initialized HW; to track copies */
  585. void* initializer;
  586. #if !defined(SINGLE_THREADED) || defined(ESP_MONITOR_HW_TASK_LOCK)
  587. void* task_owner;
  588. #endif
  589. /* an ESP32_MODE value; typically:
  590. ** 0 init,
  591. ** 1 HW,
  592. ** 2 SW */
  593. ESP32_MODE mode;
  594. /* see esp_rom/include/esp32/rom/sha.h
  595. **
  596. ** the Espressif type: SHA1, SHA256, etc.
  597. */
  598. WC_ESP_SHA_TYPE sha_type;
  599. /* we'll keep track of our own locks.
  600. ** actual enable/disable only occurs for ref_counts[periph] == 0
  601. **
  602. ** see ref_counts[periph] in periph_ctrl.c */
  603. byte lockDepth : 7; /* 7 bits for a small number, pack with below. */
  604. /* 0 (false) this is NOT first block.
  605. ** 1 (true ) this is first block. */
  606. byte isfirstblock : 1; /* 1 bit only for true / false */
  607. } WC_ESP32SHA;
  608. WOLFSSL_LOCAL int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx);
  609. WOLFSSL_LOCAL int esp_sha_init(WC_ESP32SHA* ctx,
  610. enum wc_HashType hash_type);
  611. WOLFSSL_LOCAL int esp_sha_init_ctx(WC_ESP32SHA* ctx);
  612. WOLFSSL_LOCAL int esp_sha_try_hw_lock(WC_ESP32SHA* ctx);
  613. WOLFSSL_LOCAL int esp_sha_hw_unlock(WC_ESP32SHA* ctx);
  614. /* esp_sha_hw_islocked: returns 0 if not locked, otherwise owner address */
  615. WOLFSSL_LOCAL int esp_sha_hw_islocked(WC_ESP32SHA* ctx);
  616. WOLFSSL_LOCAL int esp_sha_call_count();
  617. WOLFSSL_LOCAL int esp_sha_lock_count();
  618. WOLFSSL_LOCAL int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx);
  619. WOLFSSL_LOCAL int esp_sha_set_stray(WC_ESP32SHA* ctx);
  620. struct wc_Sha;
  621. WOLFSSL_LOCAL int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst);
  622. WOLFSSL_LOCAL int esp_sha_digest_process(struct wc_Sha* sha,
  623. byte blockprocess);
  624. WOLFSSL_LOCAL int esp_sha_process(struct wc_Sha* sha, const byte* data);
  625. #ifdef WOLFSSL_DEBUG_MUTEX
  626. /* testing HW release in task that did not lock */
  627. extern WC_ESP32SHA* stray_ctx;
  628. #endif
  629. #ifndef NO_SHA256
  630. struct wc_Sha256;
  631. WOLFSSL_LOCAL int esp_sha224_ctx_copy(struct wc_Sha256* src,
  632. struct wc_Sha256* dst);
  633. WOLFSSL_LOCAL int esp_sha256_ctx_copy(struct wc_Sha256* src,
  634. struct wc_Sha256* dst);
  635. WOLFSSL_LOCAL int esp_sha256_digest_process(struct wc_Sha256* sha,
  636. byte blockprocess);
  637. WOLFSSL_LOCAL int esp_sha256_process(struct wc_Sha256* sha,
  638. const byte* data);
  639. WOLFSSL_LOCAL int esp32_Transform_Sha256_demo(struct wc_Sha256* sha256,
  640. const byte* data);
  641. #endif
  642. #if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
  643. struct wc_Sha512;
  644. WOLFSSL_LOCAL int esp_sha384_ctx_copy(struct wc_Sha512* src,
  645. struct wc_Sha512* dst);
  646. WOLFSSL_LOCAL int esp_sha512_ctx_copy(struct wc_Sha512* src,
  647. struct wc_Sha512* dst);
  648. WOLFSSL_LOCAL int esp_sha512_process(struct wc_Sha512* sha);
  649. WOLFSSL_LOCAL int esp_sha512_digest_process(struct wc_Sha512* sha,
  650. byte blockproc);
  651. #endif
  652. #endif /* NO_SHA && etc */
  653. /*
  654. *******************************************************************************
  655. ** RSA Big Math
  656. *******************************************************************************
  657. */
  658. #if !defined(NO_RSA) || defined(HAVE_ECC)
  659. #if !defined(ESP_RSA_TIMEOUT_CNT)
  660. #define ESP_RSA_TIMEOUT_CNT 0x249F00
  661. #endif
  662. #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
  663. /*
  664. * The parameter names in the Espressif implementation are arbitrary.
  665. *
  666. * The wolfSSL names come from DH: Y=G^x mod M (see wolfcrypt/tfm.h)
  667. *
  668. * G=base, X is the private exponent, Y is the public value w
  669. **/
  670. /* Z = (X ^ Y) mod M : Espressif generic notation */
  671. /* Y = (G ^ X) mod P : wolfSSL DH reference notation */
  672. WOLFSSL_LOCAL int esp_mp_exptmod(MATH_INT_T* X, /* G */
  673. MATH_INT_T* Y, /* X */
  674. MATH_INT_T* M, /* P */
  675. MATH_INT_T* Z); /* Y */
  676. /* HW_MATH_ENABLED is typically used in wolfcrypt tests */
  677. #undef HW_MATH_ENABLED
  678. #define HW_MATH_ENABLED
  679. #endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
  680. #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
  681. /* Z = X * Y */
  682. WOLFSSL_LOCAL int esp_mp_mul(MATH_INT_T* X,
  683. MATH_INT_T* Y,
  684. MATH_INT_T* Z);
  685. /* HW_MATH_ENABLED is typically used in wolfcrypt tests */
  686. #undef HW_MATH_ENABLED
  687. #define HW_MATH_ENABLED
  688. #endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
  689. #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
  690. /* Z = X * Y (mod M) */
  691. WOLFSSL_LOCAL int esp_mp_mulmod(MATH_INT_T* X,
  692. MATH_INT_T* Y,
  693. MATH_INT_T* M,
  694. MATH_INT_T* Z);
  695. /* HW_MATH_ENABLED is typically used in wolfcrypt tests */
  696. #undef HW_MATH_ENABLED
  697. #define HW_MATH_ENABLED
  698. #endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
  699. #endif /* !NO_RSA || HAVE_ECC*/
  700. /* Optionally enable some metrics to count interesting usage */
  701. /*
  702. *******************************************************************************
  703. ** Usage metrics
  704. *******************************************************************************
  705. */
  706. #ifdef WOLFSSL_HW_METRICS
  707. #define WOLFSSL_HAS_METRICS
  708. /* Allow sha256 code to keep track of SW fallback during active HW */
  709. WOLFSSL_LOCAL int esp_sw_sha256_count_add();
  710. /* show MP HW Metrics*/
  711. WOLFSSL_LOCAL int esp_hw_show_mp_metrics(void);
  712. /* show SHA HW Metrics*/
  713. WOLFSSL_LOCAL int esp_hw_show_sha_metrics(void);
  714. /* show all HW Metrics*/
  715. WOLFSSL_LOCAL int esp_hw_show_metrics(void);
  716. #endif
  717. /*
  718. * Errata Mitigation. See
  719. * https://www.espressif.com/sites/default/files/documentation/esp32_errata_en.pdf
  720. * https://www.espressif.com/sites/default/files/documentation/esp32-c3_errata_en.pdf
  721. * https://www.espressif.com/sites/default/files/documentation/esp32-s3_errata_en.pdf
  722. */
  723. #define ESP_MP_HW_LOCK_MAX_DELAY ( TickType_t ) 0xffUL
  724. #if defined(CONFIG_IDF_TARGET_ESP32) && !defined(ESP_NO_ERRATA_MITIGATION)
  725. /* some of these may be tuned for specific silicon versions */
  726. #define ESP_EM__MP_HW_WAIT_CLEAN {__asm__ __volatile__("memw");}
  727. #define ESP_EM__MP_HW_WAIT_DONE {__asm__ __volatile__("memw");}
  728. #define ESP_EM__POST_SP_MP_HW_LOCK {__asm__ __volatile__("memw");}
  729. #define ESP_EM__PRE_MP_HW_WAIT_CLEAN {__asm__ __volatile__("memw");}
  730. #define ESP_EM__PRE_DPORT_READ {__asm__ __volatile__("memw");}
  731. #define ESP_EM__PRE_DPORT_WRITE {__asm__ __volatile__("memw");}
  732. /* Non-FIFO read may not be needed in chip revision v3.0. */
  733. #define ESP_EM__READ_NON_FIFO_REG {DPORT_SEQUENCE_REG_READ(0x3FF40078);}
  734. /* When the CPU frequency is 160 MHz, add six �nop� between two consecutive
  735. ** FIFO reads. When the CPU frequency is 240 MHz, add seven �nop� between
  736. ** two consecutive FIFO reads. See 3.16 */
  737. #if defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_80)
  738. #define ESP_EM__3_16 { \
  739. __asm__ __volatile__("memw"); \
  740. __asm__ __volatile__("nop"); /* 1 */ \
  741. __asm__ __volatile__("nop"); /* 2 */ \
  742. __asm__ __volatile__("nop"); /* 3 */ \
  743. __asm__ __volatile__("nop"); /* 4 */ \
  744. __asm__ __volatile__("nop"); /* 5 */ \
  745. };
  746. #elif defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_160)
  747. #define ESP_EM__3_16 { \
  748. __asm__ __volatile__("memw"); \
  749. __asm__ __volatile__("nop"); /* 1 */ \
  750. __asm__ __volatile__("nop"); /* 2 */ \
  751. __asm__ __volatile__("nop"); /* 3 */ \
  752. __asm__ __volatile__("nop"); /* 4 */ \
  753. __asm__ __volatile__("nop"); /* 5 */ \
  754. __asm__ __volatile__("nop"); /* 6 */ \
  755. __asm__ __volatile__("nop"); /* 7 */ \
  756. __asm__ __volatile__("nop"); /* 8 */ \
  757. };
  758. #elif defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240)
  759. #define ESP_EM__3_16 { \
  760. __asm__ __volatile__("memw"); \
  761. __asm__ __volatile__("nop"); /* 1 */ \
  762. __asm__ __volatile__("nop"); /* 2 */ \
  763. __asm__ __volatile__("nop"); /* 3 */ \
  764. __asm__ __volatile__("nop"); /* 4 */ \
  765. __asm__ __volatile__("nop"); /* 5 */ \
  766. __asm__ __volatile__("nop"); /* 6 */ \
  767. __asm__ __volatile__("nop"); /* 7 */ \
  768. __asm__ __volatile__("nop"); /* 8 */ \
  769. __asm__ __volatile__("nop"); /* 9 */ \
  770. };
  771. #else
  772. #define ESP_EM__3_16 {};
  773. #endif
  774. #define ESP_EM__POST_PROCESS_START { ESP_EM__3_16 };
  775. #define ESP_EM__DPORT_FIFO_READ { ESP_EM__3_16 };
  776. #else
  777. #define ESP_EM__3_16 {};
  778. #define ESP_EM__MP_HW_WAIT_CLEAN {};
  779. #define ESP_EM__MP_HW_WAIT_DONE {};
  780. #define ESP_EM__POST_SP_MP_HW_LOCK {};
  781. #define ESP_EM__PRE_MP_HW_WAIT_CLEAN {};
  782. #define ESP_EM__POST_PROCESS_START {};
  783. #define ESP_EM__DPORT_FIFO_READ {};
  784. #define ESP_EM__READ_NON_FIFO_REG {};
  785. #define ESP_EM__PRE_DPORT_READ {};
  786. #define ESP_EM__PRE_DPORT_WRITE {};
  787. #endif
  788. /* end c++ wrapper */
  789. #ifdef __cplusplus
  790. }
  791. #endif
  792. /* Compatibility checks */
  793. #if defined(DEBUG_WOLFSSH) || defined(ESP_ENABLE_WOLFSSH) || \
  794. defined(WOLFSSH_TERM) || defined(WOLFSSH_TEST_SERVER)
  795. #ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
  796. /* need to add this line to wolfssl component user_settings.h
  797. * #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
  798. #error "ESP32_CRYPT_HASH_SHA256 not supported on wolfSSL at this time"
  799. #endif
  800. #endif /* SSH SHA256 HW check */
  801. #endif /* WOLFSSL_ESPIDF (entire contents excluded when not Espressif ESP-IDF) */
  802. #endif /* __ESP32_CRYPT_H__ */