From 4e41b73b049343398de929a031499312661a5625 Mon Sep 17 00:00:00 2001 From: Jiang Guang Ming Date: Fri, 2 Aug 2024 11:45:46 +0800 Subject: [PATCH 1/6] feat(esp_hw_support): Support esp32c2 rev2.0 chip --- components/esp_hw_support/port/esp32c2/Kconfig.hw_support | 3 +++ 1 file changed, 3 insertions(+) diff --git a/components/esp_hw_support/port/esp32c2/Kconfig.hw_support b/components/esp_hw_support/port/esp32c2/Kconfig.hw_support index eb203c654e6e..af7a86441308 100644 --- a/components/esp_hw_support/port/esp32c2/Kconfig.hw_support +++ b/components/esp_hw_support/port/esp32c2/Kconfig.hw_support @@ -13,12 +13,15 @@ choice ESP32C2_REV_MIN bool "Rev v1.0 (ECO1)" config ESP32C2_REV_MIN_1_1 bool "Rev v1.1 (ECO2)" + config ESP32C2_REV_MIN_200 + bool "Rev v2.0 (ECO4)" endchoice config ESP32C2_REV_MIN_FULL int default 100 if ESP32C2_REV_MIN_1 default 101 if ESP32C2_REV_MIN_1_1 + default 200 if ESP32C2_REV_MIN_200 config ESP_REV_MIN_FULL int From 0e80012fce5108f03ec7703f529c8467ff1f2dc3 Mon Sep 17 00:00:00 2001 From: Jiang Guang Ming Date: Fri, 30 Aug 2024 15:38:16 +0800 Subject: [PATCH 2/6] feat(esp_rom): update esp32c2.rom.mbedtls.eco4.ld --- .../esp32c2/ld/esp32c2.rom.mbedtls.eco4.ld | 221 ++++++++++++++++++ .../esp_rom/esp32c2/ld/esp32c2.rom.mbedtls.ld | 4 +- 2 files changed, 223 insertions(+), 2 deletions(-) create mode 100644 components/esp_rom/esp32c2/ld/esp32c2.rom.mbedtls.eco4.ld diff --git a/components/esp_rom/esp32c2/ld/esp32c2.rom.mbedtls.eco4.ld b/components/esp_rom/esp32c2/ld/esp32c2.rom.mbedtls.eco4.ld new file mode 100644 index 000000000000..ee70068dabfe --- /dev/null +++ b/components/esp_rom/esp32c2/ld/esp32c2.rom.mbedtls.eco4.ld @@ -0,0 +1,221 @@ +/* + * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/*************************************** + Group eco4_rom_mbedtls + ***************************************/ + +/* Functions */ +mbedtls_mpi_init = 0x400026dc; +mbedtls_mpi_free = 0x400026e0; +mbedtls_mpi_grow = 0x400026e4; +mbedtls_mpi_shrink = 0x400026e8; +mbedtls_mpi_copy = 0x400026ec; +mbedtls_mpi_safe_cond_assign = 0x400026f0; +mbedtls_mpi_safe_cond_swap = 0x400026f4; +mbedtls_mpi_lset = 0x400026f8; +mbedtls_mpi_get_bit = 0x400026fc; +mbedtls_mpi_set_bit = 0x40002700; +mbedtls_mpi_lsb = 0x40002704; +mbedtls_mpi_bitlen = 0x40002708; +mbedtls_mpi_size = 0x4000270c; +mbedtls_mpi_read_binary = 0x40002710; +mbedtls_mpi_write_binary = 0x40002714; +mbedtls_mpi_shift_l = 0x40002718; +mbedtls_mpi_shift_r = 0x4000271c; +mbedtls_mpi_cmp_abs = 0x40002720; +mbedtls_mpi_cmp_mpi = 0x40002724; +mbedtls_mpi_lt_mpi_ct = 0x40002728; +mbedtls_mpi_cmp_int = 0x4000272c; +mbedtls_mpi_add_abs = 0x40002730; +mbedtls_mpi_sub_abs = 0x40002734; +mbedtls_mpi_add_mpi = 0x40002738; +mbedtls_mpi_sub_mpi = 0x4000273c; +mbedtls_mpi_add_int = 0x40002740; +mbedtls_mpi_sub_int = 0x40002744; +mbedtls_mpi_mul_mpi = 0x40002748; +mbedtls_mpi_mul_int = 0x4000274c; +mbedtls_mpi_div_mpi = 0x40002750; +mbedtls_mpi_div_int = 0x40002754; +mbedtls_mpi_mod_mpi = 0x40002758; +mbedtls_mpi_mod_int = 0x4000275c; +mbedtls_mpi_exp_mod = 0x40002760; +mbedtls_mpi_fill_random = 0x40002764; +mbedtls_mpi_gcd = 0x40002768; +mbedtls_mpi_inv_mod = 0x4000276c; +mbedtls_mpi_is_prime_ext = 0x40002770; + +/*************************************** + Group eco4_rom_mbedtls + ***************************************/ + +/* Functions */ +rom_mbedtls_threading_set_alt = 0x40002c0c; +mbedtls_aes_crypt_cfb8 = 0x40002c10; +mbedtls_mpi_swap = 0x40002c14; +mbedtls_mpi_read_string = 0x40002c18; +mbedtls_mpi_write_string = 0x40002c1c; +mbedtls_mpi_read_binary_le = 0x40002c20; +mbedtls_mpi_write_binary_le = 0x40002c24; +mbedtls_mpi_random = 0x40002c28; +mbedtls_mpi_gen_prime = 0x40002c2c; +mbedtls_ecp_check_budget = 0x40002c30; +mbedtls_ecp_set_max_ops = 0x40002c34; +mbedtls_ecp_restart_is_enabled = 0x40002c38; +mbedtls_ecp_get_type = 0x40002c3c; +mbedtls_ecp_curve_list = 0x40002c40; +mbedtls_ecp_grp_id_list = 0x40002c44; +mbedtls_ecp_curve_info_from_grp_id = 0x40002c48; +mbedtls_ecp_curve_info_from_tls_id = 0x40002c4c; +mbedtls_ecp_curve_info_from_name = 0x40002c50; +mbedtls_ecp_point_init = 0x40002c54; +mbedtls_ecp_group_init = 0x40002c58; +mbedtls_ecp_keypair_init = 0x40002c5c; +mbedtls_ecp_point_free = 0x40002c60; +mbedtls_ecp_group_free = 0x40002c64; +mbedtls_ecp_keypair_free = 0x40002c68; +mbedtls_ecp_restart_init = 0x40002c6c; +mbedtls_ecp_restart_free = 0x40002c70; +mbedtls_ecp_copy = 0x40002c74; +mbedtls_ecp_group_copy = 0x40002c78; +mbedtls_ecp_set_zero = 0x40002c7c; +mbedtls_ecp_is_zero = 0x40002c80; +mbedtls_ecp_point_cmp = 0x40002c84; +mbedtls_ecp_point_read_string = 0x40002c88; +mbedtls_ecp_point_write_binary = 0x40002c8c; +mbedtls_ecp_point_read_binary = 0x40002c90; +mbedtls_ecp_tls_read_point = 0x40002c94; +mbedtls_ecp_tls_write_point = 0x40002c98; +mbedtls_ecp_group_load = 0x40002c9c; +mbedtls_ecp_tls_read_group = 0x40002ca0; +mbedtls_ecp_tls_read_group_id = 0x40002ca4; +mbedtls_ecp_tls_write_group = 0x40002ca8; +mbedtls_ecp_mul = 0x40002cac; +mbedtls_ecp_mul_restartable = 0x40002cb0; +mbedtls_ecp_muladd = 0x40002cb4; +mbedtls_ecp_muladd_restartable = 0x40002cb8; +mbedtls_ecp_check_pubkey = 0x40002cbc; +mbedtls_ecp_check_privkey = 0x40002cc0; +mbedtls_ecp_gen_privkey = 0x40002cc4; +mbedtls_ecp_gen_keypair_base = 0x40002cc8; +mbedtls_ecp_gen_keypair = 0x40002ccc; +mbedtls_ecp_gen_key = 0x40002cd0; +mbedtls_ecp_read_key = 0x40002cd4; +mbedtls_ecp_write_key_ext = 0x40002cd8; +mbedtls_ecp_check_pub_priv = 0x40002cdc; +mbedtls_ecp_export = 0x40002ce0; +mbedtls_asn1_get_enum = 0x40002ce4; +mbedtls_asn1_sequence_free = 0x40002ce8; +mbedtls_asn1_traverse_sequence_of = 0x40002cec; +mbedtls_asn1_find_named_data = 0x40002cf0; +mbedtls_asn1_free_named_data_list = 0x40002cf4; +mbedtls_asn1_free_named_data_list_shallow = 0x40002cf8; +mbedtls_asn1_write_raw_buffer = 0x40002cfc; +mbedtls_asn1_write_null = 0x40002d00; +mbedtls_asn1_write_oid = 0x40002d04; +mbedtls_asn1_write_algorithm_identifier = 0x40002d08; +mbedtls_asn1_write_bool = 0x40002d0c; +mbedtls_asn1_write_int = 0x40002d10; +mbedtls_asn1_write_enum = 0x40002d14; +mbedtls_asn1_write_tagged_string = 0x40002d18; +mbedtls_asn1_write_printable_string = 0x40002d1c; +mbedtls_asn1_write_utf8_string = 0x40002d20; +mbedtls_asn1_write_ia5_string = 0x40002d24; +mbedtls_asn1_write_bitstring = 0x40002d28; +mbedtls_asn1_write_named_bitstring = 0x40002d2c; +mbedtls_asn1_write_octet_string = 0x40002d30; +mbedtls_asn1_store_named_data = 0x40002d34; +mbedtls_ccm_starts = 0x40002d38; +mbedtls_ccm_set_lengths = 0x40002d3c; +mbedtls_ccm_update_ad = 0x40002d40; +mbedtls_ccm_update = 0x40002d44; +mbedtls_ccm_finish = 0x40002d48; +mbedtls_cipher_list = 0x40002d4c; +mbedtls_cipher_info_from_string = 0x40002d50; +mbedtls_cipher_info_from_type = 0x40002d54; +mbedtls_cipher_info_from_values = 0x40002d58; +mbedtls_cipher_free = 0x40002d5c; +mbedtls_cipher_setup = 0x40002d60; +mbedtls_cipher_setkey = 0x40002d64; +mbedtls_cipher_set_iv = 0x40002d68; +mbedtls_cipher_update_ad = 0x40002d6c; +mbedtls_cipher_update = 0x40002d70; +mbedtls_cipher_write_tag = 0x40002d74; +mbedtls_cipher_check_tag = 0x40002d78; +mbedtls_cipher_auth_encrypt_ext = 0x40002d7c; +mbedtls_cipher_auth_decrypt_ext = 0x40002d80; +mbedtls_cipher_cmac_reset = 0x40002d84; +mbedtls_cipher_cmac = 0x40002d88; +mbedtls_aes_cmac_prf_128 = 0x40002d8c; +mbedtls_ctr_drbg_set_prediction_resistance = 0x40002d90; +mbedtls_ctr_drbg_set_entropy_len = 0x40002d94; +mbedtls_ctr_drbg_set_nonce_len = 0x40002d98; +mbedtls_ctr_drbg_set_reseed_interval = 0x40002d9c; +mbedtls_ctr_drbg_update = 0x40002da0; +mbedtls_base64_encode = 0x40002da4; +mbedtls_rsa_init = 0x40002da8; +mbedtls_rsa_set_padding = 0x40002dac; +mbedtls_rsa_get_padding_mode = 0x40002db0; +mbedtls_rsa_get_md_alg = 0x40002db4; +mbedtls_rsa_import = 0x40002db8; +mbedtls_rsa_import_raw = 0x40002dbc; +mbedtls_rsa_complete = 0x40002dc0; +mbedtls_rsa_export = 0x40002dc4; +mbedtls_rsa_export_raw = 0x40002dc8; +mbedtls_rsa_export_crt = 0x40002dcc; +mbedtls_rsa_get_len = 0x40002dd0; +mbedtls_rsa_gen_key = 0x40002dd4; +mbedtls_rsa_check_pubkey = 0x40002dd8; +mbedtls_rsa_check_privkey = 0x40002ddc; +mbedtls_rsa_check_pub_priv = 0x40002de0; +mbedtls_rsa_public = 0x40002de4; +mbedtls_rsa_private = 0x40002de8; +mbedtls_rsa_pkcs1_encrypt = 0x40002dec; +mbedtls_rsa_rsaes_pkcs1_v15_encrypt = 0x40002df0; +mbedtls_rsa_rsaes_oaep_encrypt = 0x40002df4; +mbedtls_rsa_pkcs1_decrypt = 0x40002df8; +mbedtls_rsa_rsaes_pkcs1_v15_decrypt = 0x40002dfc; +mbedtls_rsa_rsaes_oaep_decrypt = 0x40002e00; +mbedtls_rsa_pkcs1_sign = 0x40002e04; +mbedtls_rsa_rsassa_pkcs1_v15_sign = 0x40002e08; +mbedtls_rsa_rsassa_pss_sign_ext = 0x40002e0c; +mbedtls_rsa_rsassa_pss_sign = 0x40002e10; +mbedtls_rsa_pkcs1_verify = 0x40002e14; +mbedtls_rsa_rsassa_pkcs1_v15_verify = 0x40002e18; +mbedtls_rsa_rsassa_pss_verify = 0x40002e1c; +mbedtls_rsa_rsassa_pss_verify_ext = 0x40002e20; +mbedtls_rsa_copy = 0x40002e24; +mbedtls_rsa_free = 0x40002e28; +mbedtls_ecdh_can_do = 0x40002e2c; +mbedtls_ecdh_gen_public = 0x40002e30; +mbedtls_ecdh_compute_shared = 0x40002e34; +mbedtls_ecdh_init = 0x40002e38; +mbedtls_ecdh_setup = 0x40002e3c; +mbedtls_ecdh_free = 0x40002e40; +mbedtls_ecdh_make_params = 0x40002e44; +mbedtls_ecdh_read_params = 0x40002e48; +mbedtls_ecdh_get_params = 0x40002e4c; +mbedtls_ecdh_make_public = 0x40002e50; +mbedtls_ecdh_read_public = 0x40002e54; +mbedtls_ecdh_calc_secret = 0x40002e58; +mbedtls_ecdh_enable_restart = 0x40002e5c; +mbedtls_ecdsa_can_do = 0x40002e60; +mbedtls_ecdsa_sign = 0x40002e64; +mbedtls_ecdsa_sign_det_ext = 0x40002e68; +mbedtls_ecdsa_sign_restartable = 0x40002e6c; +mbedtls_ecdsa_sign_det_restartable = 0x40002e70; +mbedtls_ecdsa_verify = 0x40002e74; +mbedtls_ecdsa_verify_restartable = 0x40002e78; +mbedtls_ecdsa_write_signature = 0x40002e7c; +mbedtls_ecdsa_write_signature_restartable = 0x40002e80; +mbedtls_ecdsa_read_signature = 0x40002e84; +mbedtls_ecdsa_read_signature_restartable = 0x40002e88; +mbedtls_ecdsa_genkey = 0x40002e8c; +mbedtls_ecdsa_from_keypair = 0x40002e90; +mbedtls_ecdsa_init = 0x40002e94; +mbedtls_ecdsa_free = 0x40002e98; +mbedtls_ecdsa_restart_init = 0x40002e9c; +mbedtls_ecdsa_restart_free = 0x40002ea0; diff --git a/components/esp_rom/esp32c2/ld/esp32c2.rom.mbedtls.ld b/components/esp_rom/esp32c2/ld/esp32c2.rom.mbedtls.ld index 54f24e751c2e..f81555d14013 100644 --- a/components/esp_rom/esp32c2/ld/esp32c2.rom.mbedtls.ld +++ b/components/esp_rom/esp32c2/ld/esp32c2.rom.mbedtls.ld @@ -74,7 +74,7 @@ mbedtls_sha512_clone = 0x40002a50; mbedtls_sha512_starts = 0x40002a54; mbedtls_sha512_update = 0x40002a58; mbedtls_sha512_finish = 0x40002a5c; -mbedtls_internal_sha512_process = 0x40002a60; +/*mbedtls_internal_sha512_process = 0x40002a60;*/ mbedtls_sha512 = 0x40002a64; mbedtls_aes_xts_init = 0x40002b68; mbedtls_aes_xts_free = 0x40002b6c; @@ -95,7 +95,7 @@ mbedtls_md5_clone = 0x40002be0; mbedtls_md5_starts = 0x40002be4; mbedtls_md5_update = 0x40002be8; mbedtls_md5_finish = 0x40002bec; -mbedtls_internal_md5_process = 0x40002bf0; +/*mbedtls_internal_md5_process = 0x40002bf0;*/ mbedtls_md5 = 0x40002bf4; mbedtls_sha1 = 0x40002c08; /* Data (.data, .bss, .rodata) */ From caca3c2bc3f9f0897688f5b975baf76e6bbd70d2 Mon Sep 17 00:00:00 2001 From: Jiang Guang Ming Date: Fri, 30 Aug 2024 15:55:31 +0800 Subject: [PATCH 3/6] feat(esp_rom): include rom.mbedtls.eco4.ld with C2 rev2.0(ECO4) select --- components/esp_rom/CMakeLists.txt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/components/esp_rom/CMakeLists.txt b/components/esp_rom/CMakeLists.txt index 808d05195756..81ef4d2d14a2 100644 --- a/components/esp_rom/CMakeLists.txt +++ b/components/esp_rom/CMakeLists.txt @@ -241,6 +241,10 @@ else() # Regular app build if(CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL) rom_linker_script("mbedtls") + # For ESP32C2(ECO4), mbedTLS in ROM has been updated to v3.6.0-LTS + if(CONFIG_ESP32C2_REV_MIN_FULL GREATER_EQUAL 200) + rom_linker_script("mbedtls.eco4") + endif() endif() if(CONFIG_IDF_TARGET_ARCH_XTENSA) From fb9a435952468f88ea5feebafc7d879629304173 Mon Sep 17 00:00:00 2001 From: Jiang Guang Ming Date: Fri, 30 Aug 2024 16:45:50 +0800 Subject: [PATCH 4/6] feat(mbedtls): support ROM mbedtls v3.6.0 on C2 rev2.0(ECO4) --- components/mbedtls/Kconfig | 8 +- .../port/mbedtls_rom/mbedtls_rom_osi.c | 268 +++++++++++++++++- .../port/mbedtls_rom/mbedtls_rom_osi.h | 260 ++++++++++++++++- 3 files changed, 527 insertions(+), 9 deletions(-) diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig index 67cf8cc483fa..5af7205645b5 100644 --- a/components/mbedtls/Kconfig +++ b/components/mbedtls/Kconfig @@ -1128,15 +1128,17 @@ menu "mbedTLS" select MBEDTLS_CCM_C select MBEDTLS_ROM_MD5 select MBEDTLS_HARDWARE_SHA + select MBEDTLS_ECP_RESTARTABLE help Enable this flag to use mbedtls crypto algorithm from ROM instead of ESP-IDF. This configuration option saves flash footprint in the application binary. - Note that the version of mbedtls crypto algorithm library in ROM is v2.16.12. - We have done the security analysis of the mbedtls revision in ROM (v2.16.12) + Note that the version of mbedtls crypto algorithm library in ROM(ECO1~ECO3) is v2.16.12, + and the version of mbedtls crypto algorithm library in ROM(ECO4) is v3.6.0. + We have done the security analysis of the mbedtls revision in ROM (ECO1~ECO4) and ensured that affected symbols have been patched (removed). If in the future mbedtls revisions there are security issues that also affects the version in - ROM (v2.16.12) then we shall patch the relevant symbols. This would increase + ROM (ECO1~ECO4) then we shall patch the relevant symbols. This would increase the flash footprint and hence care must be taken to keep some reserved space for the application binary in flash layout. diff --git a/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.c b/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.c index 78fb4d479e8b..b02e098b3b98 100644 --- a/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.c +++ b/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -10,6 +10,8 @@ #include MBEDTLS_CONFIG_FILE #endif +#include "soc/chip_revision.h" +#include "hal/efuse_hal.h" #include "mbedtls/platform.h" #include "mbedtls_rom_osi.h" @@ -81,7 +83,7 @@ static const mbedtls_rom_funcs_t mbedtls_rom_funcs_table = { ._rom_mbedtls_asn1_write_len = mbedtls_asn1_write_len, ._rom_mbedtls_asn1_write_tag = mbedtls_asn1_write_tag, ._rom_mbedtls_asn1_write_mpi = mbedtls_asn1_write_mpi, - /* base64 moudle */ + /* base64 module */ ._rom_mbedtls_base64_decode = mbedtls_base64_decode, /* bignum module */ ._rom_mbedtls_mpi_init = mbedtls_mpi_init, @@ -179,9 +181,265 @@ static const mbedtls_rom_funcs_t mbedtls_rom_funcs_table = { ._mbedtls_internal_sha256_process = mbedtls_internal_sha256_process, }; +/* This structure can be automatically generated by the script with rom.mbedtls.ld. */ +static const mbedtls_rom_eco4_funcs_t mbedtls_rom_eco4_funcs_table = { + /* Fill the ROM functions into mbedtls rom function table. */ + /* aes module */ + ._rom_mbedtls_aes_init = mbedtls_aes_init, + ._rom_mbedtls_aes_free = mbedtls_aes_free, + ._rom_mbedtls_aes_setkey_enc = mbedtls_aes_setkey_enc, + ._rom_mbedtls_aes_setkey_dec = mbedtls_aes_setkey_dec, + ._rom_mbedtls_aes_crypt_ecb = mbedtls_aes_crypt_ecb, + ._rom_mbedtls_aes_crypt_cbc = mbedtls_aes_crypt_cbc, + ._rom_mbedtls_internal_aes_encrypt = mbedtls_internal_aes_encrypt, + ._rom_mbedtls_internal_aes_decrypt = mbedtls_internal_aes_decrypt, + /* asn1 module */ + ._rom_mbedtls_asn1_get_len = mbedtls_asn1_get_len, + ._rom_mbedtls_asn1_get_tag = mbedtls_asn1_get_tag, + ._rom_mbedtls_asn1_get_bool = mbedtls_asn1_get_bool, + ._rom_mbedtls_asn1_get_int = mbedtls_asn1_get_int, + ._rom_mbedtls_asn1_get_bitstring = mbedtls_asn1_get_bitstring, + ._rom_mbedtls_asn1_get_bitstring_null = mbedtls_asn1_get_bitstring_null, + ._rom_mbedtls_asn1_get_sequence_of = mbedtls_asn1_get_sequence_of, + ._rom_mbedtls_asn1_get_mpi = mbedtls_asn1_get_mpi, + ._rom_mbedtls_asn1_get_alg = mbedtls_asn1_get_alg, + ._rom_mbedtls_asn1_get_alg_null = mbedtls_asn1_get_alg_null, + ._rom_mbedtls_asn1_write_len = mbedtls_asn1_write_len, + ._rom_mbedtls_asn1_write_tag = mbedtls_asn1_write_tag, + ._rom_mbedtls_asn1_write_mpi = mbedtls_asn1_write_mpi, + /* base64 module */ + ._rom_mbedtls_base64_decode = mbedtls_base64_decode, + /* bignum module */ + ._rom_mbedtls_mpi_init = mbedtls_mpi_init, + ._rom_mbedtls_mpi_free = mbedtls_mpi_free, + ._rom_mbedtls_mpi_grow = mbedtls_mpi_grow, + ._rom_mbedtls_mpi_shrink = mbedtls_mpi_shrink, + ._rom_mbedtls_mpi_copy = mbedtls_mpi_copy, + ._rom_mbedtls_mpi_safe_cond_assign = mbedtls_mpi_safe_cond_assign, + ._rom_mbedtls_mpi_safe_cond_swap = mbedtls_mpi_safe_cond_swap, + ._rom_mbedtls_mpi_lset = mbedtls_mpi_lset, + ._rom_mbedtls_mpi_get_bit = mbedtls_mpi_get_bit, + ._rom_mbedtls_mpi_set_bit = mbedtls_mpi_set_bit, + ._rom_mbedtls_mpi_lsb = mbedtls_mpi_lsb, + ._rom_mbedtls_mpi_bitlen = mbedtls_mpi_bitlen, + ._rom_mbedtls_mpi_size = mbedtls_mpi_size, + ._rom_mbedtls_mpi_read_binary = mbedtls_mpi_read_binary, + ._rom_mbedtls_mpi_write_binary = mbedtls_mpi_write_binary, + ._rom_mbedtls_mpi_shift_l = mbedtls_mpi_shift_l, + ._rom_mbedtls_mpi_shift_r = mbedtls_mpi_shift_r, + ._rom_mbedtls_mpi_cmp_abs = mbedtls_mpi_cmp_abs, + ._rom_mbedtls_mpi_cmp_mpi = mbedtls_mpi_cmp_mpi, + ._rom_mbedtls_mpi_lt_mpi_ct = mbedtls_mpi_lt_mpi_ct, + ._rom_mbedtls_mpi_cmp_int = mbedtls_mpi_cmp_int, + ._rom_mbedtls_mpi_add_abs = mbedtls_mpi_add_abs, + ._rom_mbedtls_mpi_sub_abs = mbedtls_mpi_sub_abs, + ._rom_mbedtls_mpi_add_mpi = mbedtls_mpi_add_mpi, + ._rom_mbedtls_mpi_sub_mpi = mbedtls_mpi_sub_mpi, + ._rom_mbedtls_mpi_add_int = mbedtls_mpi_add_int, + ._rom_mbedtls_mpi_sub_int = mbedtls_mpi_sub_int, + ._rom_mbedtls_mpi_mul_mpi = mbedtls_mpi_mul_mpi, + ._rom_mbedtls_mpi_mul_int = mbedtls_mpi_mul_int, + ._rom_mbedtls_mpi_div_mpi = mbedtls_mpi_div_mpi, + ._rom_mbedtls_mpi_div_int = mbedtls_mpi_div_int, + ._rom_mbedtls_mpi_mod_mpi = mbedtls_mpi_mod_mpi, + ._rom_mbedtls_mpi_mod_int = mbedtls_mpi_mod_int, + ._rom_mbedtls_mpi_exp_mod = mbedtls_mpi_exp_mod, + ._rom_mbedtls_mpi_fill_random = mbedtls_mpi_fill_random, + ._rom_mbedtls_mpi_gcd = mbedtls_mpi_gcd, + ._rom_mbedtls_mpi_inv_mod = mbedtls_mpi_inv_mod, + ._rom_mbedtls_mpi_is_prime_ext = mbedtls_mpi_is_prime_ext, + /* ccm module */ + ._rom_mbedtls_ccm_star_encrypt_and_tag = mbedtls_ccm_star_encrypt_and_tag, + ._rom_mbedtls_ccm_star_auth_decrypt = mbedtls_ccm_star_auth_decrypt, + /* cipher module */ + ._rom_mbedtls_cipher_init = mbedtls_cipher_init, + ._rom_mbedtls_cipher_set_padding_mode = mbedtls_cipher_set_padding_mode, + ._rom_mbedtls_cipher_reset = mbedtls_cipher_reset, + ._rom_mbedtls_cipher_finish = mbedtls_cipher_finish, + ._rom_mbedtls_cipher_crypt = mbedtls_cipher_crypt, + ._rom_mbedtls_cipher_cmac_starts = mbedtls_cipher_cmac_starts, + ._rom_mbedtls_cipher_cmac_update = mbedtls_cipher_cmac_update, + ._rom_mbedtls_cipher_cmac_finish = mbedtls_cipher_cmac_finish, + /* ctr drbg module */ + ._rom_mbedtls_ctr_drbg_init = mbedtls_ctr_drbg_init, + ._rom_mbedtls_ctr_drbg_seed = mbedtls_ctr_drbg_seed, + ._rom_mbedtls_ctr_drbg_free = mbedtls_ctr_drbg_free, + ._rom_mbedtls_ctr_drbg_reseed = mbedtls_ctr_drbg_reseed, + ._rom_mbedtls_ctr_drbg_random_with_add = mbedtls_ctr_drbg_random_with_add, + ._rom_mbedtls_ctr_drbg_random = mbedtls_ctr_drbg_random, + /* sha1 module */ + ._rom_mbedtls_sha1_init = mbedtls_sha1_init, + ._rom_mbedtls_sha1_free = mbedtls_sha1_free, + ._rom_mbedtls_sha1_clone = mbedtls_sha1_clone, + ._rom_mbedtls_sha1_starts = mbedtls_sha1_starts, + ._rom_mbedtls_sha1_finish = mbedtls_sha1_finish, + /* sha256 module */ + ._rom_mbedtls_sha256_init = mbedtls_sha256_init, + ._rom_mbedtls_sha256_free = mbedtls_sha256_free, + ._rom_mbedtls_sha256_clone = mbedtls_sha256_clone, + ._rom_mbedtls_sha256_starts = mbedtls_sha256_starts, + ._rom_mbedtls_sha256_finish = mbedtls_sha256_finish, + ._rom_mbedtls_sha256 = mbedtls_sha256, + /* sha512 module */ + ._rom_mbedtls_sha512_init = mbedtls_sha512_init, + ._rom_mbedtls_sha512_free = mbedtls_sha512_free, + ._rom_mbedtls_sha512_clone = mbedtls_sha512_clone, + ._rom_mbedtls_sha512_starts = mbedtls_sha512_starts, + ._rom_mbedtls_sha512_update = mbedtls_sha512_update, + ._rom_mbedtls_sha512_finish = mbedtls_sha512_finish, + //._rom_mbedtls_internal_sha512_process = mbedtls_internal_sha512_process, + ._rom_mbedtls_sha512 = mbedtls_sha512, + + ._rom_mbedtls_aes_xts_init = mbedtls_aes_xts_init, + ._rom_mbedtls_aes_xts_free = mbedtls_aes_xts_free, + ._rom_mbedtls_aes_xts_setkey_enc = mbedtls_aes_xts_setkey_enc, + ._rom_mbedtls_aes_xts_setkey_dec = mbedtls_aes_xts_setkey_dec, + ._rom_mbedtls_aes_crypt_xts = mbedtls_aes_crypt_xts, + ._rom_mbedtls_aes_crypt_cfb128 = mbedtls_aes_crypt_cfb128, + ._rom_mbedtls_aes_crypt_ofb = mbedtls_aes_crypt_ofb, + ._rom_mbedtls_aes_crypt_ctr = mbedtls_aes_crypt_ctr, + ._rom_mbedtls_ccm_init = mbedtls_ccm_init, + ._rom_mbedtls_ccm_setkey = mbedtls_ccm_setkey, + ._rom_mbedtls_ccm_free = mbedtls_ccm_free, + ._rom_mbedtls_ccm_encrypt_and_tag = mbedtls_ccm_encrypt_and_tag, + ._rom_mbedtls_ccm_auth_decrypt = mbedtls_ccm_auth_decrypt, + ._rom_mbedtls_md5_init = mbedtls_md5_init, + ._rom_mbedtls_md5_free = mbedtls_md5_free, + ._rom_mbedtls_md5_clone = mbedtls_md5_clone, + ._rom_mbedtls_md5_starts = mbedtls_md5_starts, + ._rom_mbedtls_md5_update = mbedtls_md5_update, + ._rom_mbedtls_md5_finish = mbedtls_md5_finish, + ._rom_mbedtls_md5 = mbedtls_md5, + ._rom_mbedtls_sha1 = mbedtls_sha1, + + // eco4 rom mbedtls functions + ._rom_mbedtls_aes_crypt_cfb8 = mbedtls_aes_crypt_cfb8, + ._rom_mbedtls_mpi_swap = mbedtls_mpi_swap, + ._rom_mbedtls_mpi_read_string = mbedtls_mpi_read_string, + ._rom_mbedtls_mpi_write_string = mbedtls_mpi_write_string, + ._rom_mbedtls_mpi_read_binary_le = mbedtls_mpi_read_binary_le, + ._rom_mbedtls_mpi_write_binary_le = mbedtls_mpi_write_binary_le, + ._rom_mbedtls_mpi_random = mbedtls_mpi_random, + ._rom_mbedtls_mpi_gen_prime = mbedtls_mpi_gen_prime, + ._rom_mbedtls_ecp_check_budget = mbedtls_ecp_check_budget, + ._rom_mbedtls_ecp_set_max_ops = mbedtls_ecp_set_max_ops, + ._rom_mbedtls_ecp_restart_is_enabled = mbedtls_ecp_restart_is_enabled, + ._rom_mbedtls_ecp_get_type = mbedtls_ecp_get_type, + ._rom_mbedtls_ecp_curve_list = mbedtls_ecp_curve_list, + ._rom_mbedtls_ecp_grp_id_list = mbedtls_ecp_grp_id_list, + ._rom_mbedtls_ecp_curve_info_from_grp_id = mbedtls_ecp_curve_info_from_grp_id, + ._rom_mbedtls_ecp_curve_info_from_tls_id = mbedtls_ecp_curve_info_from_tls_id, + ._rom_mbedtls_ecp_curve_info_from_name = mbedtls_ecp_curve_info_from_name, + ._rom_mbedtls_ecp_point_init = mbedtls_ecp_point_init, + ._rom_mbedtls_ecp_group_init = mbedtls_ecp_group_init, + ._rom_mbedtls_ecp_keypair_init = mbedtls_ecp_keypair_init, + ._rom_mbedtls_ecp_point_free = mbedtls_ecp_point_free, + ._rom_mbedtls_ecp_group_free = mbedtls_ecp_group_free, + ._rom_mbedtls_ecp_keypair_free = mbedtls_ecp_keypair_free, + ._rom_mbedtls_ecp_restart_init = mbedtls_ecp_restart_init, + ._rom_mbedtls_ecp_restart_free = mbedtls_ecp_restart_free, + ._rom_mbedtls_ecp_copy = mbedtls_ecp_copy, + ._rom_mbedtls_ecp_group_copy = mbedtls_ecp_group_copy, + ._rom_mbedtls_ecp_set_zero = mbedtls_ecp_set_zero, + ._rom_mbedtls_ecp_is_zero = mbedtls_ecp_is_zero, + ._rom_mbedtls_ecp_point_cmp = mbedtls_ecp_point_cmp, + ._rom_mbedtls_ecp_point_read_string = mbedtls_ecp_point_read_string, + ._rom_mbedtls_ecp_point_write_binary = mbedtls_ecp_point_write_binary, + ._rom_mbedtls_ecp_point_read_binary = mbedtls_ecp_point_read_binary, + ._rom_mbedtls_ecp_tls_read_point = mbedtls_ecp_tls_read_point, + ._rom_mbedtls_ecp_tls_write_point = mbedtls_ecp_tls_write_point, + ._rom_mbedtls_ecp_group_load = mbedtls_ecp_group_load, + ._rom_mbedtls_ecp_tls_read_group = mbedtls_ecp_tls_read_group, + ._rom_mbedtls_ecp_tls_read_group_id = mbedtls_ecp_tls_read_group_id, + ._rom_mbedtls_ecp_tls_write_group = mbedtls_ecp_tls_write_group, + ._rom_mbedtls_ecp_mul = mbedtls_ecp_mul, + ._rom_mbedtls_ecp_mul_restartable = mbedtls_ecp_mul_restartable, + ._rom_mbedtls_ecp_muladd = mbedtls_ecp_muladd, + ._rom_mbedtls_ecp_muladd_restartable = mbedtls_ecp_muladd_restartable, + ._rom_mbedtls_ecp_check_pubkey = mbedtls_ecp_check_pubkey, + ._rom_mbedtls_ecp_check_privkey = mbedtls_ecp_check_privkey, + ._rom_mbedtls_ecp_gen_privkey = mbedtls_ecp_gen_privkey, + ._rom_mbedtls_ecp_gen_keypair_base = mbedtls_ecp_gen_keypair_base, + ._rom_mbedtls_ecp_gen_keypair = mbedtls_ecp_gen_keypair, + ._rom_mbedtls_ecp_gen_key = mbedtls_ecp_gen_key, + ._rom_mbedtls_ecp_read_key = mbedtls_ecp_read_key, + ._rom_mbedtls_ecp_write_key_ext = mbedtls_ecp_write_key_ext, + ._rom_mbedtls_ecp_check_pub_priv = mbedtls_ecp_check_pub_priv, + ._rom_mbedtls_ecp_export = mbedtls_ecp_export, + ._rom_mbedtls_asn1_get_enum = mbedtls_asn1_get_enum, + ._rom_mbedtls_asn1_sequence_free = mbedtls_asn1_sequence_free, + ._rom_mbedtls_asn1_traverse_sequence_of = mbedtls_asn1_traverse_sequence_of, + ._rom_mbedtls_asn1_find_named_data = mbedtls_asn1_find_named_data, + ._rom_mbedtls_asn1_free_named_data_list = mbedtls_asn1_free_named_data_list, + ._rom_mbedtls_asn1_free_named_data_list_shallow = mbedtls_asn1_free_named_data_list_shallow, + ._rom_mbedtls_asn1_write_raw_buffer = mbedtls_asn1_write_raw_buffer, + ._rom_mbedtls_asn1_write_null = mbedtls_asn1_write_null, + ._rom_mbedtls_asn1_write_oid = mbedtls_asn1_write_oid, + ._rom_mbedtls_asn1_write_algorithm_identifier = mbedtls_asn1_write_algorithm_identifier, + ._rom_mbedtls_asn1_write_bool = mbedtls_asn1_write_bool, + ._rom_mbedtls_asn1_write_int = mbedtls_asn1_write_int, + ._rom_mbedtls_asn1_write_enum = mbedtls_asn1_write_enum, + ._rom_mbedtls_asn1_write_tagged_string = mbedtls_asn1_write_tagged_string, + ._rom_mbedtls_asn1_write_printable_string = mbedtls_asn1_write_printable_string, + ._rom_mbedtls_asn1_write_utf8_string = mbedtls_asn1_write_utf8_string, + ._rom_mbedtls_asn1_write_ia5_string = mbedtls_asn1_write_ia5_string, + ._rom_mbedtls_asn1_write_bitstring = mbedtls_asn1_write_bitstring, + ._rom_mbedtls_asn1_write_named_bitstring = mbedtls_asn1_write_named_bitstring, + ._rom_mbedtls_asn1_write_octet_string = mbedtls_asn1_write_octet_string, + ._rom_mbedtls_asn1_store_named_data = mbedtls_asn1_store_named_data, + ._rom_mbedtls_ccm_starts = mbedtls_ccm_starts, + ._rom_mbedtls_ccm_set_lengths = mbedtls_ccm_set_lengths, + ._rom_mbedtls_ccm_update_ad = mbedtls_ccm_update_ad, + ._rom_mbedtls_ccm_update = mbedtls_ccm_update, + ._rom_mbedtls_ccm_finish = mbedtls_ccm_finish, + ._rom_mbedtls_cipher_list = mbedtls_cipher_list, + ._rom_mbedtls_cipher_info_from_string = mbedtls_cipher_info_from_string, + ._rom_mbedtls_cipher_info_from_type = mbedtls_cipher_info_from_type, + ._rom_mbedtls_cipher_info_from_values = mbedtls_cipher_info_from_values, + ._rom_mbedtls_cipher_free = mbedtls_cipher_free, + ._rom_mbedtls_cipher_setup = mbedtls_cipher_setup, + ._rom_mbedtls_cipher_setkey = mbedtls_cipher_setkey, + ._rom_mbedtls_cipher_set_iv = mbedtls_cipher_set_iv, + ._rom_mbedtls_cipher_update_ad = mbedtls_cipher_update_ad, + ._rom_mbedtls_cipher_update = mbedtls_cipher_update, + ._rom_mbedtls_cipher_write_tag = mbedtls_cipher_write_tag, + ._rom_mbedtls_cipher_check_tag = mbedtls_cipher_check_tag, + ._rom_mbedtls_cipher_auth_encrypt_ext = mbedtls_cipher_auth_encrypt_ext, + ._rom_mbedtls_cipher_auth_decrypt_ext = mbedtls_cipher_auth_decrypt_ext, + ._rom_mbedtls_cipher_cmac_reset = mbedtls_cipher_cmac_reset, + ._rom_mbedtls_cipher_cmac = mbedtls_cipher_cmac, + ._rom_mbedtls_aes_cmac_prf_128 = mbedtls_aes_cmac_prf_128, + ._rom_mbedtls_ctr_drbg_set_prediction_resistance = mbedtls_ctr_drbg_set_prediction_resistance, + ._rom_mbedtls_ctr_drbg_set_entropy_len = mbedtls_ctr_drbg_set_entropy_len, + ._rom_mbedtls_ctr_drbg_set_nonce_len = mbedtls_ctr_drbg_set_nonce_len, + ._rom_mbedtls_ctr_drbg_set_reseed_interval = mbedtls_ctr_drbg_set_reseed_interval, + ._rom_mbedtls_ctr_drbg_update = mbedtls_ctr_drbg_update, + ._rom_mbedtls_base64_encode = mbedtls_base64_encode, + + /* Fill the SHA hardware functions into mbedtls rom function table */ + ._rom_mbedtls_sha1_update = mbedtls_sha1_update, + ._rom_mbedtls_sha256_update = mbedtls_sha256_update, + + //memory calloc free + ._rom_mbedtls_mem_calloc = MBEDTLS_PLATFORM_STD_CALLOC, + ._rom_mbedtls_mem_free = MBEDTLS_PLATFORM_STD_FREE, +}; + __attribute__((constructor)) void mbedtls_rom_osi_functions_init(void) { - /* Initialize the pointer of mbedtls rom osi function table. */ - extern mbedtls_rom_funcs_t *mbedtls_rom_osi_funcs_ptr; - mbedtls_rom_osi_funcs_ptr = (mbedtls_rom_funcs_t *)&mbedtls_rom_funcs_table; + /* Export the rom mbedtls functions table pointer */ + extern void *mbedtls_rom_osi_funcs_ptr; + + unsigned chip_version = efuse_hal_chip_revision(); + if ( ESP_CHIP_REV_ABOVE(chip_version, 200) ) { + /* Initialize the rom function mbedtls_threading_set_alt on chip rev2.0 with rom eco4 */ + mbedtls_threading_set_alt_t mbedtls_threading_set_alt = (mbedtls_threading_set_alt_t)0x40002c0c; + mbedtls_threading_set_alt(mbedtls_rom_mutex_init, mbedtls_rom_mutex_free, mbedtls_rom_mutex_lock, mbedtls_rom_mutex_unlock); + + /* Initialize the pointer of rom eco4 mbedtls functions table. */ + mbedtls_rom_osi_funcs_ptr = (mbedtls_rom_eco4_funcs_t *)&mbedtls_rom_eco4_funcs_table; + } else { + /* Initialize the pointer of rom mbedtls functions table. */ + mbedtls_rom_osi_funcs_ptr = (mbedtls_rom_funcs_t *)&mbedtls_rom_funcs_table; + } } diff --git a/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.h b/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.h index 42dddc325cfd..1d84d13fde0b 100644 --- a/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.h +++ b/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -23,6 +23,7 @@ #include "mbedtls/entropy.h" #include "mbedtls/hmac_drbg.h" #include "mbedtls/md.h" +#include "mbedtls/md5.h" #include "mbedtls/oid.h" #include "mbedtls/pem.h" #include "mbedtls/pkcs12.h" @@ -48,6 +49,11 @@ typedef struct mbedtls_threading_mutex_t { } mbedtls_threading_mutex_t; #endif +typedef void (*mbedtls_threading_set_alt_t)(void (*mutex_init)(mbedtls_threading_mutex_t *), + void (*mutex_free)(mbedtls_threading_mutex_t *), + int (*mutex_lock)(mbedtls_threading_mutex_t *), + int (*mutex_unlock)(mbedtls_threading_mutex_t *)); + typedef struct mbedtls_rom_funcs { void (*_rom_mbedtls_aes_init)( mbedtls_aes_context *ctx ); int (*_rom_ssl_write_client_hello)( mbedtls_ssl_context *ssl ); @@ -404,6 +410,254 @@ typedef struct mbedtls_rom_funcs { int (*_mbedtls_x509_time_is_future)( const mbedtls_x509_time *from ); } mbedtls_rom_funcs_t; +typedef struct mbedtls_rom_eco4_funcs { + // aes module + void (*_rom_mbedtls_aes_init)(mbedtls_aes_context *ctx); + void (*_rom_mbedtls_aes_free)(mbedtls_aes_context *ctx); + void (*_rom_mbedtls_aes_xts_init)(mbedtls_aes_xts_context *ctx); + void (*_rom_mbedtls_aes_xts_free)(mbedtls_aes_xts_context *ctx); + int (*_rom_mbedtls_aes_setkey_enc)(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits); + int (*_rom_mbedtls_aes_setkey_dec)(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits); + int (*_rom_mbedtls_aes_xts_setkey_enc)(mbedtls_aes_xts_context *ctx, const unsigned char *key, unsigned int keybits); + int (*_rom_mbedtls_aes_xts_setkey_dec)(mbedtls_aes_xts_context *ctx, const unsigned char *key, unsigned int keybits); + int (*_rom_mbedtls_aes_crypt_ecb)(mbedtls_aes_context *ctx, int mode, const unsigned char input[16], unsigned char output[16]); + int (*_rom_mbedtls_aes_crypt_cbc)(mbedtls_aes_context *ctx, int mode, size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output); + int (*_rom_mbedtls_aes_crypt_xts)(mbedtls_aes_xts_context *ctx, int mode, size_t length, const unsigned char data_unit[16], const unsigned char *input, unsigned char *output); + int (*_rom_mbedtls_aes_crypt_cfb128)(mbedtls_aes_context *ctx, int mode, size_t length, size_t *iv_off, unsigned char iv[16], const unsigned char *input, unsigned char *output); + int (*_rom_mbedtls_aes_crypt_ofb)(mbedtls_aes_context *ctx, size_t length, size_t *iv_off, unsigned char iv[16], const unsigned char *input, unsigned char *output); + int (*_rom_mbedtls_aes_crypt_ctr)(mbedtls_aes_context *ctx, size_t length, size_t *nc_off, unsigned char nonce_counter[16], unsigned char stream_block[16], const unsigned char *input, unsigned char *output); + int (*_rom_mbedtls_internal_aes_encrypt)(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]); + int (*_rom_mbedtls_internal_aes_decrypt)(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]); + // md5 module + void (*_rom_mbedtls_md5_init)(mbedtls_md5_context *ctx); + void (*_rom_mbedtls_md5_free)(mbedtls_md5_context *ctx); + void (*_rom_mbedtls_md5_clone)(mbedtls_md5_context *dst, const mbedtls_md5_context *src); + int (*_rom_mbedtls_md5_starts)(mbedtls_md5_context *ctx); + int (*_rom_mbedtls_md5_update)(mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen); + int (*_rom_mbedtls_md5_finish)(mbedtls_md5_context *ctx, unsigned char output[16]); + int (*_rom_mbedtls_md5)(const unsigned char *input, size_t ilen, unsigned char output[16]); + // bignum module + void (*_rom_mbedtls_mpi_init)(mbedtls_mpi *X); + void (*_rom_mbedtls_mpi_free)(mbedtls_mpi *X); + int (*_rom_mbedtls_mpi_grow)(mbedtls_mpi *X, size_t nblimbs); + int (*_rom_mbedtls_mpi_shrink)(mbedtls_mpi *X, size_t nblimbs); + int (*_rom_mbedtls_mpi_copy)(mbedtls_mpi *X, const mbedtls_mpi *Y); + int (*_rom_mbedtls_mpi_safe_cond_assign)(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign); + int (*_rom_mbedtls_mpi_safe_cond_swap)(mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap); + int (*_rom_mbedtls_mpi_lset)(mbedtls_mpi *X, mbedtls_mpi_sint z); + int (*_rom_mbedtls_mpi_get_bit)(const mbedtls_mpi *X, size_t pos); + int (*_rom_mbedtls_mpi_set_bit)(mbedtls_mpi *X, size_t pos, unsigned char val); + size_t (*_rom_mbedtls_mpi_lsb)(const mbedtls_mpi *X); + size_t (*_rom_mbedtls_mpi_bitlen)(const mbedtls_mpi *X); + size_t (*_rom_mbedtls_mpi_size)(const mbedtls_mpi *X); + int (*_rom_mbedtls_mpi_read_binary)(mbedtls_mpi *X, const unsigned char *buf, size_t buflen); + int (*_rom_mbedtls_mpi_write_binary)(const mbedtls_mpi *X, unsigned char *buf, size_t buflen); + int (*_rom_mbedtls_mpi_shift_l)(mbedtls_mpi *X, size_t count); + int (*_rom_mbedtls_mpi_shift_r)(mbedtls_mpi *X, size_t count); + int (*_rom_mbedtls_mpi_cmp_abs)(const mbedtls_mpi *X, const mbedtls_mpi *Y); + int (*_rom_mbedtls_mpi_cmp_mpi)(const mbedtls_mpi *X, const mbedtls_mpi *Y); + int (*_rom_mbedtls_mpi_lt_mpi_ct)(const mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned *ret); + int (*_rom_mbedtls_mpi_cmp_int)(const mbedtls_mpi *X, mbedtls_mpi_sint z); + int (*_rom_mbedtls_mpi_add_abs)(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B); + int (*_rom_mbedtls_mpi_sub_abs)(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B); + int (*_rom_mbedtls_mpi_add_mpi)(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B); + int (*_rom_mbedtls_mpi_sub_mpi)(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B); + int (*_rom_mbedtls_mpi_add_int)(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b); + int (*_rom_mbedtls_mpi_sub_int)(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b); + int (*_rom_mbedtls_mpi_mul_mpi)(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B); + int (*_rom_mbedtls_mpi_mul_int)(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b); + int (*_rom_mbedtls_mpi_div_mpi)(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B); + int (*_rom_mbedtls_mpi_div_int)(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_sint b); + int (*_rom_mbedtls_mpi_mod_mpi)(mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B); + int (*_rom_mbedtls_mpi_mod_int)(mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b); + int (*_rom_mbedtls_mpi_exp_mod)(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *prec_RR); + int (*_rom_mbedtls_mpi_fill_random)(mbedtls_mpi *X, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + int (*_rom_mbedtls_mpi_gcd)(mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B); + int (*_rom_mbedtls_mpi_inv_mod)(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N); + int (*_rom_mbedtls_mpi_is_prime_ext)(const mbedtls_mpi *X, int rounds, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + // sha1 sha256 sha512 module + void (*_rom_mbedtls_sha1_init)(mbedtls_sha1_context *ctx); + void (*_rom_mbedtls_sha1_free)(mbedtls_sha1_context *ctx); + void (*_rom_mbedtls_sha1_clone)(mbedtls_sha1_context *dst, const mbedtls_sha1_context *src); + int (*_rom_mbedtls_sha1_starts)(mbedtls_sha1_context *ctx); + int (*_rom_mbedtls_sha1_finish)(mbedtls_sha1_context *ctx, unsigned char output[20]); + int (*_rom_mbedtls_sha1)(const unsigned char *input, size_t ilen, unsigned char output[20]); + void (*_rom_mbedtls_sha256_init)(mbedtls_sha256_context *ctx); + void (*_rom_mbedtls_sha256_free)(mbedtls_sha256_context *ctx); + void (*_rom_mbedtls_sha256_clone)(mbedtls_sha256_context *dst, const mbedtls_sha256_context *src); + int (*_rom_mbedtls_sha256_starts)(mbedtls_sha256_context *ctx, int is224); + int (*_rom_mbedtls_sha256_finish)(mbedtls_sha256_context *ctx, unsigned char *output); + int (*_rom_mbedtls_sha256)(const unsigned char *input, size_t ilen, unsigned char *output, int is224); + void (*_rom_mbedtls_sha512_init)(mbedtls_sha512_context *ctx); + void (*_rom_mbedtls_sha512_free)(mbedtls_sha512_context *ctx); + void (*_rom_mbedtls_sha512_clone)(mbedtls_sha512_context *dst, const mbedtls_sha512_context *src); + int (*_rom_mbedtls_sha512_starts)(mbedtls_sha512_context *ctx, int is384); + int (*_rom_mbedtls_sha512_update)(mbedtls_sha512_context *ctx, const unsigned char *input, size_t ilen); + int (*_rom_mbedtls_sha512_finish)(mbedtls_sha512_context *ctx, unsigned char *output); + int (*_rom_mbedtls_sha512)(const unsigned char *input, size_t ilen, unsigned char *output, int is384); + // ecp module + // asn1 module + int (*_rom_mbedtls_asn1_get_len)(unsigned char **p, const unsigned char *end, size_t *len); + int (*_rom_mbedtls_asn1_get_tag)(unsigned char **p, const unsigned char *end, size_t *len, int tag); + int (*_rom_mbedtls_asn1_get_bool)(unsigned char **p, const unsigned char *end, int *val); + int (*_rom_mbedtls_asn1_get_int)(unsigned char **p, const unsigned char *end, int *val); + int (*_rom_mbedtls_asn1_get_bitstring)(unsigned char **p, const unsigned char *end, mbedtls_asn1_bitstring *bs); + int (*_rom_mbedtls_asn1_get_bitstring_null)(unsigned char **p, const unsigned char *end, size_t *len); + int (*_rom_mbedtls_asn1_get_sequence_of)(unsigned char **p, const unsigned char *end, mbedtls_asn1_sequence *cur, int tag); + int (*_rom_mbedtls_asn1_get_mpi)(unsigned char **p, const unsigned char *end, mbedtls_mpi *X); + int (*_rom_mbedtls_asn1_get_alg)(unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params); + int (*_rom_mbedtls_asn1_get_alg_null)(unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *alg); + // asn1write module + int (*_rom_mbedtls_asn1_write_len)(unsigned char **p, const unsigned char *start, size_t len); + int (*_rom_mbedtls_asn1_write_tag)(unsigned char **p, const unsigned char *start, unsigned char tag); + int (*_rom_mbedtls_asn1_write_mpi)(unsigned char **p, const unsigned char *start, const mbedtls_mpi *X); + // ccm module + void (*_rom_mbedtls_ccm_init)(mbedtls_ccm_context *ctx); + int (*_rom_mbedtls_ccm_setkey)(mbedtls_ccm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key, unsigned int keybits); + void (*_rom_mbedtls_ccm_free)(mbedtls_ccm_context *ctx); + int (*_rom_mbedtls_ccm_encrypt_and_tag)(mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len); + int (*_rom_mbedtls_ccm_star_encrypt_and_tag)(mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len); + int (*_rom_mbedtls_ccm_auth_decrypt)(mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len); + int (*_rom_mbedtls_ccm_star_auth_decrypt)(mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len); + // cipher module + void (*_rom_mbedtls_cipher_init)(mbedtls_cipher_context_t *ctx); + int (*_rom_mbedtls_cipher_set_padding_mode)(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode); + int (*_rom_mbedtls_cipher_reset)(mbedtls_cipher_context_t *ctx); + int (*_rom_mbedtls_cipher_finish)(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen); + int (*_rom_mbedtls_cipher_crypt)(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen); + int (*_rom_mbedtls_cipher_cmac_starts)(mbedtls_cipher_context_t *ctx, const unsigned char *key, size_t keybits); + int (*_rom_mbedtls_cipher_cmac_update)(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen); + int (*_rom_mbedtls_cipher_cmac_finish)(mbedtls_cipher_context_t *ctx, unsigned char *output); + // ctr drbg module + void (*_rom_mbedtls_ctr_drbg_init)(mbedtls_ctr_drbg_context *ctx); + int (*_rom_mbedtls_ctr_drbg_seed)(mbedtls_ctr_drbg_context *ctx, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len); + void (*_rom_mbedtls_ctr_drbg_free)(mbedtls_ctr_drbg_context *ctx); + int (*_rom_mbedtls_ctr_drbg_reseed)(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len); + int (*_rom_mbedtls_ctr_drbg_random_with_add)(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len); + int (*_rom_mbedtls_ctr_drbg_random)(void *p_rng, unsigned char *output, size_t output_len); + // base64 module + int (*_rom_mbedtls_base64_decode)(unsigned char *dst, size_t dlen, size_t *olen, const unsigned char *src, size_t slen); + //*******************************************************************************************************************************************************************// + // aes module + int (*_rom_mbedtls_aes_crypt_cfb8)(mbedtls_aes_context *ctx, int mode, size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output); + // md5 module + // bignum module + void (*_rom_mbedtls_mpi_swap)(mbedtls_mpi *X, mbedtls_mpi *Y); + int (*_rom_mbedtls_mpi_read_string)(mbedtls_mpi *X, int radix, const char *s); + int (*_rom_mbedtls_mpi_write_string)(const mbedtls_mpi *X, int radix, char *buf, size_t buflen, size_t *olen); + int (*_rom_mbedtls_mpi_read_binary_le)(mbedtls_mpi *X, const unsigned char *buf, size_t buflen); + int (*_rom_mbedtls_mpi_write_binary_le)(const mbedtls_mpi *X, unsigned char *buf, size_t buflen); + int (*_rom_mbedtls_mpi_random)(mbedtls_mpi *X, mbedtls_mpi_sint min, const mbedtls_mpi *N, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + int (*_rom_mbedtls_mpi_gen_prime)(mbedtls_mpi *X, size_t nbits, int flags, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + // ecp module + int (*_rom_mbedtls_ecp_check_budget)(const mbedtls_ecp_group *grp, mbedtls_ecp_restart_ctx *rs_ctx, unsigned ops); + void (*_rom_mbedtls_ecp_set_max_ops)(unsigned max_ops); + int (*_rom_mbedtls_ecp_restart_is_enabled)(void); + mbedtls_ecp_curve_type (*_rom_mbedtls_ecp_get_type)(const mbedtls_ecp_group *grp); + const mbedtls_ecp_curve_info *(*_rom_mbedtls_ecp_curve_list)(void); + const mbedtls_ecp_group_id *(*_rom_mbedtls_ecp_grp_id_list)(void); + const mbedtls_ecp_curve_info *(*_rom_mbedtls_ecp_curve_info_from_grp_id)(mbedtls_ecp_group_id grp_id); + const mbedtls_ecp_curve_info *(*_rom_mbedtls_ecp_curve_info_from_tls_id)(uint16_t tls_id); + const mbedtls_ecp_curve_info *(*_rom_mbedtls_ecp_curve_info_from_name)(const char *name); + void (*_rom_mbedtls_ecp_point_init)(mbedtls_ecp_point *pt); + void (*_rom_mbedtls_ecp_group_init)(mbedtls_ecp_group *grp); + void (*_rom_mbedtls_ecp_keypair_init)(mbedtls_ecp_keypair *key); + void (*_rom_mbedtls_ecp_point_free)(mbedtls_ecp_point *pt); + void (*_rom_mbedtls_ecp_group_free)(mbedtls_ecp_group *grp); + void (*_rom_mbedtls_ecp_keypair_free)(mbedtls_ecp_keypair *key); + void (*_rom_mbedtls_ecp_restart_init)(mbedtls_ecp_restart_ctx *ctx); + void (*_rom_mbedtls_ecp_restart_free)(mbedtls_ecp_restart_ctx *ctx); + int (*_rom_mbedtls_ecp_copy)(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q); + int (*_rom_mbedtls_ecp_group_copy)(mbedtls_ecp_group *dst, const mbedtls_ecp_group *src); + int (*_rom_mbedtls_ecp_set_zero)(mbedtls_ecp_point *pt); + int (*_rom_mbedtls_ecp_is_zero)(mbedtls_ecp_point *pt); + int (*_rom_mbedtls_ecp_point_cmp)(const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q); + int (*_rom_mbedtls_ecp_point_read_string)(mbedtls_ecp_point *P, int radix, const char *x, const char *y); + int (*_rom_mbedtls_ecp_point_write_binary)(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, int format, size_t *olen, unsigned char *buf, size_t buflen); + int (*_rom_mbedtls_ecp_point_read_binary)(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, const unsigned char *buf, size_t ilen); + int (*_rom_mbedtls_ecp_tls_read_point)(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, const unsigned char **buf, size_t len); + int (*_rom_mbedtls_ecp_tls_write_point)(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, int format, size_t *olen, unsigned char *buf, size_t blen); + int (*_rom_mbedtls_ecp_group_load)(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id); + int (*_rom_mbedtls_ecp_tls_read_group)(mbedtls_ecp_group *grp, const unsigned char **buf, size_t len); + int (*_rom_mbedtls_ecp_tls_read_group_id)(mbedtls_ecp_group_id *grp, const unsigned char **buf, size_t len); + int (*_rom_mbedtls_ecp_tls_write_group)(const mbedtls_ecp_group *grp, size_t *olen, unsigned char *buf, size_t blen); + int (*_rom_mbedtls_ecp_mul)(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + int (*_rom_mbedtls_ecp_mul_restartable)(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx); + int (*_rom_mbedtls_ecp_muladd)(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *n, const mbedtls_ecp_point *Q); + int (*_rom_mbedtls_ecp_muladd_restartable)( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *n, const mbedtls_ecp_point *Q, mbedtls_ecp_restart_ctx *rs_ctx); + int (*_rom_mbedtls_ecp_check_pubkey)(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt); + int (*_rom_mbedtls_ecp_check_privkey)(const mbedtls_ecp_group *grp, const mbedtls_mpi *d); + int (*_rom_mbedtls_ecp_gen_privkey)(const mbedtls_ecp_group *grp, mbedtls_mpi *d, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + int (*_rom_mbedtls_ecp_gen_keypair_base)(mbedtls_ecp_group *grp, const mbedtls_ecp_point *G, mbedtls_mpi *d, mbedtls_ecp_point *Q, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + int (*_rom_mbedtls_ecp_gen_keypair)(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + int (*_rom_mbedtls_ecp_gen_key)(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + int (*_rom_mbedtls_ecp_read_key)(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, const unsigned char *buf, size_t buflen); + int (*_rom_mbedtls_ecp_write_key_ext)(const mbedtls_ecp_keypair *key, size_t *olen, unsigned char *buf, size_t buflen); + int (*_rom_mbedtls_ecp_check_pub_priv)( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + int (*_rom_mbedtls_ecp_export)(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q); + // asn1 module + int (*_rom_mbedtls_asn1_get_enum)(unsigned char **p, const unsigned char *end, int *val); + void (*_rom_mbedtls_asn1_sequence_free)(mbedtls_asn1_sequence *seq); + int (*_rom_mbedtls_asn1_traverse_sequence_of)( unsigned char **p, const unsigned char *end, unsigned char tag_must_mask, unsigned char tag_must_val, unsigned char tag_may_mask, unsigned char tag_may_val, int (*cb)(void *ctx, int tag, unsigned char *start, size_t len), void *ctx); + const mbedtls_asn1_named_data *(*_rom_mbedtls_asn1_find_named_data)(const mbedtls_asn1_named_data *list, const char *oid, size_t len); + void (*_rom_mbedtls_asn1_free_named_data_list)(mbedtls_asn1_named_data **head); + void (*_rom_mbedtls_asn1_free_named_data_list_shallow)(mbedtls_asn1_named_data *name); + // asn1write module + int (*_rom_mbedtls_asn1_write_raw_buffer)(unsigned char **p, const unsigned char *start, const unsigned char *buf, size_t size); + int (*_rom_mbedtls_asn1_write_null)(unsigned char **p, const unsigned char *start); + int (*_rom_mbedtls_asn1_write_oid)(unsigned char **p, const unsigned char *start, const char *oid, size_t oid_len); + int (*_rom_mbedtls_asn1_write_algorithm_identifier)(unsigned char **p, const unsigned char *start, const char *oid, size_t oid_len, size_t par_len); + int (*_rom_mbedtls_asn1_write_bool)(unsigned char **p, const unsigned char *start, int boolean); + int (*_rom_mbedtls_asn1_write_int)(unsigned char **p, const unsigned char *start, int val); + int (*_rom_mbedtls_asn1_write_enum)(unsigned char **p, const unsigned char *start, int val); + int (*_rom_mbedtls_asn1_write_tagged_string)(unsigned char **p, const unsigned char *start, int tag, const char *text, size_t text_len); + int (*_rom_mbedtls_asn1_write_printable_string)(unsigned char **p, const unsigned char *start, const char *text, size_t text_len); + int (*_rom_mbedtls_asn1_write_utf8_string)(unsigned char **p, const unsigned char *start, const char *text, size_t text_len); + int (*_rom_mbedtls_asn1_write_ia5_string)(unsigned char **p, const unsigned char *start, const char *text, size_t text_len); + int (*_rom_mbedtls_asn1_write_bitstring)(unsigned char **p, const unsigned char *start, const unsigned char *buf, size_t bits); + int (*_rom_mbedtls_asn1_write_named_bitstring)(unsigned char **p, const unsigned char *start, const unsigned char *buf, size_t bits); + int (*_rom_mbedtls_asn1_write_octet_string)(unsigned char **p, const unsigned char *start, const unsigned char *buf, size_t size); + mbedtls_asn1_named_data *(*_rom_mbedtls_asn1_store_named_data)(mbedtls_asn1_named_data **list, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len); + // ccm module + int (*_rom_mbedtls_ccm_starts)(mbedtls_ccm_context *ctx, int mode, const unsigned char *iv, size_t iv_len); + int (*_rom_mbedtls_ccm_set_lengths)(mbedtls_ccm_context *ctx, size_t total_ad_len, size_t plaintext_len, size_t tag_len); + int (*_rom_mbedtls_ccm_update_ad)(mbedtls_ccm_context *ctx, const unsigned char *ad, size_t ad_len); + int (*_rom_mbedtls_ccm_update)(mbedtls_ccm_context *ctx, const unsigned char *input, size_t input_len, unsigned char *output, size_t output_size, size_t *output_len); + int (*_rom_mbedtls_ccm_finish)(mbedtls_ccm_context *ctx, unsigned char *tag, size_t tag_len); + // cipher module + const int *(*_rom_mbedtls_cipher_list)(void); + const mbedtls_cipher_info_t *(*_rom_mbedtls_cipher_info_from_string)(const char *cipher_name); + const mbedtls_cipher_info_t *(*_rom_mbedtls_cipher_info_from_type)(const mbedtls_cipher_type_t cipher_type); + const mbedtls_cipher_info_t *(*_rom_mbedtls_cipher_info_from_values)(const mbedtls_cipher_id_t cipher_id, int key_bitlen, const mbedtls_cipher_mode_t mode); + void (*_rom_mbedtls_cipher_free)(mbedtls_cipher_context_t *ctx); + int (*_rom_mbedtls_cipher_setup)(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info); + int (*_rom_mbedtls_cipher_setkey)(mbedtls_cipher_context_t *ctx, const unsigned char *key, int key_bitlen, const mbedtls_operation_t operation); + int (*_rom_mbedtls_cipher_set_iv)(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len); + int (*_rom_mbedtls_cipher_update_ad)(mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len); + int (*_rom_mbedtls_cipher_update)(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen); + int (*_rom_mbedtls_cipher_write_tag)(mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len); + int (*_rom_mbedtls_cipher_check_tag)(mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len); + int (*_rom_mbedtls_cipher_auth_encrypt_ext)(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len); + int (*_rom_mbedtls_cipher_auth_decrypt_ext)(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len); + int (*_rom_mbedtls_cipher_cmac_reset)(mbedtls_cipher_context_t *ctx); + int (*_rom_mbedtls_cipher_cmac)(const mbedtls_cipher_info_t *cipher_info, const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char *output); + int (*_rom_mbedtls_aes_cmac_prf_128)(const unsigned char *key, size_t key_len, const unsigned char *input, size_t in_len, unsigned char output[16]); + // ctr drbg module + void (*_rom_mbedtls_ctr_drbg_set_prediction_resistance)(mbedtls_ctr_drbg_context *ctx, int resistance); + void (*_rom_mbedtls_ctr_drbg_set_entropy_len)(mbedtls_ctr_drbg_context *ctx, size_t len); + int (*_rom_mbedtls_ctr_drbg_set_nonce_len)(mbedtls_ctr_drbg_context *ctx, size_t len); + void (*_rom_mbedtls_ctr_drbg_set_reseed_interval)(mbedtls_ctr_drbg_context *ctx, int interval); + int (*_rom_mbedtls_ctr_drbg_update)(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len); + // base64 module + int (*_rom_mbedtls_base64_encode)(unsigned char *dst, size_t dlen, size_t *olen, const unsigned char *src, size_t slen); + // sha1 sha256 sha512 module + int (*_rom_mbedtls_sha1_update)(mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen); + int (*_rom_mbedtls_sha256_update)(mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen); + // memory calloc free + void *(*_rom_mbedtls_mem_calloc)(size_t n, size_t size); + void (*_rom_mbedtls_mem_free)(void *ptr); +} mbedtls_rom_eco4_funcs_t; + #define STRUCT_OFFSET_CHECK(x, y, z) _Static_assert((offsetof(x,y)==(z)), "The variables type of "#x" before "#y" should be "#z) #define STRUCT_SIZE_CHECK(x, y) _Static_assert((sizeof(x)==(y)), "The sizeof "#x" should be "#y) @@ -420,6 +674,10 @@ typedef struct mbedtls_rom_funcs { STRUCT_OFFSET_CHECK(mbedtls_sha1_context, total, 0); STRUCT_OFFSET_CHECK(mbedtls_sha1_context, state, 8); STRUCT_OFFSET_CHECK(mbedtls_sha1_context, buffer, 28); +STRUCT_OFFSET_CHECK(mbedtls_sha1_context, first_block, 92); +STRUCT_OFFSET_CHECK(mbedtls_sha1_context, mode, 96); +STRUCT_OFFSET_CHECK(mbedtls_sha1_context, sha_state, 100); +STRUCT_SIZE_CHECK(mbedtls_sha1_context, 104); #if (!defined(MBEDTLS_SHA1_C)) || \ (!defined(MBEDTLS_SHA1_ALT)) || \ (defined(MBEDTLS_SHA1_PROCESS_ALT)) From 9e618fffcb9dcc45411833f75f8b8f3c1318b9c3 Mon Sep 17 00:00:00 2001 From: Jiang Guang Ming Date: Tue, 10 Sep 2024 09:52:25 +0800 Subject: [PATCH 5/6] feat(mbedtls): select MBEDTLS_CMAC_C when MBEDTLS_USE_CRYPTO_ROM_IMPL enabled --- components/mbedtls/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig index 5af7205645b5..cc25f8008603 100644 --- a/components/mbedtls/Kconfig +++ b/components/mbedtls/Kconfig @@ -1126,6 +1126,7 @@ menu "mbedTLS" select MBEDTLS_SHA512_C select MBEDTLS_AES_C select MBEDTLS_CCM_C + select MBEDTLS_CMAC_C select MBEDTLS_ROM_MD5 select MBEDTLS_HARDWARE_SHA select MBEDTLS_ECP_RESTARTABLE From 5a3c22dc2b7773b7daec54f4dcfd223572ef4945 Mon Sep 17 00:00:00 2001 From: Jiang Guang Ming Date: Wed, 4 Sep 2024 20:27:58 +0800 Subject: [PATCH 6/6] feat(mbedtls): support rom mbedtls threading layer --- components/mbedtls/CMakeLists.txt | 9 ++++ components/mbedtls/Kconfig | 1 + .../port/mbedtls_rom/mbedtls_rom_osi.c | 47 ++++++++++++++----- .../port/mbedtls_rom/mbedtls_rom_osi.h | 6 +-- .../mbedtls/port/mbedtls_rom/threading_alt.h | 22 +++++++++ 5 files changed, 69 insertions(+), 16 deletions(-) create mode 100644 components/mbedtls/port/mbedtls_rom/threading_alt.h diff --git a/components/mbedtls/CMakeLists.txt b/components/mbedtls/CMakeLists.txt index ad0ca7151dab..35af45851c4d 100644 --- a/components/mbedtls/CMakeLists.txt +++ b/components/mbedtls/CMakeLists.txt @@ -12,6 +12,10 @@ endif() set(mbedtls_srcs "") set(mbedtls_include_dirs "port/include" "mbedtls/include" "mbedtls/library") +if(CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL) + list(APPEND mbedtls_include_dirs "port/mbedtls_rom") +endif() + if(CONFIG_MBEDTLS_CERTIFICATE_BUNDLE) list(APPEND mbedtls_srcs "esp_crt_bundle/esp_crt_bundle.c") list(APPEND mbedtls_include_dirs "esp_crt_bundle/include") @@ -94,6 +98,11 @@ set(Python3_EXECUTABLE ${python}) # Needed to for include_next includes to work from within mbedtls include_directories("${COMPONENT_DIR}/port/include") +# Needed to for mbedtls_rom includes to work from within mbedtls +if(CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL) + include_directories("${COMPONENT_DIR}/port/mbedtls_rom") +endif() + # Import mbedtls library targets add_subdirectory(mbedtls) diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig index cc25f8008603..e3cef396d098 100644 --- a/components/mbedtls/Kconfig +++ b/components/mbedtls/Kconfig @@ -1130,6 +1130,7 @@ menu "mbedTLS" select MBEDTLS_ROM_MD5 select MBEDTLS_HARDWARE_SHA select MBEDTLS_ECP_RESTARTABLE + select MBEDTLS_THREADING_C help Enable this flag to use mbedtls crypto algorithm from ROM instead of ESP-IDF. diff --git a/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.c b/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.c index b02e098b3b98..d29d03e966d3 100644 --- a/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.c +++ b/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.c @@ -19,9 +19,13 @@ void mbedtls_rom_osi_functions_init(void); static void mbedtls_rom_mutex_init( mbedtls_threading_mutex_t *mutex ) { -#if (!defined(CONFIG_MBEDTLS_THREADING_C)) - ((void) mutex); - return; + if (mutex == NULL) { + return; + } + +#if defined(MBEDTLS_THREADING_ALT) + mutex->mutex = xSemaphoreCreateMutex(); + assert(mutex->mutex != NULL); #else mbedtls_mutex_init(mutex); #endif @@ -29,9 +33,12 @@ static void mbedtls_rom_mutex_init( mbedtls_threading_mutex_t *mutex ) static void mbedtls_rom_mutex_free( mbedtls_threading_mutex_t *mutex ) { -#if (!defined(CONFIG_MBEDTLS_THREADING_C)) - ((void) mutex); - return; + if (mutex == NULL) { + return; + } + +#if defined(MBEDTLS_THREADING_ALT) + vSemaphoreDelete(mutex->mutex); #else mbedtls_mutex_free(mutex); #endif @@ -39,8 +46,14 @@ static void mbedtls_rom_mutex_free( mbedtls_threading_mutex_t *mutex ) static int mbedtls_rom_mutex_lock( mbedtls_threading_mutex_t *mutex ) { -#if (!defined(CONFIG_MBEDTLS_THREADING_C)) - ((void) mutex); + if (mutex == NULL) { + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; + } + +#if defined(MBEDTLS_THREADING_ALT) + if (xSemaphoreTake(mutex->mutex, portMAX_DELAY) != pdTRUE) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } return 0; #else return mbedtls_mutex_lock(mutex); @@ -49,8 +62,14 @@ static int mbedtls_rom_mutex_lock( mbedtls_threading_mutex_t *mutex ) static int mbedtls_rom_mutex_unlock( mbedtls_threading_mutex_t *mutex ) { -#if (!defined(CONFIG_MBEDTLS_THREADING_C)) - ((void) mutex); + if (mutex == NULL) { + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; + } + +#if defined(MBEDTLS_THREADING_ALT) + if (xSemaphoreGive(mutex->mutex) != pdTRUE) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } return 0; #else return mbedtls_mutex_unlock(mutex); @@ -430,11 +449,15 @@ __attribute__((constructor)) void mbedtls_rom_osi_functions_init(void) /* Export the rom mbedtls functions table pointer */ extern void *mbedtls_rom_osi_funcs_ptr; +#if defined(MBEDTLS_THREADING_ALT) + mbedtls_threading_set_alt(mbedtls_rom_mutex_init, mbedtls_rom_mutex_free, mbedtls_rom_mutex_lock, mbedtls_rom_mutex_unlock); +#endif + unsigned chip_version = efuse_hal_chip_revision(); if ( ESP_CHIP_REV_ABOVE(chip_version, 200) ) { /* Initialize the rom function mbedtls_threading_set_alt on chip rev2.0 with rom eco4 */ - mbedtls_threading_set_alt_t mbedtls_threading_set_alt = (mbedtls_threading_set_alt_t)0x40002c0c; - mbedtls_threading_set_alt(mbedtls_rom_mutex_init, mbedtls_rom_mutex_free, mbedtls_rom_mutex_lock, mbedtls_rom_mutex_unlock); + _rom_mbedtls_threading_set_alt_t rom_mbedtls_threading_set_alt = (_rom_mbedtls_threading_set_alt_t)0x40002c0c; + rom_mbedtls_threading_set_alt(mbedtls_rom_mutex_init, mbedtls_rom_mutex_free, mbedtls_rom_mutex_lock, mbedtls_rom_mutex_unlock); /* Initialize the pointer of rom eco4 mbedtls functions table. */ mbedtls_rom_osi_funcs_ptr = (mbedtls_rom_eco4_funcs_t *)&mbedtls_rom_eco4_funcs_table; diff --git a/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.h b/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.h index 1d84d13fde0b..b612adfa5579 100644 --- a/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.h +++ b/components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.h @@ -44,12 +44,10 @@ extern "C" { #endif #if (!defined(CONFIG_MBEDTLS_THREADING_C)) -typedef struct mbedtls_threading_mutex_t { - int dummy; -} mbedtls_threading_mutex_t; +#error CONFIG_MBEDTLS_THREADING_C #endif -typedef void (*mbedtls_threading_set_alt_t)(void (*mutex_init)(mbedtls_threading_mutex_t *), +typedef void (*_rom_mbedtls_threading_set_alt_t)(void (*mutex_init)(mbedtls_threading_mutex_t *), void (*mutex_free)(mbedtls_threading_mutex_t *), int (*mutex_lock)(mbedtls_threading_mutex_t *), int (*mutex_unlock)(mbedtls_threading_mutex_t *)); diff --git a/components/mbedtls/port/mbedtls_rom/threading_alt.h b/components/mbedtls/port/mbedtls_rom/threading_alt.h new file mode 100644 index 000000000000..6dc3349da1ee --- /dev/null +++ b/components/mbedtls/port/mbedtls_rom/threading_alt.h @@ -0,0 +1,22 @@ +/* + * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ +#pragma once + +#include "freertos/FreeRTOS.h" +#include "freertos/semphr.h" + +typedef struct mbedtls_threading_mutex_t { + SemaphoreHandle_t mutex; + /* is_valid is 0 after a failed init or a free, and nonzero after a + * successful init. This field is not considered part of the public + * API of Mbed TLS and may change without notice. */ + char is_valid; +} mbedtls_threading_mutex_t; + +extern void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *), + void (*mutex_free)(mbedtls_threading_mutex_t *), + int (*mutex_lock)(mbedtls_threading_mutex_t *), + int (*mutex_unlock)(mbedtls_threading_mutex_t *));