Espressif ESP32 Hardware Acceleration Update and Cleanup

IDE/Espressif/ESP-IDF/libs/CMakeLists.txt

@@ -1,6 +1,24 @@
 #
+#  Copyright (C) 2006-2022 wolfSSL Inc.
+#
+#  This file is part of wolfSSL.
+#
+#  wolfSSL is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  wolfSSL is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
 # cmake for wolfssl
-# 
+#
 cmake_minimum_required(VERSION 3.5)
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 
@@ -12,23 +30,32 @@ set(COMPONENT_SRCDIRS "./src/"
                       "./wolfcrypt/src/"
                       "./wolfcrypt/src/port/Espressif/"
                       "./wolfcrypt/src/port/atmel/"
+#                      "$ENV{IDF_PATH}/components/soc/esp32s3/include/soc"
                       )
 
 set(COMPONENT_REQUIRES lwip)
 
+
+# RTOS_IDF_PATH is typically:
+# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+# depending on the environment, we may need to swap backslashes with forward slashes
+string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+# ESP-IDF after version 4.4x has a different RTOS directory structure
+string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
+
 if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
     set(COMPONENT_ADD_INCLUDEDIRS
         "."
         "./include"
-        "../freertos/FreeRTOS-Kernel/include/freertos"
+       "${RTOS_IDF_PATH5}"
        "${WOLFSSL_ROOT}"
        )
 else()
 
    set(COMPONENT_ADD_INCLUDEDIRS
        "."
        "./include"
-       "../freertos/include/freertos"
+       "${RTOS_IDF_PATH}"
        "${WOLFSSL_ROOT}"
       )
 endif()
@@ -49,3 +76,11 @@ set(COMPONENT_SRCEXCLUDE
     )
 
 register_component()
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    message(STATUS  "")
+    message(STATUS  "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS  "")
+endif()
+# end multiple component check

IDE/Espressif/ESP-IDF/libs/component.mk

@@ -1,17 +1,38 @@
-#
-# Component Makefile
-#
-
-COMPONENT_ADD_INCLUDEDIRS := . ./include
-COMPONENT_ADD_INCLUDEDIRS += ../freertos/include/freertos/
-
-COMPONENT_SRCDIRS := src wolfcrypt/src
-COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
-COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
-
-CFLAGS +=-DWOLFSSL_USER_SETTINGS
-
-COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
-COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
-COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
-COMPONENT_OBJEXCLUDE += src/bio.o
+#
+# Copyright (C) 2006-2022 wolfSSL Inc.
+#
+# This file is part of wolfSSL.
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+#
+# Component Makefile
+#
+
+COMPONENT_ADD_INCLUDEDIRS := . ./include
+
+COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/components/freertos/include/freertos"
+# COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/soc/esp32s3/include/soc"
+
+COMPONENT_SRCDIRS := src wolfcrypt/src
+COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
+COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
+
+CFLAGS +=-DWOLFSSL_USER_SETTINGS
+
+COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
+COMPONENT_OBJEXCLUDE += src/bio.o

IDE/Espressif/ESP-IDF/user_settings.h

@@ -19,22 +19,24 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 #undef WOLFSSL_ESPIDF
+#undef WOLFSSL_ESPWROOM32
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESPWROOM32
+#undef WOLFSSL_ESP8266
+
 #define WOLFSSL_ESPIDF
 
 /*
  * choose ONE of these Espressif chips to define:
- * 
+ *
  * WOLFSSL_ESPWROOM32
  * WOLFSSL_ESPWROOM32SE
  * WOLFSSL_ESP8266
- * 
- * comment out the others:
  */
 
 #define WOLFSSL_ESPWROOM32
-/* #define WOLFSSL_ESPWROOM32SE */
-/* #define WOLFSSL_ESP8266 */
 
+/* #define DEBUG_WOLFSSL_VERBOSE */
 
 #define BENCH_EMBEDDED
 #define USE_CERT_BUFFERS_2048
@@ -88,7 +90,7 @@
     /* Define USE_FAST_MATH and SMALL_STACK                        */
     #define ESP32_USE_RSA_PRIMITIVE
     /* threshold for performance adjustment for hw primitive use   */
-    /* X bits of G^X mod P greater than                            */ 
+    /* X bits of G^X mod P greater than                            */
     #define EPS_RSA_EXPT_XBTIS           36
     /* X and Y of X * Y mod P greater than                         */
     #define ESP_RSA_MULM_BITS            2000

wolfcrypt/src/port/Espressif/esp32_aes.c

@@ -19,6 +19,10 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+/*
+ * WOLFSSL_SUCCESS and WOLFSSL_FAILURE values should only
+ * be used in the ssl layer, not in wolfCrypt
+ **/
 #include <string.h>
 #include <stdio.h>
 
@@ -36,35 +40,48 @@
 #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
 
 static const char* TAG = "wolf_hw_aes";
+
 /* mutex */
 static wolfSSL_Mutex aes_mutex;
+
+/* keep track as to whether esp aes is initialized */
 static int espaes_CryptHwMutexInit = 0;
 
 /*
 * lock hw engine.
 * this should be called before using engine.
+*
+* returns 0 if the hw lock was initialized and mutex lock
 */
 static int esp_aes_hw_InUse()
 {
     int ret = 0;
 
     ESP_LOGV(TAG, "enter esp_aes_hw_InUse");
 
-    if(espaes_CryptHwMutexInit == 0) {
+    if (espaes_CryptHwMutexInit == 0) {
         ret = esp_CryptHwMutexInit(&aes_mutex);
-        if(ret == 0){
+        if (ret == 0) {
+            /* flag esp aes as initialized */
             espaes_CryptHwMutexInit = 1;
-        } else {
-            ESP_LOGE(TAG, "aes mutx initialization failed.");
+        }
+        else {
+            ESP_LOGE(TAG, "aes mutex initialization failed.");
             return -1;
         }
     }
+    else {
+        /* esp aes has already been initialized */
+    }
+
     /* lock hardware */
     ret = esp_CryptHwMutexLock(&aes_mutex, portMAX_DELAY);
+
     if(ret != 0) {
         ESP_LOGE(TAG, "aes engine lock failed.");
         return -1;
     }
+
     /* Enable AES hardware */
     periph_module_enable(PERIPH_AES_MODULE);
 
@@ -92,23 +109,27 @@ static void esp_aes_hw_Leave( void )
  */
 static void esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
 {
-    int i;
+    word32 i;
     word32 mode_ = 0;
 
-    ESP_LOGV(TAG, "enter esp_aes_hw_Set_KeyMode");
+    ESP_LOGV(TAG, "  enter esp_aes_hw_Set_KeyMode");
 
     /* check mode */
     if(mode == ESP32_AES_UPDATEKEY_ENCRYPT) {
         mode_ = 0;
-    } else if(mode == ESP32_AES_UPDATEKEY_DECRYPT){
-        mode_ = 4;
-    } else {
-        ESP_LOGE(TAG, "unexpected error.");
-        return;
+    }
+    else {
+        if (mode == ESP32_AES_UPDATEKEY_DECRYPT) {
+            mode_ = 4;
+        }
+        else {
+            ESP_LOGE(TAG, "  >> unexpected error.");
+            return;
+        }
     }
 
     /* update key */
-    for(i=0;i<(ctx->keylen)/sizeof(word32);i++){
+    for(i=0; i<(ctx->keylen)/sizeof(word32); i++){
         DPORT_REG_WRITE(AES_KEY_BASE + (i*4), *(((word32*)ctx->key) + i));
     }
 
@@ -127,7 +148,7 @@ static void esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
     }
 
     DPORT_REG_WRITE(AES_MODE_REG, mode_);
-    ESP_LOGV(TAG, "leave esp_aes_hw_Setkey");
+    ESP_LOGV(TAG, "  leave esp_aes_hw_Setkey");
 }
 
 /*
@@ -181,6 +202,7 @@ int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out)
     esp_aes_hw_Leave();
     return 0;
 }
+
 /*
 * wc_esp32AesDecrypt
 * @brief: a one block decrypt of the input block, into the output block
@@ -202,6 +224,7 @@ int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
     esp_aes_hw_Leave();
     return 0;
 }
+
 /*
 * wc_esp32AesCbcEncrypt
 * @brief: Encrypts a plain text message from the input buffer, and places the
@@ -281,8 +304,9 @@ int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
         esp_aes_bk((in + offset), (out + offset));
 
         /* XOR block with IV for CBC */
-        for (i = 0; i < AES_BLOCK_SIZE; i++)
+        for (i = 0; i < AES_BLOCK_SIZE; i++) {
             (out + offset)[i] ^= iv[i];
+        }
 
         /* store IV for next block */
         XMEMCPY(iv, temp_block, AES_BLOCK_SIZE);