Skip to content

Commit

Permalink
Adding SHA-384/512 support, Null Checks, RNG Health Test for HW, and …
Browse files Browse the repository at this point in the history 
…MAA call update for MAX3266X Port.
  • Loading branch information
night1rider committed Aug 7, 2024
1 parent 2b77227 commit b7af221
Show file tree
Hide file tree
Showing 7 changed files with 267 additions and 73 deletions.
35 changes: 22 additions & 13 deletions wolfcrypt/src/aes.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5408,16 +5408,23 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
int status;
byte *iv;

#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
if ((in == NULL) || (out == NULL) || (aes == NULL)) {
return BAD_FUNC_ARG;
}

/* Always enforce a length check */
if (sz % AES_BLOCK_SIZE) {
#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
return BAD_LENGTH_E;
#else
return BAD_FUNC_ARG;
}
#endif
if (sz == 0)
#endif
if (sz == 0) {
return 0;
}

iv = (byte*)aes->reg;

status = wc_AesGetKeySize(aes, &keySize);
if (status != 0) {
return status;
Expand All @@ -5426,12 +5433,10 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
status = wc_MXC_TPU_AesEncrypt(in, iv, (byte*)aes->key,
MXC_TPU_MODE_CBC, sz, out,
(unsigned int)keySize);

/* store iv for next call */
if (status == 0) {
XMEMCPY(iv, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
}

return (status == 0) ? 0 : -1;
}

Expand All @@ -5443,34 +5448,38 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
byte *iv;
byte temp_block[AES_BLOCK_SIZE];

#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
if ((in == NULL) || (out == NULL) || (aes == NULL)) {
return BAD_FUNC_ARG;
}

/* Always enforce a length check */
if (sz % AES_BLOCK_SIZE) {
#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
return BAD_LENGTH_E;
#else
return BAD_FUNC_ARG;
}
#endif
if (sz == 0)
#endif
if (sz == 0) {
return 0;
}

iv = (byte*)aes->reg;

status = wc_AesGetKeySize(aes, &keySize);
if (status != 0) {
return status;
}

/* get IV for next call */
XMEMCPY(temp_block, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);

status = wc_MXC_TPU_AesDecrypt(in, iv, (byte*)aes->key,
MXC_TPU_MODE_CBC, sz, out,
keySize);


/* store iv for next call */
if (status == 0) {
XMEMCPY(iv, temp_block, AES_BLOCK_SIZE);
}

return (status == 0) ? 0 : -1;
}
#endif /* HAVE_AES_DECRYPT */
Expand Down
38 changes: 19 additions & 19 deletions wolfcrypt/src/port/maxim/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,30 +41,26 @@ all other operations will use the default software implementations.
The other prerequisite is that a change needs to be made to the Maxim SDK. This
is to use the MAA Math Accelerator, this change only needs to be made if you are
using `#define WOLFSSL_MAX3266X` or `define WOLFSSL_MAX3266X_OLD` by themselves
or you are specifying `#define MAX3266X_MATH`.
or you are specifying `#define MAX3266X_MATH`. This is only needed if you are
not using the latest Maxim SDK.

In the SDK you will need to find the underlying function that
`MXC_TPU_MAA_Compute()` from `tpu.h` compute calls in the newer SDK. In the
older SDK this function is called `MAA_Compute()` in `maa.h`. In the underlying
function you will need to change this error check:
function you will need to this:

```
// Check that we're performing a valid operation
if (clc >= 0x6) {
return E_INVALID;
}
MXC_SETFIELD(tpu->maa_ctrl, MXC_F_TPU_REVA_MAA_CTRL_CLC, clc);
```
to
```
// Check that we're performing a valid operation
if (clc >= 0b1111) {
return E_INVALID;
}
MXC_SETFIELD(tpu->maa_ctrl, MXC_F_TPU_REVA_MAA_CTRL_CLC,
clc << MXC_F_TPU_REVA_MAA_CTRL_CLC_POS);
```

This bug has been reported to Analog Devices
[here](https://github.com/analogdevicesinc/msdk/issues/1089)
if you want to know more details on the issue.
This bug has been reported to Analog Devices and a PR has been made
[here](https://github.com/analogdevicesinc/msdk/pull/1104)
if you want to know more details on the issue, or use a patch.


## Supported Algos
Expand All @@ -81,17 +77,21 @@ hardware.

`#define MAX3266X_SHA`:

- SHA-1
- SHA-224
- SHA-256
- SHA-384
- SHA-512

`#define MAX3266X_MATH` (Replaces math operation calls for algos
like RSA and ECC key generation):

- mod - `a mod m = r`
- addmod - `(a+b)mod m = r`
- submod - `(a-b)mod m = r`
- mulmod - `(a*b)mod m = r`
- sqrmod - `(b^2)mod m = r`
- exptmod - `(b^e)mod m = r`
- mod: `a mod m = r`
- addmod: `(a+b)mod m = r`
- submod: `(a-b)mod m = r`
- mulmod: `(a*b)mod m = r`
- sqrmod: `(b^2)mod m = r`
- exptmod: `(b^e)mod m = r`

## Extra Information
For more Verbose info you can use `#define DEBUG_WOLFSSL` in combination with
Expand Down
146 changes: 126 additions & 20 deletions wolfcrypt/src/port/maxim/max3266x.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -360,16 +360,26 @@ int wc_MXC_TPU_SHA_GetDigest(wc_MXC_Sha *hash, unsigned char* digest,
XMEMCPY(digest, MXC_EMPTY_DIGEST_SHA1, WC_SHA_DIGEST_SIZE);
break;
#endif /* NO_SHA */
#ifdef WOLFSSL_SHA224
case MXC_TPU_HASH_SHA224:
XMEMCPY(digest, MXC_EMPTY_DIGEST_SHA224, WC_SHA224_DIGEST_SIZE);
break;
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
case MXC_TPU_HASH_SHA256:
XMEMCPY(digest, MXC_EMPTY_DIGEST_SHA256, WC_SHA256_DIGEST_SIZE);
break;
#endif /* NO_SHA256 */
#ifdef WOLFSSL_SHA224
case MXC_TPU_HASH_SHA224:
XMEMCPY(digest, MXC_EMPTY_DIGEST_SHA224, WC_SHA224_DIGEST_SIZE);
#ifdef WOLFSSL_SHA384
case MXC_TPU_HASH_SHA384:
XMEMCPY(digest, MXC_EMPTY_DIGEST_SHA384, WC_SHA384_DIGEST_SIZE);
break;
#endif /* WOLFSSL_SHA224 */
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
case MXC_TPU_HASH_SHA512:
XMEMCPY(digest, MXC_EMPTY_DIGEST_SHA512, WC_SHA512_DIGEST_SIZE);
break;
#endif /* WOLFSSL_SHA512 */
default:
return BAD_FUNC_ARG;
}
Expand Down Expand Up @@ -517,6 +527,102 @@ WOLFSSL_API void wc_Sha256Free(wc_Sha256* sha256)

#endif /* NO_SHA256 */

#if defined(WOLFSSL_SHA384)

WOLFSSL_API int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
{
if (sha384 == NULL) {
return BAD_FUNC_ARG;
}
(void)heap;
(void)devId;
return wc_MXC_TPU_SHA_Init((wc_MXC_Sha *)sha384);
}

WOLFSSL_API int wc_InitSha384(wc_Sha384* sha384)
{
return wc_InitSha384_ex(sha384, NULL, INVALID_DEVID);
}

WOLFSSL_API int wc_Sha384Update(wc_Sha384* sha384, const unsigned char* data,
unsigned int len)
{
return wc_MXC_TPU_SHA_Update(sha384, data, len);
}

WOLFSSL_API int wc_Sha384Final(wc_Sha384* sha384, unsigned char* hash)
{
return wc_MXC_TPU_SHA_Final((wc_MXC_Sha *)sha384, hash,
MXC_TPU_HASH_SHA384);
}

WOLFSSL_API int wc_Sha384GetHash(wc_Sha384* sha384, unsigned char* hash)
{
return wc_MXC_TPU_SHA_GetHash((wc_MXC_Sha *)sha384, hash,
MXC_TPU_HASH_SHA384);
}

WOLFSSL_API int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
{
return wc_MXC_TPU_SHA_Copy((wc_MXC_Sha *)src, (wc_MXC_Sha *)dst);
}

WOLFSSL_API void wc_Sha384Free(wc_Sha384* sha384)
{
wc_MXC_TPU_SHA_Free((wc_MXC_Sha *)sha384);
return;
}

#endif /* WOLFSSL_SHA384 */

#if defined(WOLFSSL_SHA512)

WOLFSSL_API int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
{
if (sha512 == NULL) {
return BAD_FUNC_ARG;
}
(void)heap;
(void)devId;
return wc_MXC_TPU_SHA_Init((wc_MXC_Sha *)sha512);
}

WOLFSSL_API int wc_InitSha512(wc_Sha512* sha512)
{
return wc_InitSha512_ex(sha512, NULL, INVALID_DEVID);
}

WOLFSSL_API int wc_Sha512Update(wc_Sha512* sha512, const unsigned char* data,
unsigned int len)
{
return wc_MXC_TPU_SHA_Update(sha512, data, len);
}

WOLFSSL_API int wc_Sha512Final(wc_Sha512* sha512, unsigned char* hash)
{
return wc_MXC_TPU_SHA_Final((wc_MXC_Sha *)sha512, hash,
MXC_TPU_HASH_SHA512);
}

WOLFSSL_API int wc_Sha512GetHash(wc_Sha512* sha512, unsigned char* hash)
{
return wc_MXC_TPU_SHA_GetHash((wc_MXC_Sha *)sha512, hash,
MXC_TPU_HASH_SHA512);
}

WOLFSSL_API int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
{
return wc_MXC_TPU_SHA_Copy((wc_MXC_Sha *)src, (wc_MXC_Sha *)dst);
}

WOLFSSL_API void wc_Sha512Free(wc_Sha512* sha512)
{
wc_MXC_TPU_SHA_Free((wc_MXC_Sha *)sha512);
return;
}

#endif /* WOLFSSL_SHA512 */

#endif /* MAX3266X_SHA */

#if defined(MAX3266X_MATH)
Expand Down Expand Up @@ -615,7 +721,7 @@ int wc_MXC_MAA_zeroPad(mp_int* multiplier, mp_int* multiplicand,
return BAD_FUNC_ARG;
}
if ((result == NULL) || (multiplier == NULL) || (multiplicand == NULL) ||
((exp == NULL) && (clc == WC_MXC_TPU_MAA_EXP)) || (mod == NULL)) {
((exp == NULL) && (clc == MXC_TPU_MAA_EXP)) || (mod == NULL)) {
return BAD_FUNC_ARG;
}

Expand All @@ -630,17 +736,17 @@ int wc_MXC_MAA_zeroPad(mp_int* multiplier, mp_int* multiplicand,

/* Check for invalid arguments befor padding */
switch ((char)clc) {
case WC_MXC_TPU_MAA_EXP:
case MXC_TPU_MAA_EXP:
/* Cannot be 0 for a^e mod m operation */
if (XMEMCMP(zero_tmp, exp, (exp->used*sizeof(mp_digit))) == 0) {
XFREE(zero_tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
MAX3266X_MSG("Cannot use Value 0 for Exp");
return BAD_FUNC_ARG;
}

/* Padd out rest of data if used != length to ensure no */
/* Pad out rest of data if used != length to ensure no */
/* garbage is used in calculation */
if ((exp != NULL) && (clc == WC_MXC_TPU_MAA_EXP)) {
if ((exp != NULL) && (clc == MXC_TPU_MAA_EXP)) {
if ((exp->dp != NULL) && (exp->used < length)) {
MAX3266X_MSG("Zero Padding Exp Buffer");
XMEMSET(exp->dp + exp->used, 0x00,
Expand All @@ -649,11 +755,11 @@ int wc_MXC_MAA_zeroPad(mp_int* multiplier, mp_int* multiplicand,
}

/* Fall through to check mod is not 0 */
case WC_MXC_TPU_MAA_SQ:
case WC_MXC_TPU_MAA_MUL:
case WC_MXC_TPU_MAA_SQMUL:
case WC_MXC_TPU_MAA_ADD:
case WC_MXC_TPU_MAA_SUB:
case MXC_TPU_MAA_SQ:
case MXC_TPU_MAA_MUL:
case MXC_TPU_MAA_SQMUL:
case MXC_TPU_MAA_ADD:
case MXC_TPU_MAA_SUB:
/* Cannot be 0 for mod m value */
if (XMEMCMP(zero_tmp, mod, (exp->used*sizeof(mp_digit))) == 0) {
XFREE(zero_tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Expand Down Expand Up @@ -723,7 +829,7 @@ int wc_MXC_MAA_math(mp_int* multiplier, mp_int* multiplicand, mp_int* exp,
return MP_VAL;
}

if (clc == WC_MXC_TPU_MAA_EXP) {
if (clc == MXC_TPU_MAA_EXP) {
length = wc_MXC_MAA_Largest(5, multiplier->used, multiplicand->used,
exp->used, mod->used, result->used);
}
Expand Down Expand Up @@ -791,7 +897,7 @@ int wc_MXC_MAA_expmod(mp_int* base, mp_int* exp, mp_int* mod,
multiplicand.used = mod->used;
MAX3266X_MSG("Preparing exptmod MAA HW Call");
return wc_MXC_MAA_math(base, &multiplicand, exp, mod, result,
WC_MXC_TPU_MAA_EXP);
MXC_TPU_MAA_EXP);
}

int wc_MXC_MAA_sqrmod(mp_int* multiplier, mp_int* mod, mp_int* result)
Expand All @@ -802,31 +908,31 @@ int wc_MXC_MAA_sqrmod(mp_int* multiplier, mp_int* mod, mp_int* result)
multiplicand.used = mod->used;
MAX3266X_MSG("Preparing sqrmod MAA HW Call");
return wc_MXC_MAA_math(multiplier, &multiplicand, NULL, mod, result,
WC_MXC_TPU_MAA_SQ);
MXC_TPU_MAA_SQ);
}

int wc_MXC_MAA_mulmod(mp_int* multiplier, mp_int* multiplicand, mp_int* mod,
mp_int* result)
{
MAX3266X_MSG("Preparing mulmod MAA HW Call");
return wc_MXC_MAA_math(multiplier, multiplicand, NULL, mod, result,
WC_MXC_TPU_MAA_MUL);
MXC_TPU_MAA_MUL);
}

int wc_MXC_MAA_sqrmulmod(mp_int* multiplier, mp_int* multiplicand,
mp_int* exp, mp_int* mod, mp_int* result)
{
MAX3266X_MSG("Preparing sqrmulmod MAA HW Call");
return wc_MXC_MAA_math(multiplier, multiplicand, NULL, mod, result,
WC_MXC_TPU_MAA_SQMUL);
MXC_TPU_MAA_SQMUL);
}

int wc_MXC_MAA_addmod(mp_int* multiplier, mp_int* multiplicand, mp_int* mod,
mp_int* result)
{
MAX3266X_MSG("Preparing addmod MAA HW Call");
return wc_MXC_MAA_math(multiplier, multiplicand, NULL, mod, result,
WC_MXC_TPU_MAA_ADD);
MXC_TPU_MAA_ADD);
}

int wc_MXC_MAA_submod(mp_int* multiplier, mp_int* multiplicand, mp_int* mod,
Expand All @@ -839,7 +945,7 @@ int wc_MXC_MAA_submod(mp_int* multiplier, mp_int* multiplicand, mp_int* mod,
}
else {
return wc_MXC_MAA_math(multiplier, multiplicand, NULL, mod, result,
WC_MXC_TPU_MAA_SUB);
MXC_TPU_MAA_SUB);
}
}

Expand Down
Loading

0 comments on commit b7af221

Please sign in to comment.