luna - wolfssl/wolfcrypt/src/port/maxim/maxq10xx.c

   1/* maxq10xx.c
   2 *
   3 * Copyright (C) 2006-2026 wolfSSL Inc.
   4 *
   5 * This file is part of wolfSSL.
   6 *
   7 * wolfSSL is free software; you can redistribute it and/or modify
   8 * it under the terms of the GNU General Public License as published by
   9 * the Free Software Foundation; either version 3 of the License, or
  10 * (at your option) any later version.
  11 *
  12 * wolfSSL is distributed in the hope that it will be useful,
  13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15 * GNU General Public License for more details.
  16 *
  17 * You should have received a copy of the GNU General Public License
  18 * along with this program; if not, write to the Free Software
  19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20 */
  21
  22#ifdef HAVE_CONFIG_H
  23    #include <config.h>
  24#endif
  25
  26#include <wolfssl/wolfcrypt/types.h>
  27
  28#if defined(WOLFSSL_MAXQ1065) ||  defined(WOLFSSL_MAXQ108X)
  29
  30#include <wolfssl/wolfcrypt/port/maxim/maxq10xx.h>
  31
  32#ifdef NO_INLINE
  33    #include <wolfssl/wolfcrypt/misc.h>
  34#else
  35    #define WOLFSSL_MISC_INCLUDED
  36    #include <wolfcrypt/src/misc.c>
  37#endif
  38
  39#include <stdint.h>
  40#include <wolfssl/internal.h>
  41#include <wolfssl/wolfcrypt/cryptocb.h>
  42#include <wolfssl/wolfcrypt/error-crypt.h>
  43#include <wolfssl/wolfcrypt/logging.h>
  44#ifdef USS_API
  45#include <MXQ_API.h>
  46#else
  47#include <wolfssl/wolfcrypt/port/maxim/MXQ_API.h>
  48#endif
  49
  50#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
  51    /* FIPS build has replaced ecc.h. */
  52    #define wc_ecc_key_get_priv(key) (&((key)->k))
  53    #define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
  54#endif
  55
  56#ifdef MAXQ_DEBUG
  57void dbg_dumphex(const char *identifier, const uint8_t* pdata, uint32_t plen);
  58#else
  59#define dbg_dumphex(identifier, pdata, plen) WC_DO_NOTHING
  60#endif /* MAXQ_DEBUG */
  61
  62#if defined(USE_WINDOWS_API)
  63# define maxq_CryptHwMutexTryLock() 0
  64#endif
  65
  66#define AES_KEY_ID_START      (0x2000)
  67#define AES_KEY_ID_MAX_NUM    (32)
  68#define ECC_KEY_ID_START      (AES_KEY_ID_START + AES_KEY_ID_MAX_NUM)
  69#define ECC_KEY_ID_MAX_NUM    (32)
  70
  71#define TEMP_KEY_ID_START     (0)
  72#if defined(WOLFSSL_MAXQ108X)
  73#define TEMP_KEY_ID_MAX_NUM   (16)
  74#else
  75#define TEMP_KEY_ID_MAX_NUM   (2)
  76#endif
  77
  78#define PUBKEY_IMPORT_OBJID    0x1000
  79
  80#if defined (TEST_SETUP)
  81#define ROOT_CA_CERT_OBJ_ID    0x1006
  82#define DEVICE_CERT_OBJ_ID     0x1005
  83#define DEVICE_KEY_PAIR_OBJ_ID 0x1007
  84#else
  85#define ROOT_CA_CERT_OBJ_ID    0x1003
  86#define DEVICE_CERT_OBJ_ID     0x1002
  87#define DEVICE_KEY_PAIR_OBJ_ID 0x1004
  88#endif
  89
  90#define PSK_OBJ_ID             0x1236
  91#define K_CHUNKSIZE            2032
  92#define K_CIPHER_BLOCKSIZE     16
  93#define ECC256_KEYSIZE         32
  94#define MAX_HASH_CHUNKSIZE     2000
  95#define MAX_CERT_DATASIZE      2048
  96#define MAX_KEY_DATASIZE       256
  97#define MAX_SIGNKEY_DATASIZE   96
  98#define MAX_SIG_DATASIZE       64
  99#define ECC_KEYCOMPLEN         32
 100#define ESTABLISH_OUT_MAX      128
 101#define FIXED_INFO_LEN         32
 102#define FIXED_INFO_VALUE       0xaa
 103#ifdef WOLFSSL_MAXQ108X
 104
 105#define PSK_KID (0x1235)
 106static unsigned char tls13active          =  0;
 107static unsigned char tls13early           =  0;
 108
 109static int tls13_dh_obj_id                = -1;
 110static int tls13_ecc_obj_id               = -1;
 111static int tls13_hs_early_secret_obj_id   = -1;
 112static int tls13_binder_key_obj_id        = -1;
 113static int tls13_shared_secret_obj_id     = -1;
 114static int tls13_early_secret_obj_id      = -1;
 115static int tls13_derived_secret_obj_id    = -1;
 116static int tls13_handshake_secret_obj_id  = -1;
 117static int tls13_master_secret_obj_id     = -1;
 118static int tls13_client_secret_obj_id     = -1;
 119static int tls13_server_secret_obj_id     = -1;
 120static int tls13_client_hs_key_obj_id     = -1;
 121static int tls13_server_hs_key_obj_id     = -1;
 122static int tls13_client_app_key_obj_id    = -1;
 123static int tls13_server_app_key_obj_id    = -1;
 124static int tls13_server_finish_obj_id     = -1;
 125static int tls13_client_finish_obj_id     = -1;
 126static int *tls13_server_key_id           = NULL;
 127static int *tls13_client_key_id           = NULL;
 128static int tls13_res_master_obj_id        = -1;
 129static int tls13_server_cert_id           = -1;
 130static int tls13_server_key_algo          = -1;
 131static int tls13_server_key_len           = -1;
 132
 133#endif /* WOLFSSL_MAXQ108X */
 134
 135/* Please define MAXQ10XX_PRODUCTION_KEY in your build scripts once you have a
 136 * production key. */
 137#if defined(MAXQ10XX_PRODUCTION_KEY)
 138#include "maxq10xx_key.h"
 139#else
 140/* TEST KEY. This must be changed for production environments!! */
 141static const mxq_u1 KeyPairImport[] = {
 142    0xd0,0x97,0x31,0xc7,0x63,0xc0,0x9e,0xe3,0x9a,0xb4,0xd0,0xce,0xa7,0x89,0xab,
 143    0x52,0xc8,0x80,0x3a,0x91,0x77,0x29,0xc3,0xa0,0x79,0x2e,0xe6,0x61,0x8b,0x2d,
 144    0x53,0x70,0xcc,0xa4,0x62,0xd5,0x4a,0x47,0x74,0xea,0x22,0xfa,0xa9,0xd4,0x95,
 145    0x4e,0xca,0x32,0x70,0x88,0xd6,0xeb,0x58,0x24,0xa3,0xc5,0xbf,0x29,0xdc,0xfd,
 146    0xe5,0xde,0x8f,0x48,0x19,0xe8,0xc6,0x4f,0xf2,0x46,0x10,0xe2,0x58,0xb9,0xb6,
 147    0x72,0x5e,0x88,0xaf,0xc2,0xee,0x8b,0x6f,0xe5,0x36,0xe3,0x60,0x7c,0xf8,0x2c,
 148    0xea,0x3a,0x4f,0xe3,0x6d,0x73
 149};
 150#endif /* MAXQ10XX_PRODUCTION_KEY || !DEBUG_WOLFSSL */
 151
 152#if defined(WOLFSSL_MAXQ108X) && defined(HAVE_HKDF)
 153
 154/* These are from Section 7.1 of the TLS 1.3 specification (RFC 8446). */
 155static const char derivedLabel[]     = "derived";
 156static const char cHsTrafficLabel[]  = "c hs traffic";
 157static const char sHsTrafficLabel[]  = "s hs traffic";
 158static const char cAppTrafficLabel[] = "c ap traffic";
 159static const char sAppTrafficLabel[] = "s ap traffic";
 160static const char appTrafUpdLabel[]  = "traffic upd";
 161static const char keyLabel[]         = "key";
 162static const char ivLabel[]          = "iv";
 163static const char finishedLabel[]    = "finished";
 164static const char resMasterLabel[]   = "res master";
 165static const char extBinderLabel[]   = "ext binder";
 166
 167static int local_is_psk = 0;
 168static int is_hs_key = 0;
 169
 170#endif /* WOLFSSL_MAXQ108X && HAVE_HKDF */
 171
 172static int aes_key_id_arr[AES_KEY_ID_MAX_NUM];
 173static int ecc_key_id_arr[ECC_KEY_ID_MAX_NUM];
 174
 175static int init_pk_callbacks = 0;
 176static int device_key_len = 32;
 177
 178#if defined(WOLFSSL_MAXQ108X)
 179static int temp_key_id_arr[TEMP_KEY_ID_MAX_NUM] = {0};
 180static int *mac_key_obj_id = NULL;
 181static int mac_comp_active = 0;
 182#endif /* WOLFSSL_MAXQ108X */
 183
 184#ifdef WOLFSSL_MAXQ10XX_CRYPTO
 185/*
 186 * Helper Functions
 187 */
 188static int crypto_sha256(const uint8_t *buf, uint32_t len, uint8_t *hash,
 189    uint32_t hashSz, uint32_t blkSz)
 190{
 191    int ret;
 192    uint32_t i = 0, chunk;
 193    wc_Sha256 sha256;
 194
 195    /* validate arguments */
 196    if ((buf == NULL && len > 0) || hash == NULL ||
 197        hashSz < WC_SHA256_DIGEST_SIZE || blkSz == 0) {
 198        return BAD_FUNC_ARG;
 199    }
 200
 201    /* Init Sha256 structure */
 202    ret = wc_InitSha256(&sha256);
 203    if (ret != 0) {
 204        return ret;
 205    }
 206
 207    sha256.maxq_ctx.soft_hash = 1;
 208
 209    while (i < len) {
 210        chunk = blkSz;
 211        if ((chunk + i) > len) {
 212            chunk = len - i;
 213        }
 214        /* Perform chunked update */
 215        ret = wc_Sha256Update(&sha256, (buf + i), chunk);
 216        if (ret != 0) {
 217            break;
 218        }
 219        i += chunk;
 220    }
 221
 222    if (ret == 0) {
 223        /* Get final digest result */
 224        ret = wc_Sha256Final(&sha256, hash);
 225    }
 226    return ret;
 227}
 228
 229static int crypto_ecc_sign(const uint8_t *key, uint32_t keySz,
 230    const uint8_t *hash, uint32_t hashSz, uint8_t *sig, uint32_t* sigSz,
 231    uint32_t curveSz, int curveId, WC_RNG* rng)
 232{
 233    int ret;
 234    mp_int r, s;
 235    ecc_key ecc;
 236
 237    /* validate arguments */
 238    if (key == NULL || hash == NULL || sig == NULL || sigSz == NULL ||
 239        curveSz == 0 || hashSz == 0 || keySz < curveSz ||
 240        *sigSz < (curveSz * 2)) {
 241        return BAD_FUNC_ARG;
 242    }
 243
 244    /* Initialize signature result */
 245    XMEMSET(sig, 0, curveSz * 2);
 246
 247    /* Setup the ECC key */
 248    ret = wc_ecc_init(&ecc);
 249    if (ret < 0) {
 250        return ret;
 251    }
 252
 253    ecc.maxq_ctx.hw_ecc = -1;
 254
 255    /* Setup the signature r/s variables */
 256    ret = mp_init(&r);
 257    if (ret != MP_OKAY) {
 258        wc_ecc_free(&ecc);
 259        return ret;
 260    }
 261
 262    ret = mp_init(&s);
 263    if (ret != MP_OKAY) {
 264        mp_clear(&r);
 265        wc_ecc_free(&ecc);
 266        return ret;
 267    }
 268
 269    /* Import private key "k" */
 270    ret = wc_ecc_import_private_key_ex(key, keySz, /* private key "d" */
 271                                       NULL, 0,    /* public (optional) */
 272                                       &ecc, curveId);
 273
 274    if (ret == 0) {
 275        ret = wc_ecc_sign_hash_ex(hash, hashSz, /* computed hash digest */
 276                                  rng, &ecc,    /* random and key context */
 277                                  &r, &s);
 278    }
 279
 280    if (ret == 0) {
 281        /* export r/s */
 282        mp_to_unsigned_bin_len(&r, sig, curveSz);
 283        mp_to_unsigned_bin_len(&s, sig + curveSz, curveSz);
 284    }
 285
 286    mp_clear(&r);
 287    mp_clear(&s);
 288    wc_ecc_free(&ecc);
 289    return ret;
 290}
 291
 292#ifdef MAXQ_DEBUG
 293void dbg_dumphex(const char *identifier, const uint8_t* pdata, uint32_t plen)
 294{
 295    uint32_t i;
 296
 297    printf("%s\n", identifier);
 298
 299    for (i = 0; i < plen; ++i) {
 300        if ((i > 0) && !(i % 16)) {
 301            printf("\n");
 302        }
 303        printf("%02X ", pdata[i]);
 304    }
 305
 306    printf("\n");
 307}
 308#endif /* MAXQ_DEBUG */
 309
 310/*
 311 * Personalized Utility Functions
 312 */
 313static void LoadDefaultImportKey(unsigned char* key, int* keylen,
 314                                 int* curve, int* type)
 315{
 316    *curve  = MXQ_KEYPARAM_EC_P256R1;
 317    *type   = MXQ_KEYTYPE_ECC;
 318    *keylen = 32;
 319
 320    XMEMCPY(key, KeyPairImport, sizeof(KeyPairImport));
 321}
 322
 323static int getSignAlgoFromCurve(int c)
 324{
 325    switch(c) {
 326        case MXQ_KEYPARAM_EC_P256R1:  return ALGO_ECDSA_SHA_256;
 327        case MXQ_KEYPARAM_EC_P384R1:  return ALGO_ECDSA_SHA_384;
 328        case MXQ_KEYPARAM_EC_P521R1:  return ALGO_ECDSA_SHA_512;
 329#ifdef HAVE_ECC_BRAINPOOL
 330        case MXQ_KEYPARAM_EC_BP256R1: return ALGO_ECDSA_SHA_256;
 331        case MXQ_KEYPARAM_EC_BP384R1: return ALGO_ECDSA_SHA_384;
 332        case MXQ_KEYPARAM_EC_BP512R1: return ALGO_ECDSA_SHA_512;
 333#endif
 334    }
 335    return BAD_FUNC_ARG;
 336}
 337
 338#ifdef WOLFSSL_MAXQ108X
 339
 340static int wc_MAXQ10XX_HmacSetKey(int type);
 341static int wc_MAXQ10XX_HmacUpdate(const byte* msg, word32 length);
 342static int wc_MAXQ10XX_HmacFinal(byte* hash);
 343
 344static int getMaxqKeyParamFromCurve(int c)
 345{
 346    switch(c) {
 347    case ECC_SECP256R1:       return MXQ_KEYPARAM_EC_P256R1;
 348    case ECC_SECP384R1:       return MXQ_KEYPARAM_EC_P384R1;
 349    case ECC_SECP521R1:       return MXQ_KEYPARAM_EC_P521R1;
 350    case ECC_BRAINPOOLP256R1: return MXQ_KEYPARAM_EC_BP256R1;
 351    case ECC_BRAINPOOLP384R1: return MXQ_KEYPARAM_EC_BP384R1;
 352    case ECC_BRAINPOOLP512R1: return MXQ_KEYPARAM_EC_BP512R1;
 353    }
 354    return BAD_FUNC_ARG;
 355}
 356
 357#endif /* WOLFSSL_MAXQ108X */
 358
 359static int ECDSA_sign(mxq_u1* dest, int* signlen, mxq_u1* key,
 360                      mxq_u1* data, mxq_length data_length, int curve)
 361{
 362    int ret;
 363    int hashlen = WC_SHA256_DIGEST_SIZE;
 364    unsigned char hash[WC_SHA256_DIGEST_SIZE];
 365    WC_RNG rng;
 366    int algo = 0;
 367    int wc_curve_id = ECC_SECP256R1;
 368    int wc_curve_size = 32;
 369    uint32_t sigSz = 0;
 370
 371    if (curve != MXQ_KEYPARAM_EC_P256R1) {
 372        return BAD_FUNC_ARG;
 373    }
 374
 375    algo = getSignAlgoFromCurve(curve);
 376    if (algo != ALGO_ECDSA_SHA_256) {
 377        return BAD_FUNC_ARG;
 378    }
 379
 380    sigSz = (2 * wc_curve_size);
 381    if (*signlen < (int)sigSz) {
 382        return BAD_FUNC_ARG;
 383    }
 384
 385    ret = wc_InitRng(&rng);
 386    if (ret != 0) {
 387        return ret;
 388    }
 389
 390    ret = crypto_sha256(data, data_length, /* input message */
 391                        hash, hashlen,     /* hash digest result */
 392                        32                 /* configurable block/chunk size */
 393                       );
 394
 395    if (ret == 0) {
 396        ret = crypto_ecc_sign(
 397            (key + (2 * wc_curve_size)), wc_curve_size,    /* private key */
 398            hash, hashlen,               /* computed hash digest */
 399            dest, &sigSz,                /* signature r/s */
 400            wc_curve_size,               /* curve size in bytes */
 401            wc_curve_id,                 /* curve id */
 402            &rng);
 403
 404        *signlen = sigSz;
 405    }
 406
 407    wc_FreeRng(&rng);
 408    return ret;
 409}
 410
 411#ifdef MAXQ_AESGCM
 412static int alloc_aes_key_id(void)
 413{
 414    int i;
 415    for (i = 0; i < AES_KEY_ID_MAX_NUM; ++i) {
 416        if (aes_key_id_arr[i] == 0) {
 417            aes_key_id_arr[i] = AES_KEY_ID_START + i;
 418            break;
 419        }
 420    }
 421
 422    if (i == AES_KEY_ID_MAX_NUM) {
 423        return 0;
 424    }
 425    else {
 426        return aes_key_id_arr[i];
 427    }
 428}
 429#endif /* MAXQ_AESGCM */
 430
 431static void free_aes_key_id(int obj_id)
 432{
 433    int idx_for_arr = obj_id - AES_KEY_ID_START;
 434
 435    if ((idx_for_arr >= 0) && (idx_for_arr < AES_KEY_ID_MAX_NUM)) {
 436        aes_key_id_arr[idx_for_arr] = 0;
 437    }
 438}
 439
 440#ifdef MAXQ_ECC
 441static int alloc_ecc_key_id(void)
 442{
 443    int i;
 444    for (i = 0; i < ECC_KEY_ID_MAX_NUM; ++i) {
 445        if (ecc_key_id_arr[i] == 0) {
 446            ecc_key_id_arr[i] = ECC_KEY_ID_START + i;
 447            break;
 448        }
 449    }
 450
 451    if (i == ECC_KEY_ID_MAX_NUM) {
 452        return 0;
 453    }
 454    else {
 455        return ecc_key_id_arr[i];
 456    }
 457}
 458#endif /* MAXQ_ECC */
 459
 460static void free_ecc_key_id(int obj_id)
 461{
 462    int idx_for_arr = obj_id - ECC_KEY_ID_START;
 463
 464    if ((idx_for_arr >= 0) && (idx_for_arr < ECC_KEY_ID_MAX_NUM)) {
 465        ecc_key_id_arr[idx_for_arr] = 0;
 466    }
 467}
 468
 469#ifdef WOLFSSL_MAXQ108X
 470static int alloc_temp_key_id(void)
 471{
 472    int i;
 473    for (i = 0; i < TEMP_KEY_ID_MAX_NUM; ++i) {
 474        if (temp_key_id_arr[i] == 0) {
 475            temp_key_id_arr[i] = 1;
 476            break;
 477        }
 478    }
 479
 480    if (i == TEMP_KEY_ID_MAX_NUM) {
 481        return -1;
 482    }
 483    else {
 484        return i;
 485    }
 486}
 487
 488static void free_temp_key_id(int obj_id)
 489{
 490    int idx_for_arr = obj_id - TEMP_KEY_ID_START;
 491
 492    if (idx_for_arr >=0 && idx_for_arr < TEMP_KEY_ID_MAX_NUM) {
 493        temp_key_id_arr[idx_for_arr] = 0;
 494    }
 495}
 496#endif /* WOLFSSL_MAXQ108X */
 497
 498/*
 499 * WolfCrypt Functions
 500 */
 501int wc_MAXQ10XX_AesSetKey(Aes* aes, const byte* userKey, word32 keylen)
 502{
 503    XMEMCPY(aes->maxq_ctx.key, userKey, keylen);
 504    aes->maxq_ctx.key_pending = 1;
 505    return 0;
 506}
 507
 508int wc_MAXQ10XX_EccSetKey(ecc_key* key, word32 keysize)
 509{
 510    int err = 0;
 511    int keytype = key->type;
 512    word32 bufflen = 0;
 513
 514    if (key->maxq_ctx.hw_ecc == -1) {
 515        err = WC_HW_E;
 516    }
 517
 518    if (err == 0) {
 519        if (key->dp->id != ECC_SECP256R1) {
 520            err = ECC_CURVE_OID_E;
 521        }
 522    }
 523
 524    if (err == 0) {
 525        if ((keytype != ECC_PUBLICKEY) && (keytype != ECC_PRIVATEKEY) &&
 526            (keytype != ECC_PRIVATEKEY_ONLY)) {
 527            err = BAD_FUNC_ARG;
 528        }
 529    }
 530
 531    if (err == 0) {
 532        bufflen = keysize;
 533        if ((keytype == ECC_PUBLICKEY) || (keytype == ECC_PRIVATEKEY)) {
 534            err = wc_export_int(key->pubkey.x, key->maxq_ctx.ecc_key,
 535                                &bufflen, keysize, WC_TYPE_UNSIGNED_BIN);
 536        }
 537    }
 538
 539    if (err == 0) {
 540        if ((keytype == ECC_PUBLICKEY) || (keytype == ECC_PRIVATEKEY)) {
 541            err = wc_export_int(key->pubkey.y, key->maxq_ctx.ecc_key + keysize,
 542                                &bufflen, keysize, WC_TYPE_UNSIGNED_BIN);
 543        }
 544    }
 545
 546    if (err == 0) {
 547        if ((keytype == ECC_PRIVATEKEY) || (keytype == ECC_PRIVATEKEY_ONLY)) {
 548            err = wc_export_int(wc_ecc_key_get_priv(key),
 549                key->maxq_ctx.ecc_key + (2 * keysize), &bufflen, keysize,
 550                WC_TYPE_UNSIGNED_BIN);
 551        }
 552    }
 553
 554    if (err == 0) {
 555        key->maxq_ctx.hw_ecc = 1;
 556        key->maxq_ctx.key_pending = 1;
 557    }
 558    else {
 559        key->maxq_ctx.hw_ecc = -1;
 560    }
 561
 562    return err;
 563}
 564
 565#ifdef MAXQ_AESGCM
 566static int aes_set_key(Aes* aes, const byte* userKey, word32 keylen)
 567{
 568    mxq_u1 key_buff[MAX_KEY_DATASIZE];
 569    mxq_err_t mxq_rc;
 570    int rc;
 571    unsigned char sign_key[MAX_SIGNKEY_DATASIZE];
 572    int sign_key_len, sign_key_curve, sign_key_type;
 573    mxq_u1 signature[MAX_SIG_DATASIZE];
 574    int signature_len = (int)sizeof(signature);
 575
 576
 577    if (aes == NULL || (keylen != AES_128_KEY_SIZE &&
 578#ifdef WOLFSSL_AES_192
 579        keylen != AES_192_KEY_SIZE &&
 580#endif
 581        keylen != AES_256_KEY_SIZE)) {
 582        return BAD_FUNC_ARG;
 583    }
 584
 585    #if defined(MAXQ10XX_MUTEX)
 586    rc = maxq_CryptHwMutexTryLock();
 587    if (rc != 0) {
 588        WOLFSSL_ERROR_MSG("MAXQ: aes_set_key() lock could not be acquired");
 589        rc = NOT_COMPILED_IN;
 590        return rc;
 591    }
 592    #endif
 593
 594    if (aes->maxq_ctx.key_obj_id) {
 595        wc_MAXQ10XX_AesFree(aes);
 596    }
 597
 598    int obj_id = alloc_aes_key_id();
 599    if (!obj_id) {
 600        WOLFSSL_ERROR_MSG("MAXQ: alloc_aes_key_id() failed");
 601        rc = NOT_COMPILED_IN;
 602        goto end_AesSetKey;
 603    }
 604
 605    /* Delete object if one already exists. Ignore error in case it doesn't
 606     * exist. */
 607    (void)MXQ_DeleteObject(obj_id);
 608    mxq_rc = MXQ_CreateObject(obj_id, keylen, MXQ_OBJTYPE_SECRETKEY,
 609                              OBJPROP_PERSISTENT,
 610                              (char *)"ahs=rwdgx:ahs=rwdgx:ahs=rwdgx");
 611    if (mxq_rc) {
 612        WOLFSSL_ERROR_MSG("MAXQ: MXQ_CreateObject() failed");
 613        rc = NOT_COMPILED_IN;
 614        goto end_AesSetKey;
 615    }
 616
 617    /* store the object id in the context */
 618    aes->maxq_ctx.key_obj_id = obj_id;
 619
 620    mxq_length key_buff_len = sizeof(key_buff);
 621    mxq_rc = MXQ_BuildKey(key_buff, &key_buff_len, MXQ_KEYTYPE_AES, 0xff,
 622                          keylen, keylen, MXQ_KEYUSE_ENCRYPTION,
 623                          ALGO_CIPHER_AES_ECB, MXQ_KEYUSE_NONE, ALGO_NONE,
 624                          (mxq_u1 *)userKey);
 625    if (mxq_rc) {
 626        WOLFSSL_ERROR_MSG("MAXQ: MXQ_BuildKey() failed");
 627        rc = WC_HW_E;
 628        goto end_AesSetKey;
 629    }
 630
 631    LoadDefaultImportKey(sign_key, &sign_key_len, &sign_key_curve,
 632                         &sign_key_type);
 633
 634    /* Unlock because signing operation will need to use the RNG. */
 635    #if defined(MAXQ10XX_MUTEX)
 636    wolfSSL_CryptHwMutexUnLock();
 637    #endif
 638
 639    rc = ECDSA_sign(signature, &signature_len, sign_key, key_buff, key_buff_len,
 640                    sign_key_curve);
 641    if (rc) {
 642        WOLFSSL_ERROR_MSG("MAXQ: ECDSA_sign() failed");
 643        goto end_AesSetKey_noUnlock;
 644    }
 645
 646    #if defined(MAXQ10XX_MUTEX)
 647    rc = maxq_CryptHwMutexTryLock();
 648    if (rc != 0) {
 649        WOLFSSL_ERROR_MSG("MAXQ: aes_set_key() lock could not be acquired");
 650        rc = NOT_COMPILED_IN;
 651        goto end_AesSetKey_noUnlock;
 652    }
 653    #endif
 654    mxq_rc = MXQ_ImportKey(obj_id, getSignAlgoFromCurve(sign_key_curve),
 655                           PUBKEY_IMPORT_OBJID, key_buff, key_buff_len,
 656                           signature, signature_len);
 657    if (mxq_rc) {
 658        WOLFSSL_ERROR_MSG("MAXQ: MXQ_ImportKey() failed");
 659        rc = WC_HW_E;
 660        goto end_AesSetKey;
 661    }
 662
 663    /* key stored successfully */
 664    aes->maxq_ctx.key_pending = 0;
 665
 666end_AesSetKey:
 667    wolfSSL_CryptHwMutexUnLock();
 668end_AesSetKey_noUnlock:
 669    return rc;
 670}
 671#endif /* MAXQ_AESGCM */
 672
 673void wc_MAXQ10XX_AesFree(Aes* aes)
 674{
 675    mxq_err_t mxq_rc;
 676    int rc = 1;
 677
 678    if (aes->maxq_ctx.key_obj_id != 0) {
 679        rc = 0;
 680    }
 681
 682    if (rc == 0) {
 683        rc = wolfSSL_CryptHwMutexLock();
 684    }
 685
 686    if (rc == 0) {
 687        mxq_rc = MXQ_DeleteObject(aes->maxq_ctx.key_obj_id);
 688        if (mxq_rc) {
 689            WOLFSSL_ERROR_MSG("MAXQ: MXQ_DeleteObject() failed");
 690            rc = 1;
 691        }
 692
 693        if (rc == 0) {
 694            free_aes_key_id(aes->maxq_ctx.key_obj_id);
 695            aes->maxq_ctx.key_obj_id = 0;
 696        }
 697        wolfSSL_CryptHwMutexUnLock();
 698    }
 699}
 700
 701#ifdef MAXQ_ECC
 702static int ecc_set_key(ecc_key* key, const byte* userKey, word32 keycomplen,
 703                       int for_ecdh)
 704{
 705    mxq_err_t mxq_rc;
 706    int rc;
 707    word32 keylen;
 708    int objtype;
 709    mxq_keyuse_t key_use;
 710    mxq_u1 key_buff[MAX_KEY_DATASIZE];
 711    mxq_length key_buff_len = sizeof(key_buff);
 712    unsigned char sign_key[MAX_SIGNKEY_DATASIZE];
 713    int sign_key_len, sign_key_curve, sign_key_type;
 714    mxq_u1 signature[MAX_SIG_DATASIZE];
 715    int signature_len = (int)sizeof(signature);
 716
 717
 718    if ((key->type != ECC_PUBLICKEY) && (key->type != ECC_PRIVATEKEY) &&
 719        (key->type != ECC_PRIVATEKEY_ONLY)) {
 720        return BAD_FUNC_ARG;
 721    }
 722
 723    if (key->type == ECC_PUBLICKEY) {
 724        keylen = keycomplen * 2;
 725        objtype = MXQ_OBJTYPE_PUBKEY;
 726    }
 727    else {
 728        keylen = keycomplen * 3;
 729        objtype = MXQ_OBJTYPE_KEYPAIR;
 730    }
 731
 732    if (for_ecdh) {
 733        key_use = MXQ_KEYUSE_KEY_EXCHAGE;
 734    }
 735    else {
 736        key_use = MXQ_KEYUSE_DATASIGNATURE;
 737    }
 738
 739    #if defined(MAXQ10XX_MUTEX)
 740    rc = maxq_CryptHwMutexTryLock();
 741    if (rc != 0) {
 742        WOLFSSL_ERROR_MSG("MAXQ: ecc_set_key() lock could not be acquired");
 743        rc = NOT_COMPILED_IN;
 744        return rc;
 745    }
 746    #endif
 747
 748    if (key->maxq_ctx.key_obj_id) {
 749        wc_MAXQ10XX_EccFree(key);
 750    }
 751
 752    int obj_id = alloc_ecc_key_id();
 753    if (!obj_id) {
 754        WOLFSSL_ERROR_MSG("MAXQ: alloc_ecc_key_id() failed");
 755        rc = NOT_COMPILED_IN;
 756        goto end_EccSetKey;
 757    }
 758
 759    /* Delete object if one already exists. Ignore error in case it doesn't
 760     * exist. */
 761    (void)MXQ_DeleteObject(obj_id);
 762    mxq_rc = MXQ_CreateObject(obj_id, keylen, objtype, OBJPROP_PERSISTENT,
 763                              (char *)"ahs=rwdgx:ahs=rwdgx:ahs=rwdgx");
 764    if (mxq_rc) {
 765        WOLFSSL_ERROR_MSG("MAXQ: MXQ_CreateObject() failed");
 766        rc = NOT_COMPILED_IN;
 767        goto end_EccSetKey;
 768    }
 769
 770    /* store the object id in the context */
 771    key->maxq_ctx.key_obj_id = obj_id;
 772
 773    mxq_rc = MXQ_BuildKey(key_buff, &key_buff_len, MXQ_KEYTYPE_ECC,
 774                          MXQ_KEYPARAM_EC_P256R1, keycomplen, keylen,
 775                          key_use, ALGO_ECDSA_SHA_256,
 776                          MXQ_KEYUSE_NONE, ALGO_NONE, (mxq_u1 *)userKey);
 777    if (mxq_rc) {
 778        WOLFSSL_ERROR_MSG("MAXQ: MXQ_BuildKey() failed");
 779        rc = WC_HW_E;
 780        goto end_EccSetKey;
 781    }
 782
 783    LoadDefaultImportKey(sign_key, &sign_key_len, &sign_key_curve,
 784                         &sign_key_type);
 785
 786    /* Unlock because signing operation will need to use the RNG. */
 787    #if defined(MAXQ10XX_MUTEX)
 788    wolfSSL_CryptHwMutexUnLock();
 789    #endif
 790
 791    rc = ECDSA_sign(signature, &signature_len, sign_key, key_buff, key_buff_len,
 792                    sign_key_curve);
 793    if (rc) {
 794        WOLFSSL_ERROR_MSG("MAXQ: ECDSA_sign() failed");
 795        goto end_EccSetKey_noUnlock;
 796    }
 797
 798    #if defined(MAXQ10XX_MUTEX)
 799    rc = maxq_CryptHwMutexTryLock();
 800    if (rc != 0) {
 801        WOLFSSL_ERROR_MSG("MAXQ: ecc_set_key() lock could not be acquired");
 802        rc = NOT_COMPILED_IN;
 803        goto end_EccSetKey_noUnlock;
 804    }
 805    #endif
 806
 807    mxq_rc = MXQ_ImportKey(obj_id, getSignAlgoFromCurve(sign_key_curve),
 808                           PUBKEY_IMPORT_OBJID, key_buff, key_buff_len,
 809                           signature, signature_len);
 810    if (mxq_rc) {
 811        WOLFSSL_ERROR_MSG("MAXQ: MXQ_ImportKey() failed");
 812        rc = WC_HW_E;
 813        goto end_EccSetKey;
 814    }
 815
 816    /* key stored successfully */
 817    key->maxq_ctx.key_pending = 0;
 818
 819end_EccSetKey:
 820    #if defined(MAXQ10XX_MUTEX)
 821    wolfSSL_CryptHwMutexUnLock();
 822    #endif
 823end_EccSetKey_noUnlock:
 824    return rc;
 825}
 826
 827static int ecc_gen_key(ecc_key* key, word32 keycomplen)
 828{
 829    mxq_err_t mxq_rc;
 830    int rc;
 831    word32 keylen;
 832    int objtype;
 833    mxq_u1 key_buff[MAX_KEY_DATASIZE];
 834    mxq_length key_buff_len = sizeof(key_buff);
 835    unsigned char sign_key[MAX_SIGNKEY_DATASIZE];
 836    int sign_key_len, sign_key_curve, sign_key_type;
 837    mxq_u1 signature[MAX_SIG_DATASIZE];
 838    int signature_len = (int)sizeof(signature);
 839
 840
 841    if ((key->type != 0) && (key->type != ECC_PRIVATEKEY)
 842        && (key->type != ECC_PRIVATEKEY_ONLY)) {
 843        return BAD_FUNC_ARG;
 844    }
 845
 846    key->type = ECC_PRIVATEKEY;
 847    keylen = keycomplen * 3;
 848    objtype = MXQ_OBJTYPE_KEYPAIR;
 849
 850    #if defined(MAXQ10XX_MUTEX)
 851    rc = maxq_CryptHwMutexTryLock();
 852    if (rc != 0) {
 853        WOLFSSL_ERROR_MSG("MAXQ: ecc_set_key() lock could not be acquired");
 854        rc = NOT_COMPILED_IN;
 855        return rc;
 856    }
 857    #endif
 858
 859    if (key->maxq_ctx.key_obj_id) {
 860        wc_MAXQ10XX_EccFree(key);
 861    }
 862
 863    int obj_id = alloc_ecc_key_id();
 864    if (!obj_id) {
 865        WOLFSSL_ERROR_MSG("MAXQ: alloc_ecc_key_id() failed");
 866        rc = NOT_COMPILED_IN;
 867        goto end_EccGenKey;
 868    }
 869
 870    /* Delete object if one already exists. Ignore error in case it doesn't
 871     * exist. */
 872    (void)MXQ_DeleteObject(obj_id);
 873    mxq_rc = MXQ_CreateObject(obj_id, keylen, objtype, OBJPROP_PERSISTENT,
 874                              (char *)"ahs=rwdgx:ahs=rwdgx:ahs=rwdgx");
 875    if (mxq_rc) {
 876        WOLFSSL_ERROR_MSG("MAXQ: MXQ_CreateObject() failed");
 877        rc = NOT_COMPILED_IN;
 878        goto end_EccGenKey;
 879    }
 880
 881    /* store the object id in the context */
 882    key->maxq_ctx.key_obj_id = obj_id;
 883
 884    /* Note that total_keylen is 0 and psrc is NULL. This ensures that when
 885     * MXQ_ImportKey() is called, it does a keygen; not import. */
 886    mxq_rc = MXQ_BuildKey(key_buff, &key_buff_len, MXQ_KEYTYPE_ECC,
 887                          MXQ_KEYPARAM_EC_P256R1, keycomplen, 0,
 888                          MXQ_KEYUSE_KEY_EXCHAGE, ALGO_ECDSA_SHA_256,
 889                          MXQ_KEYUSE_NONE, ALGO_NONE, NULL);
 890    if (mxq_rc) {
 891        WOLFSSL_ERROR_MSG("MAXQ: MXQ_BuildKey() failed");
 892        rc = WC_HW_E;
 893        goto end_EccGenKey;
 894    }
 895
 896    LoadDefaultImportKey(sign_key, &sign_key_len, &sign_key_curve,
 897                         &sign_key_type);
 898
 899    /* Unlock because signing operation will need to use the RNG. */
 900    #if defined(MAXQ10XX_MUTEX)
 901    wolfSSL_CryptHwMutexUnLock();
 902    #endif
 903
 904    rc = ECDSA_sign(signature, &signature_len, sign_key, key_buff, key_buff_len,
 905                    sign_key_curve);
 906    if (rc) {
 907        WOLFSSL_ERROR_MSG("MAXQ: ECDSA_sign() failed");
 908        goto end_EccGenKey_noUnlock;
 909    }
 910
 911    #if defined(MAXQ10XX_MUTEX)
 912    rc = maxq_CryptHwMutexTryLock();
 913    if (rc != 0) {
 914        WOLFSSL_ERROR_MSG("MAXQ: ecc_set_key() lock could not be acquired");
 915        rc = NOT_COMPILED_IN;
 916        goto end_EccGenKey_noUnlock;
 917    }
 918    #endif
 919
 920    mxq_rc = MXQ_ImportKey(obj_id, getSignAlgoFromCurve(sign_key_curve),
 921                           PUBKEY_IMPORT_OBJID, key_buff, key_buff_len,
 922                           signature, signature_len);
 923    if (mxq_rc) {
 924        WOLFSSL_ERROR_MSG("MAXQ: MXQ_ImportKey() failed");
 925        rc = WC_HW_E;
 926        goto end_EccGenKey;
 927    }
 928
 929    key->maxq_ctx.hw_ecc = 1;
 930
 931end_EccGenKey:
 932    #if defined(MAXQ10XX_MUTEX)
 933    wolfSSL_CryptHwMutexUnLock();
 934    #endif
 935end_EccGenKey_noUnlock:
 936    return rc;
 937}
 938
 939static int ecc_establish(ecc_key* key, ecc_key* peer, byte *ss, word32 *ss_len)
 940{
 941    mxq_err_t mxq_rc;
 942    int rc = 0;
 943    byte fixed_info_len = FIXED_INFO_LEN;
 944    byte fixed_info[FIXED_INFO_LEN];
 945    mxq_length output_len = ESTABLISH_OUT_MAX;
 946    byte output[ESTABLISH_OUT_MAX];
 947
 948    word32 peerKeySz;
 949    uint8_t  peerKeyBuf[MAX_EC_KEY_SIZE];
 950    uint8_t* peerKey = peerKeyBuf;
 951    uint8_t* qx;
 952    uint8_t* qy;
 953    word32 qxLen;
 954    word32 qyLen;
 955
 956    /* ECC P256 shared secret is 32 bytes. */
 957    if (*ss_len != 32) {
 958        return BAD_FUNC_ARG;
 959    }
 960
 961    if (peer == NULL) {
 962        return BAD_FUNC_ARG;
 963    }
 964
 965    if (key == NULL) {
 966        return BAD_FUNC_ARG;
 967    }
 968
 969    peerKeySz = peer->dp->size;
 970    qx = peerKey;
 971    qy = &peerKey[peerKeySz];
 972    qxLen = peerKeySz;
 973    qyLen = peerKeySz;
 974
 975    if (key->maxq_ctx.hw_ecc != 1) {
 976        /* The key was not generated. Lets import it. */
 977        if (key->maxq_ctx.hw_ecc == 0) {
 978            rc = wc_MAXQ10XX_EccSetKey(key, key->dp->size);
 979            if (rc != 0) {
 980                return rc;
 981            }
 982        }
 983
 984        if (key->maxq_ctx.hw_ecc == -1) {
 985            return CRYPTOCB_UNAVAILABLE;
 986        }
 987
 988        rc = ecc_set_key(key, key->maxq_ctx.ecc_key, key->dp->size, 1);
 989    }
 990
 991    if (rc != 0) {
 992        return rc;
 993    }
 994
 995    if (key->maxq_ctx.key_obj_id == 0) {
 996        return WC_HW_E;
 997    }
 998
 999    rc = wc_ecc_export_public_raw(peer, qx, &qxLen, qy, &qyLen);
1000    if (rc != 0) {
1001        return rc;
1002    }
1003
1004    /* This follows what is done in other MAXQ10xx examples. */
1005    XMEMSET(fixed_info, FIXED_INFO_VALUE, fixed_info_len);
1006
1007    /* 0xFFFF indicates that the peer's public key will be in the buffer; not
1008     * referenced via key ID. */
1009    mxq_rc = MXQ_EstablishKey(SHARE_SECRET, MXQ_KEYPARAM_EC_P256R1,
1010                              key->maxq_ctx.key_obj_id, 0xFFFF, peerKey,
1011                              0, NULL, 0, 0, 0, 0, fixed_info_len, fixed_info,
1012                              0, 0, NULL, output, &output_len);
1013
1014    if (mxq_rc) {
1015        WOLFSSL_ERROR_MSG("MAXQ: MXQ_EstablishKey() failed");
1016        rc = WC_HW_E;
1017    }
1018
1019    /* Output contains the public key and shared secret concatenated. The public
1020     * key is (0x04 || X || Y) which means its 65 bytes. The shared secret is
1021     * in the 32 bytes after that. */
1022    XMEMCPY(ss, &output[1 + ECC256_KEYSIZE + ECC256_KEYSIZE], *ss_len);
1023
1024    return rc;
1025}
1026
1027#endif /* MAXQ_ECC */
1028
1029void wc_MAXQ10XX_EccFree(ecc_key* key)
1030{
1031    if (key->maxq_ctx.key_obj_id == 0) {
1032        return;
1033    }
1034
1035    int rc = wolfSSL_CryptHwMutexLock();
1036    if (rc != 0) {
1037        return;
1038    }
1039
1040    mxq_err_t mxq_rc = MXQ_DeleteObject(key->maxq_ctx.key_obj_id);
1041    if (mxq_rc) {
1042        WOLFSSL_ERROR_MSG("MAXQ: MXQ_DeleteObject() failed");
1043        wolfSSL_CryptHwMutexUnLock();
1044        return;
1045    }
1046
1047    free_ecc_key_id(key->maxq_ctx.key_obj_id);
1048    key->maxq_ctx.key_obj_id = 0;
1049    wolfSSL_CryptHwMutexUnLock();
1050}
1051
1052void wc_MAXQ10XX_Sha256Copy(wc_Sha256* sha256)
1053{
1054    /* during copying, change to soft hash mode for one context */
1055    if (sha256->maxq_ctx.hash_running) {
1056        sha256->maxq_ctx.hash_running = 0;
1057        sha256->maxq_ctx.soft_hash = 1;
1058    }
1059}
1060
1061void wc_MAXQ10XX_Sha256Free(wc_Sha256* sha256)
1062{
1063    /* release the mutex if a hash operation is running on the maxq10xx device
1064     */
1065    if (sha256->maxq_ctx.hash_running) {
1066        sha256->maxq_ctx.hash_running = 0;
1067        sha256->maxq_ctx.soft_hash = 1;
1068        wolfSSL_CryptHwMutexUnLock();
1069    }
1070}
1071#endif /* WOLFSSL_MAXQ10XX_CRYPTO */
1072
1073#ifdef WOLF_CRYPTO_CB
1074#ifdef MAXQ_SHA256
1075static int maxq10xx_hash_update_sha256(const mxq_u1* psrc, mxq_length inlen,
1076                                       int running)
1077{
1078    mxq_err_t mxq_rc;
1079
1080    if (running == 0) {
1081        mxq_rc = MXQ_MD_Init(ALGO_MD_SHA256);
1082        if (mxq_rc) {
1083            WOLFSSL_ERROR_MSG("MAXQ: MXQ_MD_Init() failed");
1084            return WC_HW_E;
1085        }
1086    }
1087
1088    mxq_length data_offset = 0;
1089    mxq_length data_len;
1090
1091    while (inlen) {
1092        data_len = (inlen < MAX_HASH_CHUNKSIZE) ? inlen : MAX_HASH_CHUNKSIZE;
1093
1094        mxq_rc = MXQ_MD_Update(&psrc[data_offset], data_len);
1095        if (mxq_rc) {
1096            WOLFSSL_ERROR_MSG("MAXQ: MXQ_MD_Update() failed");
1097            return WC_HW_E;
1098        }
1099
1100        data_offset += data_len;
1101        inlen -= data_len;
1102    }
1103
1104    return 0;
1105}
1106
1107static int maxq10xx_hash_finish_sha256(mxq_u1* pdest)
1108{
1109    mxq_err_t mxq_rc;
1110    mxq_length hashlen = WC_SHA256_DIGEST_SIZE;
1111
1112    mxq_rc = MXQ_MD_Finish(pdest, &hashlen);
1113    if (mxq_rc) {
1114        WOLFSSL_ERROR_MSG("MAXQ: MXQ_MD_Finish() failed");
1115        return WC_HW_E;
1116    }
1117
1118    return 0;
1119}
1120#endif /* MAXQ_SHA256 */
1121
1122static int maxq10xx_cipher_do(mxq_algo_id_t algo_id, mxq_u1 encrypt,
1123                              mxq_u2 key_id, mxq_u1* p_in, mxq_u1* p_out,
1124                              mxq_length data_size, mxq_u1* p_iv,
1125                              mxq_length iv_len, mxq_u1* p_aad,
1126                              mxq_length aad_len, mxq_u1* p_tag,
1127                              mxq_length tag_len)
1128{
1129    mxq_err_t mxq_rc;
1130    ciph_params_t cparams;
1131
1132    mxq_u1 internal_data[K_CHUNKSIZE + K_CIPHER_BLOCKSIZE];
1133    mxq_u1 *p_int_data = internal_data;
1134
1135    mxq_length data_offset = 0;
1136    mxq_length proc_len = 0, req_len = 0;
1137
1138    XMEMSET(&cparams, 0, sizeof(cparams));
1139
1140    cparams.data_length  = data_size;
1141    cparams.p_iv         = p_iv;
1142    cparams.iv_length    = iv_len;
1143    cparams.p_aad        = p_aad;
1144    cparams.aad_length   = aad_len;
1145
1146    if ((algo_id == ALGO_CIPHER_AES_GCM) || (algo_id == ALGO_CIPHER_AES_CCM)) {
1147        if (encrypt) {
1148            cparams.aead_tag_len = tag_len;
1149        }
1150        else {
1151            XMEMCPY(cparams.aead_tag, p_tag, tag_len);
1152            cparams.aead_tag_len = tag_len;
1153        }
1154    }
1155
1156    mxq_rc = MXQ_Cipher_Init(encrypt, algo_id, key_id, &cparams, 0);
1157    if (mxq_rc) {
1158        WOLFSSL_ERROR_MSG("MAXQ: MXQ_Cipher_Init() failed");
1159        return WC_HW_E;
1160    }
1161
1162    while (data_size) {
1163        proc_len = (data_size < K_CHUNKSIZE) ? data_size : K_CHUNKSIZE;
1164        req_len  = proc_len;
1165
1166        mxq_rc = MXQ_Cipher_Update(&p_out, &p_in[data_offset], &proc_len);
1167        if (mxq_rc) {
1168            WOLFSSL_ERROR_MSG("MAXQ: MXQ_Cipher_Update() failed");
1169            return WC_HW_E;
1170        }
1171
1172        data_offset += req_len;
1173        data_size -= req_len;
1174    }
1175
1176    if (encrypt) {
1177        proc_len = tag_len;
1178        mxq_rc = MXQ_Cipher_Finish(&p_int_data, &proc_len);
1179        if (mxq_rc) {
1180            WOLFSSL_ERROR_MSG("MAXQ: Encrypt, MXQ_Cipher_Finish() failed");
1181            return WC_HW_E;
1182        }
1183
1184        if (proc_len > tag_len) {
1185            XMEMCPY(p_out, internal_data, proc_len - tag_len);
1186        }
1187
1188        if ((tag_len != 0) && (proc_len >= tag_len)) {
1189            XMEMCPY(p_tag, &internal_data[proc_len - tag_len], tag_len);
1190        }
1191    }
1192    else {
1193        internal_data[0] = 0xDE;
1194        XMEMCPY(&internal_data[1], p_tag, tag_len);
1195        proc_len = tag_len;
1196
1197        mxq_rc = MXQ_Cipher_Finish(&p_int_data, &proc_len);
1198        if (mxq_rc) {
1199            WOLFSSL_ERROR_MSG("MAXQ: Decrypt, MXQ_Cipher_Finish() failed");
1200            return WC_HW_E;
1201        }
1202
1203        if (proc_len) {
1204            XMEMCPY(p_out, internal_data, proc_len);
1205        }
1206    }
1207
1208    return 0;
1209}
1210
1211static int maxq10xx_ecc_sign_local(mxq_u2 key_id,
1212                                   mxq_u1* p_in, mxq_u2 data_size,
1213                                   mxq_u1* p_sign_out, mxq_length* sign_len,
1214                                   mxq_length keycomplen)
1215{
1216    mxq_err_t mxq_rc;
1217    int rc;
1218    mxq_u1 *input_digest = NULL;
1219    mxq_u1 *buff_sign = NULL;
1220    mxq_length buff_len = keycomplen * 2;
1221    byte *r = NULL;
1222    byte *s = NULL;
1223
1224    input_digest = (mxq_u1 *)XMALLOC(keycomplen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1225    buff_sign = (mxq_u1 *)XMALLOC(keycomplen * 2, NULL,
1226                                  DYNAMIC_TYPE_TMP_BUFFER);
1227    if (input_digest == NULL || buff_sign == NULL) {
1228        XFREE(input_digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1229        XFREE(buff_sign, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1230        return MEMORY_E;
1231    }
1232    r = &buff_sign[0];
1233    s = &buff_sign[keycomplen];
1234
1235    /* truncate input to match key size */
1236    if (data_size > keycomplen) {
1237        data_size = keycomplen;
1238    }
1239
1240    /* build input digest */
1241    XMEMSET(input_digest, 0, keycomplen);
1242    XMEMCPY(&input_digest[keycomplen - data_size], p_in, data_size);
1243
1244    mxq_rc = MXQ_Sign(ALGO_ECDSA_PLAIN, key_id, input_digest,
1245                      keycomplen, buff_sign, &buff_len);
1246    if (mxq_rc) {
1247        WOLFSSL_ERROR_MSG("MAXQ: MXQ_Sign() failed");
1248        return WC_HW_E;
1249    }
1250
1251    /* convert r and s to signature */
1252    rc = wc_ecc_rs_raw_to_sig((const byte *)r, keycomplen, (const byte *)s,
1253                              keycomplen, p_sign_out, sign_len);
1254    if (rc != 0) {
1255        WOLFSSL_ERROR_MSG("MAXQ: converting r and s to signature failed");
1256    }
1257
1258    XFREE(input_digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1259    XFREE(buff_sign, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1260    return rc;
1261}
1262
1263#ifdef MAXQ_ECC
1264static int maxq10xx_ecc_verify_local(
1265               mxq_u2 key_id, mxq_u1* p_in, mxq_u2 data_size,
1266               mxq_u1* p_sign, mxq_u1 sign_len, int *result,
1267               mxq_length keycomplen)
1268{
1269    int rc;
1270    mxq_err_t mxq_rc;
1271    mxq_u1 *buff_rs = NULL;
1272    mxq_u1 *input_digest = NULL;
1273    mxq_u1 *buff_signature = NULL;
1274    byte *r = NULL;
1275    byte *s = NULL;
1276    word32 r_len = keycomplen;
1277    word32 s_len = keycomplen;
1278
1279    input_digest = (mxq_u1 *)XMALLOC(keycomplen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1280    buff_rs = (mxq_u1 *)XMALLOC(keycomplen * 2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1281    buff_signature = (mxq_u1 *)XMALLOC(keycomplen * 2, NULL,
1282                                       DYNAMIC_TYPE_TMP_BUFFER);
1283
1284    if (input_digest == NULL || buff_rs == NULL || buff_signature == NULL) {
1285        XFREE(input_digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1286        XFREE(buff_rs, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1287        XFREE(buff_signature, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1288        return MEMORY_E;
1289    }
1290    r = &buff_rs[0];
1291    s = &buff_rs[keycomplen];
1292
1293    /* truncate input to match key size */
1294    if (data_size > keycomplen) {
1295        data_size = keycomplen;
1296    }
1297
1298    /* build input digest */
1299    XMEMSET(input_digest, 0, keycomplen);
1300    XMEMCPY(&input_digest[keycomplen - data_size], p_in, data_size);
1301
1302    /* extract r and s from signature */
1303    XMEMSET(buff_rs, 0, keycomplen * 2);
1304
1305    rc = wc_ecc_sig_to_rs(p_sign, sign_len, r, &r_len, s, &s_len);
1306    if (rc != 0) {
1307        XFREE(input_digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1308        XFREE(buff_rs, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1309        XFREE(buff_signature, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1310        WOLFSSL_ERROR_MSG("MAXQ: extracting r and s from signature failed");
1311        *result = 0;
1312        return rc;
1313    }
1314
1315    if ((r_len > keycomplen) || (s_len > keycomplen)) {
1316        XFREE(input_digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1317        XFREE(buff_rs, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1318        XFREE(buff_signature, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1319        WOLFSSL_ERROR_MSG("MAXQ: r and s corrupted");
1320        *result = 0;
1321        return BUFFER_E;
1322    }
1323
1324    /* prepare raw signature */
1325    XMEMSET(buff_signature, 0, keycomplen * 2);
1326
1327    /* add leading zeros if necessary */
1328    XMEMCPY(&buff_signature[keycomplen - r_len], r, r_len);
1329    XMEMCPY(&buff_signature[(keycomplen * 2) - s_len], s, s_len);
1330
1331    mxq_rc = MXQ_Verify(ALGO_ECDSA_PLAIN, key_id, input_digest,
1332                        keycomplen, buff_signature, keycomplen * 2);
1333
1334    XFREE(input_digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1335    XFREE(buff_rs, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1336    XFREE(buff_signature, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1337
1338    *result = (mxq_rc ? 0 : 1);
1339    return 0;
1340}
1341#endif /* MAXQ_ECC */
1342
1343#ifdef MAXQ_RNG
1344int maxq10xx_random(byte* output, unsigned short sz)
1345{
1346    if (output == NULL) {
1347        return BUFFER_E;
1348    }
1349
1350    #if defined(MAXQ10XX_MUTEX)
1351    int ret = maxq_CryptHwMutexTryLock();
1352    if (ret != 0) {
1353        WOLFSSL_ERROR_MSG("MAXQ: maxq10xx_random() lock could not be acquired");
1354        ret = NOT_COMPILED_IN;
1355        return ret;
1356    }
1357    #endif
1358
1359    if (MXQ_Get_Random_Ext(output, sz, 0)) {
1360        WOLFSSL_ERROR_MSG("MAXQ: MXQ_Get_Random_Ext() failed");
1361        wolfSSL_CryptHwMutexUnLock();
1362        return WC_HW_E;
1363    }
1364
1365    wolfSSL_CryptHwMutexUnLock();
1366    return 0;
1367}
1368#endif /* MAXQ_RNG */
1369
1370#if !defined(NO_AES) && defined(HAVE_AESGCM) && defined(MAXQ_AESGCM)
1371static int do_aesgcm(wc_CryptoInfo* info)
1372{
1373    int rc;
1374    if (info->cipher.enc) {
1375        if (info->cipher.aesgcm_enc.authTagSz > 16) {
1376            return CRYPTOCB_UNAVAILABLE;
1377        }
1378
1379        if (info->cipher.aesgcm_enc.sz == 0) {
1380            return CRYPTOCB_UNAVAILABLE;
1381        }
1382
1383        if (info->cipher.aesgcm_enc.ivSz != 12) {
1384            return CRYPTOCB_UNAVAILABLE;
1385        }
1386
1387        if (info->cipher.aesgcm_enc.aes->maxq_ctx.key_pending) {
1388            rc = aes_set_key(
1389                info->cipher.aesgcm_enc.aes,
1390                (const byte *)info->cipher.aesgcm_enc.aes->maxq_ctx.key,
1391                info->cipher.aesgcm_enc.aes->keylen);
1392            if (rc != 0) {
1393                return rc;
1394            }
1395        }
1396
1397        rc = wolfSSL_CryptHwMutexLock();
1398        if (rc != 0) {
1399            return rc;
1400        }
1401
1402        rc = maxq10xx_cipher_do(
1403            ALGO_CIPHER_AES_GCM,
1404            1,
1405            info->cipher.aesgcm_enc.aes->maxq_ctx.key_obj_id,
1406            (byte *)info->cipher.aesgcm_enc.in,
1407            (byte *)info->cipher.aesgcm_enc.out,
1408            info->cipher.aesgcm_enc.sz,
1409            (byte *)info->cipher.aesgcm_enc.iv,
1410            info->cipher.aesgcm_enc.ivSz,
1411            (byte *)info->cipher.aesgcm_enc.authIn,
1412            info->cipher.aesgcm_enc.authInSz,
1413            (byte *)info->cipher.aesgcm_enc.authTag,
1414            info->cipher.aesgcm_enc.authTagSz);
1415        if (rc != 0) {
1416            wolfSSL_CryptHwMutexUnLock();
1417            return rc;
1418        }
1419
1420        wolfSSL_CryptHwMutexUnLock();
1421    }
1422    else {
1423        if (info->cipher.aesgcm_dec.authTagSz != 16) {
1424            return CRYPTOCB_UNAVAILABLE;
1425        }
1426
1427        if (info->cipher.aesgcm_dec.sz == 0) {
1428            return CRYPTOCB_UNAVAILABLE;
1429        }
1430
1431        if (info->cipher.aesgcm_dec.ivSz != 12) {
1432            return CRYPTOCB_UNAVAILABLE;
1433        }
1434
1435        if (info->cipher.aesgcm_dec.aes->maxq_ctx.key_pending) {
1436            rc = aes_set_key(
1437                info->cipher.aesgcm_dec.aes,
1438                (const byte *)info->cipher.aesgcm_dec.aes->maxq_ctx.key,
1439                info->cipher.aesgcm_dec.aes->keylen);
1440            if (rc != 0) {
1441                return rc;
1442            }
1443        }
1444
1445        rc = wolfSSL_CryptHwMutexLock();
1446        if (rc != 0) {
1447            return rc;
1448        }
1449
1450        rc = maxq10xx_cipher_do(
1451            ALGO_CIPHER_AES_GCM,
1452            0,
1453            info->cipher.aesgcm_dec.aes->maxq_ctx.key_obj_id,
1454            (byte *)info->cipher.aesgcm_dec.in,
1455            (byte *)info->cipher.aesgcm_dec.out,
1456            info->cipher.aesgcm_dec.sz,
1457            (byte *)info->cipher.aesgcm_dec.iv,
1458            info->cipher.aesgcm_dec.ivSz,
1459            (byte *)info->cipher.aesgcm_dec.authIn,
1460            info->cipher.aesgcm_dec.authInSz,
1461            (byte *)info->cipher.aesgcm_dec.authTag,
1462            info->cipher.aesgcm_dec.authTagSz);
1463        if (rc != 0) {
1464            wolfSSL_CryptHwMutexUnLock();
1465            return rc;
1466        }
1467
1468        wolfSSL_CryptHwMutexUnLock();
1469    }
1470
1471    /* done */
1472    return 0;
1473}
1474#endif /* !NO_AES && HAVE_AESGCM && MAXQ_AESGCM */
1475
1476static int do_aescbc(wc_CryptoInfo* info)
1477{
1478    int rc;
1479    byte *out = info->cipher.aescbc.out;
1480    const byte *in = info->cipher.aescbc.in;
1481
1482    if (info->cipher.aescbc.sz == 0) {
1483        return CRYPTOCB_UNAVAILABLE;
1484     }
1485
1486    if (info->cipher.aescbc.aes->reg == NULL) {
1487        return CRYPTOCB_UNAVAILABLE;
1488    }
1489
1490    /* Cannot do in place decryption because we get the incoming IV and that
1491     * would already get over written. */
1492    if (in == out) {
1493        return CRYPTOCB_UNAVAILABLE;
1494    }
1495
1496    if (info->cipher.aescbc.aes->maxq_ctx.key_pending) {
1497        rc = aes_set_key(
1498            info->cipher.aescbc.aes,
1499            (const byte *)info->cipher.aescbc.aes->maxq_ctx.key,
1500            info->cipher.aescbc.aes->keylen);
1501        if (rc != 0) {
1502            return rc;
1503        }
1504    }
1505
1506    rc = wolfSSL_CryptHwMutexLock();
1507    if (rc != 0) {
1508        return rc;
1509    }
1510
1511    rc = maxq10xx_cipher_do(
1512        ALGO_CIPHER_AES_CBC,
1513        info->cipher.enc,
1514        info->cipher.aescbc.aes->maxq_ctx.key_obj_id,
1515        (byte *)info->cipher.aescbc.in,
1516        (byte *)info->cipher.aescbc.out,
1517        info->cipher.aescbc.sz,
1518        (byte *)info->cipher.aescbc.aes->reg, WC_AES_BLOCK_SIZE,
1519        NULL, 0,
1520        NULL, 0);
1521
1522    wolfSSL_CryptHwMutexUnLock();
1523
1524    /* Take the last 16 bytes and throw them into reg. Then it will be ready in
1525     * case Update() is called. For both encryption and decryption, we get it
1526     * from the ciphertext. (Note in and out usage) */
1527    if (info->cipher.enc) {
1528        XMEMCPY(info->cipher.aescbc.aes->reg,
1529               &out[info->cipher.aescbc.sz - WC_AES_BLOCK_SIZE],
1530               WC_AES_BLOCK_SIZE);
1531    }
1532    else {
1533        XMEMCPY(info->cipher.aescbc.aes->reg,
1534               &in[info->cipher.aescbc.sz - WC_AES_BLOCK_SIZE],
1535               WC_AES_BLOCK_SIZE);
1536    }
1537    /* done */
1538    return rc;
1539}
1540
1541#ifdef HAVE_AES_ECB
1542static int do_aesecb(wc_CryptoInfo* info)
1543{
1544    int rc;
1545
1546    if (info->cipher.aesecb.sz == 0) {
1547        return CRYPTOCB_UNAVAILABLE;
1548     }
1549
1550    if (info->cipher.aesecb.aes->reg == NULL) {
1551        return CRYPTOCB_UNAVAILABLE;
1552    }
1553
1554    if (info->cipher.aesecb.aes->maxq_ctx.key_pending) {
1555        rc = aes_set_key(
1556            info->cipher.aesecb.aes,
1557            (const byte *)info->cipher.aesecb.aes->maxq_ctx.key,
1558            info->cipher.aesecb.aes->keylen);
1559        if (rc != 0) {
1560            return rc;
1561        }
1562    }
1563
1564    rc = wolfSSL_CryptHwMutexLock();
1565    if (rc != 0) {
1566        return rc;
1567    }
1568
1569    rc = maxq10xx_cipher_do(
1570        ALGO_CIPHER_AES_ECB,
1571        info->cipher.enc,
1572        info->cipher.aesecb.aes->maxq_ctx.key_obj_id,
1573        (byte *)info->cipher.aesecb.in,
1574        (byte *)info->cipher.aesecb.out,
1575        info->cipher.aesecb.sz,
1576        NULL, 0,
1577        NULL, 0,
1578        NULL, 0);
1579
1580    wolfSSL_CryptHwMutexUnLock();
1581
1582    /* done */
1583    return rc;
1584}
1585#endif /* HAVE_AES_ECB */
1586
1587#ifdef HAVE_AESCCM
1588static int do_aesccm(wc_CryptoInfo* info)
1589{
1590    int rc;
1591    wc_CryptoCb_AesAuthEnc *aesccm = (info->cipher.enc) ?
1592        (wc_CryptoCb_AesAuthEnc*)&info->cipher.aesccm_enc :
1593        /* dec->enc cast is okay */
1594        (wc_CryptoCb_AesAuthEnc*)&info->cipher.aesccm_dec;
1595
1596    if (aesccm->sz == 0) {
1597        return CRYPTOCB_UNAVAILABLE;
1598     }
1599
1600    if (aesccm->aes->reg == NULL) {
1601        return CRYPTOCB_UNAVAILABLE;
1602    }
1603
1604    /* Cannot do in place decryption because we get the incoming IV and that
1605     * would already get over written. */
1606    if (aesccm->in == aesccm->out) {
1607        return CRYPTOCB_UNAVAILABLE;
1608    }
1609
1610    if (aesccm->aes->maxq_ctx.key_pending) {
1611        rc = aes_set_key(
1612            aesccm->aes,
1613            (const byte *)aesccm->aes->maxq_ctx.key,
1614            aesccm->aes->keylen);
1615        if (rc != 0) {
1616            return rc;
1617        }
1618    }
1619
1620    rc = wolfSSL_CryptHwMutexLock();
1621    if (rc != 0) {
1622        return rc;
1623    }
1624
1625    rc = maxq10xx_cipher_do(
1626        ALGO_CIPHER_AES_CCM,
1627        info->cipher.enc,
1628        aesccm->aes->maxq_ctx.key_obj_id,
1629        (byte *)aesccm->in,
1630        (byte *)aesccm->out,
1631        aesccm->sz,
1632        (byte *)aesccm->nonce, aesccm->nonceSz,
1633        (byte *)aesccm->authIn, aesccm->authInSz,
1634        (byte *)aesccm->authTag, aesccm->authTagSz);
1635
1636    wolfSSL_CryptHwMutexUnLock();
1637
1638    /* done */
1639    return rc;
1640}
1641#endif /* HAVE_AESCCM */
1642
1643#if !defined(NO_SHA) && !defined(NO_SHA256) && defined(MAXQ_SHA256)
1644static int do_sha256(wc_CryptoInfo* info)
1645{
1646    int rc;
1647    if (info->hash.sha256->maxq_ctx.soft_hash) {
1648        return CRYPTOCB_UNAVAILABLE;
1649    }
1650
1651    if ((info->hash.in == NULL) && (info->hash.digest == NULL)) {
1652        return WC_HW_E;
1653    }
1654
1655    #if defined(MAXQ10XX_MUTEX)
1656    if (info->hash.sha256->maxq_ctx.hash_running == 0) {
1657        rc = maxq_CryptHwMutexTryLock();
1658        if (rc != 0) {
1659            info->hash.sha256->maxq_ctx.soft_hash = 1;
1660            return CRYPTOCB_UNAVAILABLE;
1661        }
1662    }
1663    #endif
1664
1665    if (info->hash.in != NULL) {
1666        /* wc_Sha256Update */
1667        if ((info->hash.sha256->maxq_ctx.hash_running == 0) &&
1668                (info->hash.inSz == 0)) {
1669            info->hash.sha256->maxq_ctx.soft_hash = 1;
1670            wolfSSL_CryptHwMutexUnLock();
1671            return CRYPTOCB_UNAVAILABLE;
1672        }
1673
1674        rc = maxq10xx_hash_update_sha256(info->hash.in, info->hash.inSz,
1675                    info->hash.sha256->maxq_ctx.hash_running);
1676        if (rc != 0) {
1677            info->hash.sha256->maxq_ctx.hash_running = 0;
1678            wolfSSL_CryptHwMutexUnLock();
1679            return rc;
1680        }
1681
1682        info->hash.sha256->maxq_ctx.hash_running = 1;
1683
1684        /* save soft hash context in case of wc_Sha256Copy */
1685        return CRYPTOCB_UNAVAILABLE;
1686    }
1687    else if (info->hash.digest != NULL) {
1688        /* wc_Sha256Final */
1689        if (info->hash.sha256->maxq_ctx.hash_running == 0) {
1690            info->hash.sha256->maxq_ctx.soft_hash = 1;
1691            wolfSSL_CryptHwMutexUnLock();
1692            return CRYPTOCB_UNAVAILABLE;
1693        }
1694
1695        rc = maxq10xx_hash_finish_sha256(info->hash.digest);
1696        if (rc != 0) {
1697            info->hash.sha256->maxq_ctx.hash_running = 0;
1698            wolfSSL_CryptHwMutexUnLock();
1699            return rc;
1700        }
1701
1702        info->hash.sha256->maxq_ctx.hash_running = 0;
1703        wolfSSL_CryptHwMutexUnLock();
1704        /* done */
1705        rc = 0;
1706    }
1707    return rc;
1708}
1709#endif /* !NO_SHA && !NO_SHA256 && MAXQ_SHA256 */
1710
1711int wolfSSL_MAXQ10XX_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
1712{
1713    int rc = CRYPTOCB_UNAVAILABLE;
1714    (void)devId;
1715    (void)ctx;
1716
1717    /* In the case of MAXQ1065, this callback is always enabled. */
1718#if defined(WOLFSSL_MAXQ108X)
1719    if (!tls13active)
1720        return CRYPTOCB_UNAVAILABLE;
1721#endif
1722
1723    if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
1724#if !defined(NO_AES) || !defined(NO_DES3)
1725    #if defined(HAVE_AESGCM) && defined(MAXQ_AESGCM)
1726        if (info->cipher.type == WC_CIPHER_AES_GCM) {
1727            rc = do_aesgcm(info);
1728        }
1729    #endif /* HAVE_AESGCM && MAXQ_AESGCM */
1730    #ifdef HAVE_AES_CBC
1731        if (info->cipher.type == WC_CIPHER_AES_CBC) {
1732            rc = do_aescbc(info);
1733        }
1734    #endif /* HAVE_AES_CBC */
1735    #ifdef HAVE_AESCCM
1736        if (info->cipher.type == WC_CIPHER_AES_CCM) {
1737            rc = do_aesccm(info);
1738        }
1739    #endif /* HAVE_AESCCM */
1740    #ifdef HAVE_AES_ECB
1741        if (info->cipher.type == WC_CIPHER_AES_ECB) {
1742            rc = do_aesecb(info);
1743        }
1744    #endif /* HAVE_AES_ECB */
1745#endif /* !NO_AES || !NO_DES3 */
1746    }
1747#if !defined(NO_SHA) || !defined(NO_SHA256)
1748    else if (info->algo_type == WC_ALGO_TYPE_HASH) {
1749    #if !defined(NO_SHA) && defined(MAXQ_SHA1)
1750        if (info->hash.type == WC_HASH_TYPE_SHA) {
1751            /* TODO */
1752            return CRYPTOCB_UNAVAILABLE;
1753        }
1754        else
1755    #endif /* !NO_SHA && MAXQ_SHA1 */
1756    #if !defined(NO_SHA256) && defined(MAXQ_SHA256)
1757        if (info->hash.type == WC_HASH_TYPE_SHA256) {
1758            rc = do_sha256(info);
1759        }
1760    #endif /* !NO_SHA256 && MAXQ_SHA256 */
1761    }
1762#endif /* !NO_SHA || !NO_SHA256 */
1763#if !defined(WC_NO_RNG) && defined(MAXQ_RNG)
1764    else if (info->algo_type == WC_ALGO_TYPE_SEED) {
1765        rc = maxq10xx_random(info->seed.seed, info->seed.sz);
1766    }
1767    else if (info->algo_type == WC_ALGO_TYPE_RNG) {
1768        rc = maxq10xx_random(info->rng.out, info->rng.sz);
1769    }
1770#endif /* !WC_NO_RNG && MAXQ_RNG */
1771    else if (info->algo_type == WC_ALGO_TYPE_PK) {
1772    #if defined(HAVE_ECC) && defined(MAXQ_ECC)
1773        if (info->pk.type == WC_PK_TYPE_EC_KEYGEN) {
1774            if (info->pk.eckg.key->maxq_ctx.hw_ecc == -1) {
1775                return CRYPTOCB_UNAVAILABLE;
1776            }
1777
1778            rc = ecc_gen_key(info->pk.eckg.key, info->pk.eckg.key->dp->size);
1779            if (rc != 0) {
1780                return rc;
1781            }
1782        }
1783        else if (info->pk.type == WC_PK_TYPE_ECDH) {
1784            rc = ecc_establish(info->pk.ecdh.private_key,
1785                               info->pk.ecdh.public_key,
1786                               info->pk.ecdh.out, info->pk.ecdh.outlen);
1787            if (rc != 0) {
1788                return rc;
1789            }
1790        }
1791        else if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
1792            if (info->pk.eccsign.key->maxq_ctx.hw_ecc == 0) {
1793                rc = wc_MAXQ10XX_EccSetKey(info->pk.eccsign.key,
1794                                           info->pk.eccsign.key->dp->size);
1795                if (rc != 0) {
1796                    return rc;
1797                }
1798            }
1799
1800            if (info->pk.eccsign.key->maxq_ctx.hw_ecc == -1) {
1801                return CRYPTOCB_UNAVAILABLE;
1802            }
1803
1804#if defined(WOLFSSL_MAXQ108X)
1805            /* This is not done for MAXQ1065 because we want to use the pre-
1806             * provisioned key in the case of PKCS11. */
1807            if (info->pk.eccsign.key->maxq_ctx.key_pending) {
1808                rc = ecc_set_key(info->pk.eccsign.key,
1809                                 info->pk.eccsign.key->maxq_ctx.ecc_key,
1810                                 info->pk.eccsign.key->dp->size, 0);
1811                if (rc != 0) {
1812                    return rc;
1813                }
1814            }
1815#endif
1816
1817            rc = wolfSSL_CryptHwMutexLock();
1818            if (rc != 0) {
1819                return rc;
1820            }
1821
1822            /* Note that we are using the DEVICE_KEY_PAIR_OBJ_ID; its the pre-
1823             * provisioned key in the case of MAXQ1065. */
1824            rc = maxq10xx_ecc_sign_local(
1825#if defined(WOLFSSL_MAXQ108X)
1826                     info->pk.eccsign.key->maxq_ctx.key_obj_id,
1827#else
1828                     DEVICE_KEY_PAIR_OBJ_ID,
1829#endif
1830                     (byte *)info->pk.eccsign.in, info->pk.eccsign.inlen,
1831                     info->pk.eccsign.out, info->pk.eccsign.outlen,
1832                     info->pk.eccsign.key->dp->size);
1833
1834            if (rc != 0) {
1835                wolfSSL_CryptHwMutexUnLock();
1836                return rc;
1837            }
1838
1839            wolfSSL_CryptHwMutexUnLock();
1840            /* done */
1841            rc = 0;
1842        }
1843        else if (info->pk.type == WC_PK_TYPE_ECDSA_VERIFY) {
1844            if (info->pk.eccverify.key->type == ECC_PRIVATEKEY_ONLY) {
1845                return CRYPTOCB_UNAVAILABLE;
1846            }
1847
1848            if (info->pk.eccverify.key->maxq_ctx.hw_ecc == 0) {
1849                rc = wc_MAXQ10XX_EccSetKey(info->pk.eccverify.key,
1850                                           info->pk.eccverify.key->dp->size);
1851                if (rc != 0) {
1852                    return rc;
1853                }
1854            }
1855
1856            if (info->pk.eccverify.key->maxq_ctx.hw_ecc == -1) {
1857                return CRYPTOCB_UNAVAILABLE;
1858            }
1859
1860            if (info->pk.eccverify.key->maxq_ctx.key_pending) {
1861                rc = ecc_set_key(info->pk.eccverify.key,
1862                                 info->pk.eccverify.key->maxq_ctx.ecc_key,
1863                                 info->pk.eccverify.key->dp->size, 0);
1864                if (rc != 0) {
1865                    return rc;
1866                }
1867            }
1868
1869            rc = wolfSSL_CryptHwMutexLock();
1870            if (rc != 0) {
1871                return rc;
1872            }
1873
1874            rc =
1875                maxq10xx_ecc_verify_local(
1876                    info->pk.eccverify.key->maxq_ctx.key_obj_id,
1877                    (byte *)info->pk.eccverify.hash,
1878                    info->pk.eccverify.hashlen,
1879                    (byte *)info->pk.eccverify.sig,
1880                    info->pk.eccverify.siglen,
1881                    info->pk.eccverify.res,
1882                    info->pk.eccverify.key->dp->size);
1883
1884            wolfSSL_CryptHwMutexUnLock();
1885
1886            if (rc != 0) {
1887                return rc;
1888            }
1889
1890            /* Success */
1891            rc = 0;
1892        }
1893    #endif /* HAVE_ECC && MAXQ_ECC */
1894    }
1895#ifdef WOLFSSL_MAXQ108X
1896    else if (info->algo_type == WC_ALGO_TYPE_HMAC) {
1897        if (info->hmac.in != NULL && info->hmac.digest == NULL) {
1898            rc = 0;
1899            if (mac_comp_active == 0) {
1900                rc = wc_MAXQ10XX_HmacSetKey(info->hmac.macType);
1901            }
1902            if (rc == 0) {
1903                rc = wc_MAXQ10XX_HmacUpdate(info->hmac.in, info->hmac.inSz);
1904            }
1905        }
1906        else if (info->hmac.in == NULL && info->hmac.digest != NULL) {
1907            rc = wc_MAXQ10XX_HmacFinal(info->hmac.digest);
1908        }
1909        else {
1910            rc = BAD_FUNC_ARG;
1911        }
1912    }
1913#endif /* WOLFSSL_MAXQ108X */
1914
1915    if (rc != 0 && rc != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
1916        rc = WC_HW_E;
1917    }
1918
1919    return rc;
1920}
1921
1922static int wolfSSL_Soft_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
1923{
1924    (void)devId;
1925    (void)info;
1926    (void)ctx;
1927
1928    return CRYPTOCB_UNAVAILABLE;
1929}
1930#endif /* WOLF_CRYPTO_CB */
1931
1932#ifdef WOLFSSL_MAXQ10XX_TLS
1933#ifdef WOLFSSL_MAXQ108X
1934static int calculate_modulus_offset(const unsigned char * cert_data, int offset)
1935{
1936    int i;
1937    int l_offset = offset;
1938    for (i = 0; i < 2; i++) {
1939        if ((cert_data[l_offset]) & 0x80) {
1940            if ((cert_data[l_offset] & 0x7f) == 1) {
1941                l_offset += 3;
1942            }
1943            if ((cert_data[l_offset] & 0x7f) == 2) {
1944                l_offset += 4;
1945            }
1946        }
1947        else {
1948            l_offset += 2;
1949        }
1950    }
1951    return l_offset;
1952}
1953
1954static int maxq_curve_wolfssl_id2mxq_id(word32 curve_id, mxq_length *keycomplen)
1955{
1956    switch (curve_id) {
1957    case ECC_SECP256R1_OID:
1958        *keycomplen = 32;
1959        return MXQ_KEYPARAM_EC_P256R1;
1960    case ECC_SECP384R1_OID:
1961        *keycomplen = 48;
1962        return MXQ_KEYPARAM_EC_P384R1;
1963    case ECC_SECP521R1_OID:
1964        *keycomplen = 66;
1965        return MXQ_KEYPARAM_EC_P521R1;
1966    case ECC_BRAINPOOLP256R1_OID:
1967        *keycomplen = 32;
1968        return MXQ_KEYPARAM_EC_BP256R1;
1969    case ECC_BRAINPOOLP384R1_OID:
1970        *keycomplen = 48;
1971        return MXQ_KEYPARAM_EC_BP384R1;
1972    case ECC_BRAINPOOLP512R1_OID:
1973        *keycomplen = 64;
1974        return MXQ_KEYPARAM_EC_BP512R1;
1975    default:
1976        return MXQ_UNKNOWN_CURVE;
1977    }
1978}
1979
1980static int mxq_get_sign_alg_from_sig_oid(word32 maxq_id) {
1981
1982    switch (maxq_id) {
1983    case CTC_SHA256wECDSA:
1984        return ALGO_ECDSA_SHA_256;
1985    case CTC_SHA384wECDSA:
1986        return ALGO_ECDSA_SHA_384;
1987    case CTC_SHA512wECDSA:
1988        return ALGO_ECDSA_SHA_512;
1989    case CTC_SHA256wRSA:
1990        return ALGO_RSASSAPSSPKCS1_V1_5_SHA256;
1991    case CTC_SHA384wRSA:
1992        return ALGO_RSASSAPSSPKCS1_V1_5_SHA384;
1993    case CTC_SHA512wRSA:
1994        return ALGO_RSASSAPSSPKCS1_V1_5_SHA512;
1995    default:
1996        return ALGO_INVALID;
1997    }
1998}
1999#endif /* WOLFSSL_MAXQ108X */
2000
2001/* TODO: Get rid of publicKeyIndex. Pass in the information it is parsing.
2002 *       Then Improve this to pass in the parts of decoded cert it needs.
2003 */
2004static int maxq10xx_process_server_certificate(WOLFSSL* ssl,
2005                                               DecodedCert* p_cert)
2006{
2007    mxq_keytype_id_t key_type = MXQ_KEYTYPE_ECC;
2008    mxq_keyparam_id_t keyparam = MXQ_KEYPARAM_EC_P256R1;
2009    mxq_length totalkeylen;
2010    mxq_algo_id_t sign_algo = ALGO_ECDSA_SHA_256;
2011    int pk_offset = p_cert->publicKeyIndex;
2012    mxq_length keycomplen = ECC_KEYCOMPLEN;
2013    int rc;
2014    mxq_err_t mxq_rc;
2015    mxq_u1 certdata[MAX_CERT_DATASIZE];
2016    mxq_length certdatalen = sizeof(certdata);
2017    (void)ssl;
2018#if defined(WOLFSSL_MAXQ1065)
2019
2020    if (p_cert->signatureOID != CTC_SHA256wECDSA) {
2021        WOLFSSL_MSG("MAXQ: signature algo not supported");
2022        return NOT_COMPILED_IN;
2023    }
2024
2025    if (p_cert->keyOID != ECDSAk) {
2026        WOLFSSL_MSG("MAXQ: key algo not supported");
2027        return NOT_COMPILED_IN;
2028    }
2029
2030    if (p_cert->pkCurveOID != ECC_SECP256R1_OID) {
2031        WOLFSSL_MSG("MAXQ: key curve not supported");
2032        return NOT_COMPILED_IN;
2033    }
2034
2035    totalkeylen = keycomplen * 2;
2036
2037#elif defined(WOLFSSL_MAXQ108X)
2038
2039    if (p_cert->keyOID == ECDSAk )
2040    {
2041        keyparam = maxq_curve_wolfssl_id2mxq_id(p_cert->pkCurveOID,
2042                                                &keycomplen);
2043        if (keyparam == MXQ_UNKNOWN_CURVE) {
2044            WOLFSSL_MSG("MAXQ: key curve not supported");
2045            return NOT_COMPILED_IN;
2046        }
2047        totalkeylen = keycomplen * 2;
2048    }
2049    else if (p_cert->keyOID == RSAk) {
2050        pk_offset = calculate_modulus_offset(p_cert->source,
2051                                             p_cert->publicKeyIndex+1);
2052        keycomplen = ((p_cert->source[pk_offset-2] << 8) |
2053                      p_cert->source[pk_offset-1]);
2054
2055        /* Is there a more elegant way for checking pub key??? */
2056        if (p_cert->publicKey[p_cert->pubKeySize-1] == 0x03 &&
2057            p_cert->publicKey[p_cert->pubKeySize-2] == 0x01) {
2058            keyparam = MXQ_KEYPARAM_RSA_PUB3;
2059        }
2060        else if (p_cert->publicKey[p_cert->pubKeySize-1] == 0x01 &&
2061                 p_cert->publicKey[p_cert->pubKeySize-2] == 0x00 &&
2062                 p_cert->publicKey[p_cert->pubKeySize-3] == 0x01 &&
2063                 p_cert->publicKey[p_cert->pubKeySize-4] == 0x03) {
2064            keyparam = MXQ_KEYPARAM_RSA_PUB65537;
2065        }
2066        else {
2067            WOLFSSL_MSG("MAXQ: RSA public key not supported");
2068            return NOT_COMPILED_IN;
2069        }
2070        key_type = MXQ_KEYTYPE_RSA;
2071        totalkeylen = keycomplen;
2072
2073    }
2074    else {
2075        WOLFSSL_MSG("MAXQ: key algo not supported");
2076        return NOT_COMPILED_IN;
2077    }
2078
2079    tls13_server_key_algo = p_cert->keyOID;
2080    tls13_server_key_len = keycomplen;
2081    sign_algo = mxq_get_sign_alg_from_sig_oid(p_cert->signatureOID);
2082
2083    if (sign_algo == ALGO_INVALID) {
2084        WOLFSSL_MSG("MAXQ: signature algo not supported");
2085        return NOT_COMPILED_IN;
2086    }
2087#endif
2088
2089    rc = wolfSSL_CryptHwMutexLock();
2090    if (rc != 0) {
2091        return rc;
2092    }
2093
2094    mxq_rc = MXQ_Build_EC_Cert(certdata, &certdatalen, key_type, keyparam,
2095                               keycomplen, totalkeylen, pk_offset,
2096                               p_cert->certBegin,
2097                               (p_cert->sigIndex - p_cert->certBegin),
2098                               p_cert->maxIdx, sign_algo, ROOT_CA_CERT_OBJ_ID,
2099                               MXQ_KEYUSE_VERIFY_KEY_CERT, ALGO_ECDSA_SHA_any,
2100                               MXQ_KEYUSE_DATASIGNATURE, ALGO_ECDSA_SHA_any,
2101                               (mxq_u1 *)p_cert->source);
2102    if (mxq_rc) {
2103        WOLFSSL_ERROR_MSG("MAXQ: MXQ_Build_EC_Cert() failed");
2104        wolfSSL_CryptHwMutexUnLock();
2105        return WC_HW_E;
2106    }
2107
2108#if defined(WOLFSSL_MAXQ108X)
2109    if (tls13_server_cert_id == -1) {
2110        tls13_server_cert_id = alloc_temp_key_id();
2111        if (tls13_server_cert_id == -1) {
2112            WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
2113            wolfSSL_CryptHwMutexUnLock();
2114            return WC_HW_E;
2115        }
2116    }
2117
2118    /* temporary certificate stored in object id cert_id */
2119    mxq_rc = MXQ_ImportChildCert(tls13_server_cert_id, certdata, certdatalen);
2120#else
2121    /* temporary certificate stored in object id 0 */
2122    mxq_rc = MXQ_ImportChildCert(0, certdata, certdatalen);
2123#endif
2124
2125    if (mxq_rc) {
2126        WOLFSSL_ERROR_MSG("MAXQ: MXQ_ImportChildCert() failed");
2127        wolfSSL_CryptHwMutexUnLock();
2128        return WC_HW_E;
2129    }
2130
2131    wolfSSL_CryptHwMutexUnLock();
2132    return 0;
2133}
2134
2135static int maxq10xx_process_server_sig_kex(WOLFSSL* ssl, byte p_sig_algo,
2136               const byte* p_sig, word32 p_sig_len,
2137               const byte* p_rand, word32 p_rand_len,
2138               const byte* p_server_params, word32 p_server_params_len)
2139{
2140    int rc;
2141    mxq_err_t mxq_rc;
2142    if (ssl->specs.kea != ecc_diffie_hellman_kea) {
2143        WOLFSSL_MSG("MAXQ: key exchange algo not supported");
2144        return NOT_COMPILED_IN;
2145    }
2146
2147    if (ssl->ecdhCurveOID != ECC_SECP256R1_OID) {
2148        WOLFSSL_MSG("MAXQ: key curve not supported");
2149        return NOT_COMPILED_IN;
2150    }
2151
2152    if (p_sig_algo != ecc_dsa_sa_algo) {
2153        WOLFSSL_MSG("MAXQ: signature algo not supported");
2154        return NOT_COMPILED_IN;
2155    }
2156
2157    rc = wolfSSL_CryptHwMutexLock();
2158    if (rc != 0) {
2159        return rc;
2160    }
2161
2162    /* NOTE: this function also does verification of the signature as well! */
2163    mxq_rc = MXQ_SetECDHEKey(ALGO_ECDSA_SHA_256, MXQ_KEYPARAM_EC_P256R1, 0,
2164                             (mxq_u1 *)p_rand, p_rand_len,
2165                             (mxq_u1 *)p_server_params, p_server_params_len,
2166                             (mxq_u1 *)p_sig, p_sig_len);
2167    if (mxq_rc) {
2168        WOLFSSL_ERROR_MSG("MAXQ: MXQ_SetECDHEKey() failed");
2169        wolfSSL_CryptHwMutexUnLock();
2170        return WC_HW_E;
2171    }
2172
2173    wolfSSL_CryptHwMutexUnLock();
2174    return 0;
2175}
2176
2177static int maxq10xx_gen_tls_master_secret(WOLFSSL* ssl, void *ctx)
2178{
2179    int rc;
2180    mxq_err_t mxq_rc;
2181    mxq_secret_context_api_t secret_conf;
2182    mxq_u1 tls_rand[SEED_LEN];
2183    (void)ctx;
2184
2185    if ((ssl->specs.kea != ecc_diffie_hellman_kea) &&
2186        (ssl->specs.kea != psk_kea)) {
2187        WOLFSSL_MSG("MAXQ: key exchange algo not supported");
2188        return NOT_COMPILED_IN;
2189    }
2190
2191    if (ssl->specs.kea == ecc_diffie_hellman_kea) {
2192        if ((ssl->hsKey == NULL ) ||
2193            (((ecc_key*)ssl->hsKey)->maxq_ctx.hw_storage == 0)) {
2194            return NOT_COMPILED_IN;
2195        }
2196    }
2197
2198    XMEMCPY(tls_rand, ssl->arrays->clientRandom, RAN_LEN);
2199    XMEMCPY(&tls_rand[RAN_LEN], ssl->arrays->serverRandom, RAN_LEN);
2200
2201    XMEMSET(&secret_conf, 0 ,sizeof(secret_conf));
2202    secret_conf.pass = 0;
2203    secret_conf.CSID = ssl->options.cipherSuite |
2204                       (ssl->options.cipherSuite0 << 8);
2205    secret_conf.Random = tls_rand;
2206    secret_conf.Random_size = SEED_LEN;
2207    secret_conf.is_session_key_secret = 1;
2208    if (ssl->specs.kea == psk_kea) {
2209        secret_conf.PSK_info.psk_id = PSK_OBJ_ID;
2210    }
2211
2212    rc = wolfSSL_CryptHwMutexLock();
2213    if (rc != 0) {
2214        return rc;
2215    }
2216
2217    mxq_rc = MXQ_Perform_Key_Exchange(&secret_conf);
2218    if (mxq_rc) {
2219        WOLFSSL_ERROR_MSG("MAXQ: MXQ_Perform_Key_Exchange() failed");
2220        wolfSSL_CryptHwMutexUnLock();
2221        return WC_HW_E;
2222    }
2223
2224    ssl->maxq_ctx.use_hw_keys = 1;
2225    wolfSSL_CryptHwMutexUnLock();
2226
2227#ifdef MAXQ_EXPORT_TLS_KEYS
2228    rc = StoreKeys(ssl, secret_conf.PSK_info.psk_key_bloc,
2229                   PROVISION_CLIENT_SERVER);
2230    if (rc != 0) {
2231        WOLFSSL_ERROR_MSG("MAXQ: StoreKeys() failed");
2232        return rc;
2233    }
2234#endif
2235
2236    return 0;
2237}
2238
2239static int maxq10xx_perform_client_finished(WOLFSSL* ssl, const byte* p_label,
2240               const byte* p_seed, word32 seedSz, byte* p_dest, void* ctx)
2241{
2242    int rc;
2243    mxq_err_t mxq_rc;
2244    (void)ssl;
2245    (void)ctx;
2246
2247    rc = wolfSSL_CryptHwMutexLock();
2248    if (rc != 0) {
2249        return rc;
2250    }
2251
2252    mxq_rc = MXQ_tls_prf_sha_256(0, p_label, FINISHED_LABEL_SZ,
2253                                 p_seed, seedSz,
2254                                 p_dest, TLS_FINISHED_SZ);
2255    if (mxq_rc) {
2256        WOLFSSL_ERROR_MSG("MAXQ: MXQ_tls_prf_sha_256() failed");
2257        wolfSSL_CryptHwMutexUnLock();
2258        return WC_HW_E;
2259    }
2260
2261    wolfSSL_CryptHwMutexUnLock();
2262    return 0;
2263}
2264
2265static int maxq10xx_perform_tls12_record_processing(WOLFSSL* ssl,
2266               int is_encrypt,
2267               byte* out, const byte* in, word32 sz,
2268               const byte* iv, word32 ivSz,
2269               byte* authTag, word32 authTagSz,
2270               const byte* authIn, word32 authInSz)
2271{
2272    int rc;
2273    mxq_err_t mxq_rc;
2274    mxq_u2 key_id = (is_encrypt == 1) ? 1 : 0;
2275    mxq_algo_id_t algo_id = 0;
2276
2277    if (! ssl->maxq_ctx.use_hw_keys) {
2278        return NOT_COMPILED_IN;
2279    }
2280
2281    if ((ssl->specs.bulk_cipher_algorithm != wolfssl_aes_gcm) &&
2282            (ssl->specs.bulk_cipher_algorithm != wolfssl_aes_ccm)) {
2283        WOLFSSL_MSG("MAXQ: tls record cipher algo not supported");
2284        return NOT_COMPILED_IN;
2285    }
2286
2287    if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
2288        algo_id = ALGO_CIPHER_AES_GCM;
2289    }
2290    else if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm) {
2291        algo_id = ALGO_CIPHER_AES_CCM;
2292    }
2293
2294    rc = wolfSSL_CryptHwMutexLock();
2295    if (rc != 0) {
2296        return rc;
2297    }
2298
2299    mxq_rc = maxq10xx_cipher_do(algo_id, is_encrypt, key_id, (mxq_u1 *)in,
2300                                out, sz, (mxq_u1 *)iv, ivSz,
2301                                (mxq_u1 *)authIn, authInSz, authTag, authTagSz);
2302    if (mxq_rc) {
2303        WOLFSSL_ERROR_MSG("MAXQ: maxq10xx_cipher_do() failed");
2304        wolfSSL_CryptHwMutexUnLock();
2305        return WC_HW_E;
2306    }
2307
2308    wolfSSL_CryptHwMutexUnLock();
2309    return 0;
2310}
2311
2312static int maxq10xx_read_device_cert_der(byte* p_dest_buff, word32* p_len)
2313{
2314    int rc;
2315    mxq_err_t mxq_rc;
2316    word32 cert_size = 0;
2317
2318#if defined(WOLFSSL_MAXQ108X)
2319    DecodedCert decoded;
2320    mxq_keyparam_id_t keyparam = MXQ_KEYPARAM_EC_P256R1;
2321    int pk_offset = 0;
2322#endif
2323
2324    WOLFSSL_ENTER("maxq10xx_read_device_cert_der");
2325    if (!p_dest_buff || !p_len) {
2326        return BAD_FUNC_ARG;
2327    }
2328
2329    if (*p_len < 1024) {
2330        WOLFSSL_ERROR_MSG("MAXQ: insufficient buffer length");
2331        return BAD_FUNC_ARG;
2332    }
2333
2334    rc = wolfSSL_CryptHwMutexLock();
2335    if (rc != 0) {
2336        return rc;
2337    }
2338
2339    mxq_rc = MXQ_ReadObject(DEVICE_CERT_OBJ_ID, 24, p_dest_buff, p_len);
2340    if (mxq_rc) {
2341        WOLFSSL_ERROR_MSG("MAXQ: MXQ_ReadObject() failed");
2342        wolfSSL_CryptHwMutexUnLock();
2343        return WC_HW_E;
2344    }
2345    wolfSSL_CryptHwMutexUnLock();
2346
2347#if defined(WOLFSSL_MAXQ108X)
2348    wc_InitDecodedCert(&decoded, p_dest_buff, *p_len, NULL);
2349    wc_ParseCert(&decoded, CERT_TYPE, NO_VERIFY, NULL);
2350    pk_offset = decoded.publicKeyIndex;
2351    if (decoded.keyOID == ECDSAk ) {
2352        keyparam = maxq_curve_wolfssl_id2mxq_id(decoded.pkCurveOID,
2353                       (unsigned int *)&device_key_len);
2354        if (keyparam == MXQ_UNKNOWN_CURVE) {
2355            WOLFSSL_MSG("MAXQ: key curve not supported");
2356            return NOT_COMPILED_IN;
2357        }
2358    }
2359    else if (decoded.keyOID == RSAk) {
2360        pk_offset = calculate_modulus_offset(decoded.source,
2361                                             decoded.publicKeyIndex+1);
2362        device_key_len = ((decoded.source[pk_offset-2] << 8) |
2363                          decoded.source[pk_offset-1]);
2364    }
2365#endif
2366
2367    cert_size = (p_dest_buff[2] << 8) + p_dest_buff[3] + 4;
2368    if (*p_len < cert_size) {
2369        return BUFFER_E;
2370    }
2371    *p_len = cert_size;
2372    return 0;
2373}
2374
2375#if defined(WOLFSSL_MAXQ10XX_TLS)
2376int wolfSSL_maxq10xx_load_certificate(WOLFSSL *ssl) {
2377    DerBuffer* maxq_der = NULL;
2378    int ret = 0;
2379
2380    ret = AllocDer(&maxq_der, FILE_BUFFER_SIZE, CERT_TYPE, ssl->heap);
2381    if (ret != 0) {
2382        return ret;
2383    }
2384
2385    ret = maxq10xx_read_device_cert_der(maxq_der->buffer,
2386                                        &maxq_der->length);
2387    if (ret != 0) {
2388        return ret;
2389    }
2390
2391    ssl->maxq_ctx.device_cert = maxq_der;
2392
2393    if (ssl->buffers.weOwnCert) {
2394        FreeDer(&ssl->buffers.certificate);
2395    }
2396
2397    ssl->buffers.certificate = maxq_der;
2398    ssl->buffers.weOwnCert = 1;
2399    return WOLFSSL_SUCCESS;
2400}
2401#endif /* WOLFSSL_MAXQ10XX_TLS */
2402
2403static int maxq10xx_ecc_sign(WOLFSSL* ssl,
2404               const unsigned char* p_in, unsigned int p_in_len,
2405               unsigned char* p_out, word32* p_out_len,
2406               const unsigned char* keyDer, unsigned int keySz, void* ctx)
2407{
2408    int rc;
2409    (void)ssl;
2410    (void)keyDer;
2411    (void)keySz;
2412    (void)ctx;
2413
2414    rc = wolfSSL_CryptHwMutexLock();
2415    if (rc != 0) {
2416        return rc;
2417    }
2418
2419    rc = maxq10xx_ecc_sign_local(DEVICE_KEY_PAIR_OBJ_ID, (byte *)p_in, p_in_len,
2420                                 p_out, p_out_len, device_key_len);
2421
2422    wolfSSL_CryptHwMutexUnLock();
2423    if (rc) {
2424        WOLFSSL_ERROR_MSG("MAXQ: maxq10xx_ecc_sign() failed");
2425        return rc;
2426    }
2427
2428    return 0;
2429}
2430#endif /* WOLFSSL_MAXQ10XX_TLS */
2431
2432int maxq10xx_port_init(void)
2433{
2434    int ret = 0;
2435    mxq_err_t mxq_rc;
2436
2437    #ifdef WOLF_CRYPTO_CB
2438    ret = wc_CryptoCb_RegisterDevice(0, wolfSSL_Soft_CryptoDevCb, NULL);
2439    if (ret != 0) {
2440        WOLFSSL_ERROR_MSG("MAXQ: wolfSSL_Soft_CryptoDevCb, "
2441                    "wc_CryptoCb_RegisterDevice() failed");
2442        return ret;
2443    }
2444    #endif
2445
2446    #if defined(MAXQ10XX_MUTEX)
2447    ret = maxq_CryptHwMutexTryLock();
2448    if (ret) {
2449        WOLFSSL_ERROR_MSG("MAXQ: maxq10xx_port_init() -> device is busy "
2450                    "(switching to soft mode)");
2451        return 0;
2452    }
2453    #endif
2454
2455    mxq_rc = MXQ_Module_Init();
2456    if (mxq_rc) {
2457        WOLFSSL_ERROR_MSG("MAXQ: MXQ_Module_Init() failed");
2458        ret = WC_HW_E;
2459    }
2460
2461    wolfSSL_CryptHwMutexUnLock();
2462
2463    #if defined(WOLF_CRYPTO_CB)
2464    if (ret == 0) {
2465        ret = wc_CryptoCb_RegisterDevice(MAXQ_DEVICE_ID,
2466                                         wolfSSL_MAXQ10XX_CryptoDevCb, NULL);
2467        if (ret != 0) {
2468            WOLFSSL_ERROR_MSG("MAXQ: wolfSSL_MAXQ10XX_CryptoDevCb, "
2469                        "wc_CryptoCb_RegisterDevice() failed");
2470        }
2471    }
2472    #endif
2473
2474    return ret;
2475}
2476
2477/* This basically does all the work that SendClientKeyExchange() does in the
2478 * case of ECDSA. That's because if a callback is defined, almost nothing is
2479 * done in SendClientKeyExchange(). */
2480static int maxq10xx_tls12_ecc_shared_secret(WOLFSSL* ssl, ecc_key* otherKey,
2481               unsigned char* pubKeyDer, word32* pubKeySz,
2482               unsigned char* out, word32* outlen,
2483               int side, void* ctx)
2484{
2485    int rc;
2486    mxq_err_t mxq_rc;
2487    ecc_key *p_key = NULL;
2488    mxq_length key_len_param;
2489    mxq_u1* server_public_key_param;
2490    mxq_u2 csid_param = ssl->options.cipherSuite |
2491                        (ssl->options.cipherSuite0 << 8);
2492    byte result_public_key[1 + (2 * ECC256_KEYSIZE)];
2493    (void)ctx;
2494    (void)otherKey;
2495    (void)out;
2496    (void)outlen;
2497    (void)side;
2498
2499    WOLFSSL_ENTER("maxq10xx_ecc_shared_secret");
2500
2501    if (ssl->specs.kea != ecc_diffie_hellman_kea) {
2502        WOLFSSL_MSG("MAXQ: key exchange algo not supported");
2503        return NOT_COMPILED_IN;
2504    }
2505
2506    if (ssl->ecdhCurveOID != ECC_SECP256R1_OID) {
2507        WOLFSSL_MSG("MAXQ: key curve not supported");
2508        return NOT_COMPILED_IN;
2509    }
2510
2511    ssl->hsType = DYNAMIC_TYPE_ECC;
2512    rc = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
2513    if (rc != 0) {
2514        return rc;
2515    }
2516
2517    p_key = (ecc_key*)ssl->hsKey;
2518
2519    rc = wolfSSL_CryptHwMutexLock();
2520    if (rc != 0) {
2521        return rc;
2522    }
2523
2524    XMEMSET(result_public_key, 0, sizeof(result_public_key));
2525
2526    server_public_key_param = NULL;
2527    key_len_param = sizeof(result_public_key);
2528
2529    mxq_rc = MXQ_Ecdh_Compute_Shared(MXQ_KEYPARAM_EC_P256R1,
2530                                     server_public_key_param, result_public_key,
2531                                     key_len_param, csid_param);
2532    if (mxq_rc) {
2533        WOLFSSL_ERROR_MSG("MAXQ: MXQ_Ecdh_Compute_Shared() failed");
2534        wolfSSL_CryptHwMutexUnLock();
2535        return WC_HW_E;
2536    }
2537
2538    wolfSSL_CryptHwMutexUnLock();
2539
2540    /* client public key */
2541    p_key->state = 0;
2542
2543    rc = wc_ecc_set_curve(p_key, ECC256_KEYSIZE, ECC_SECP256R1);
2544    if (rc != 0) {
2545        WOLFSSL_ERROR_MSG("MAXQ: wc_ecc_set_curve() failed");
2546        return rc;
2547    }
2548
2549    p_key->flags = WC_ECC_FLAG_NONE;
2550    p_key->type = ECC_PUBLICKEY;
2551
2552    rc = mp_read_unsigned_bin(p_key->pubkey.x, &result_public_key[1],
2553                              ECC256_KEYSIZE);
2554    if (rc != 0) {
2555        WOLFSSL_ERROR_MSG("MAXQ: mp_read_unsigned_bin() failed");
2556        return rc;
2557    }
2558
2559    rc = mp_read_unsigned_bin(p_key->pubkey.y,
2560                              &result_public_key[1 + ECC256_KEYSIZE],
2561                              ECC256_KEYSIZE);
2562    if (rc != 0) {
2563        WOLFSSL_ERROR_MSG("MAXQ: mp_read_unsigned_bin() failed");
2564        return rc;
2565    }
2566
2567    p_key->maxq_ctx.hw_storage = 1;
2568
2569    PRIVATE_KEY_UNLOCK();
2570    rc = wc_ecc_export_x963(p_key, pubKeyDer, pubKeySz);
2571    PRIVATE_KEY_LOCK();
2572
2573    return rc;
2574}
2575
2576#ifdef WOLFSSL_MAXQ108X
2577static int wc_MAXQ10XX_HmacSetKey(int type)
2578{
2579    mxq_algo_id_t algo;
2580    int rc;
2581    mxq_err_t mxq_rc;
2582
2583    if (!tls13active) {
2584        return NOT_COMPILED_IN;
2585    }
2586
2587    if (type == WC_SHA256) {
2588        algo = ALGO_HMAC_SHA256;
2589    }
2590    else if (type == WC_SHA384) {
2591        algo = ALGO_HMAC_SHA384;
2592    }
2593    else {
2594        return NOT_COMPILED_IN;
2595    }
2596
2597    if (tls13_server_finish_obj_id != -1) {
2598        if (tls13_server_key_id != NULL) {
2599            free_temp_key_id(*tls13_server_key_id);
2600            *tls13_server_key_id = -1;
2601        }
2602        mac_key_obj_id = &tls13_server_finish_obj_id;
2603    }
2604    else if (tls13_client_finish_obj_id != -1) {
2605        mac_key_obj_id = &tls13_client_finish_obj_id;
2606    }
2607
2608    if (mac_key_obj_id == NULL) {
2609        WOLFSSL_MSG("MAXQ: wc_MAXQ10XX_HmacSetKey No MAC Key is set");
2610        return NOT_COMPILED_IN;
2611    }
2612
2613    rc = wolfSSL_CryptHwMutexLock();
2614    if (rc != 0) {
2615        return rc;
2616    }
2617
2618    mxq_rc = MXQ_MAC_Init(0x02, algo, *mac_key_obj_id, NULL, 0);
2619    wolfSSL_CryptHwMutexUnLock();
2620
2621    if (mxq_rc == 0) {
2622        mac_comp_active = 1;
2623    }
2624    else {
2625        WOLFSSL_ERROR_MSG("MAXQ: MXQ_MAC_Init() failed");
2626        rc = WC_HW_E;
2627    }
2628
2629    return rc;
2630}
2631
2632static int wc_MAXQ10XX_HmacUpdate(const byte* msg, word32 length)
2633{
2634    int rc;
2635    mxq_err_t mxq_rc;
2636    if (!tls13active || !mac_comp_active) {
2637        return NOT_COMPILED_IN;
2638    }
2639
2640    rc = wolfSSL_CryptHwMutexLock();
2641    if (rc != 0) {
2642        return rc;
2643    }
2644
2645    mxq_rc = MXQ_MAC_Update((unsigned char *)msg, length);
2646    wolfSSL_CryptHwMutexUnLock();
2647
2648    if (mxq_rc) {
2649        WOLFSSL_ERROR_MSG("MAXQ: MXQ_MAC_Update() failed");
2650        rc = WC_HW_E;
2651    }
2652
2653    return rc;
2654}
2655
2656static int wc_MAXQ10XX_HmacFinal(byte* hash)
2657{
2658    int rc;
2659    mxq_err_t mxq_rc;
2660    mxq_length maclen = 64;
2661    if (!tls13active || !mac_comp_active) {
2662        return NOT_COMPILED_IN;
2663    }
2664
2665    rc = wolfSSL_CryptHwMutexLock();
2666    if (rc != 0) {
2667        return rc;
2668    }
2669
2670    mxq_rc = MXQ_MAC_Finish(hash, &maclen);
2671    wolfSSL_CryptHwMutexUnLock();
2672    if (mxq_rc) {
2673        WOLFSSL_ERROR_MSG("MAXQ: MXQ_MAC_Finish() failed");
2674        rc = WC_HW_E;
2675    }
2676
2677    if (mac_key_obj_id != NULL) {
2678        free_temp_key_id(*mac_key_obj_id);
2679        *mac_key_obj_id = -1;
2680        mac_key_obj_id = NULL;
2681    }
2682    mac_comp_active = 0;
2683
2684    return rc;
2685}
2686
2687static int maxq10xx_create_dh_key(byte* p, word32 pSz, byte* g, word32 gSz,
2688                                  byte* pub, word32* pubSz)
2689{
2690    int rc;
2691    mxq_err_t mxq_rc;
2692
2693    WOLFSSL_ENTER("maxq10xx_create_dh_key");
2694    if (!tls13active) {
2695        return NOT_COMPILED_IN;
2696    }
2697
2698    *pubSz = pSz;
2699    if (tls13_dh_obj_id == -1) {
2700        tls13_dh_obj_id = alloc_temp_key_id();
2701        if (tls13_dh_obj_id == -1) {
2702            WOLFSSL_MSG("MAXQ: alloc_temp_key_id() failed");
2703            rc = NOT_COMPILED_IN;
2704            return rc;
2705        }
2706    }
2707
2708    rc = wolfSSL_CryptHwMutexLock();
2709    if (rc != 0) {
2710        return rc;
2711    }
2712
2713    mxq_rc = MXQ_TLS13_Generate_Key(pub, tls13_dh_obj_id, 0, MXQ_KEYPARAM_DHE,
2714                                    pSz, p, gSz, g);
2715
2716    wolfSSL_CryptHwMutexUnLock();
2717    if (mxq_rc) {
2718        WOLFSSL_ERROR_MSG("MAXQ: MXQ_TLS13_Generate_Key() failed");
2719        rc = WC_HW_E;
2720    }
2721
2722    return rc;
2723}
2724
2725static int maxq10xx_dh_gen_key_pair(DhKey* key, WC_RNG* rng,
2726                                    byte* priv, word32* privSz,
2727                                    byte* pub, word32* pubSz) {
2728    word32 p_size, g_size;
2729    unsigned char pbuf[256], gbuf[4];
2730    (void)rng;
2731    (void)priv;
2732    (void)privSz;
2733
2734    p_size = mp_unsigned_bin_size(&key->p);
2735    mp_to_unsigned_bin(&key->p, pbuf);
2736
2737    g_size = mp_unsigned_bin_size(&key->g);
2738    mp_to_unsigned_bin(&key->g, gbuf);
2739
2740    return maxq10xx_create_dh_key(pbuf, p_size, gbuf, g_size, pub, pubSz);
2741}
2742
2743static int maxq10xx_dh_agree(WOLFSSL* ssl, struct DhKey* key,
2744               const unsigned char* priv, unsigned int privSz,
2745               const unsigned char* pubKeyDer, unsigned int pubKeySz,
2746               unsigned char* out, unsigned int* outlen,
2747               void* ctx)
2748{
2749    int rc;
2750    mxq_err_t mxq_rc;
2751    (void)ctx;
2752    (void)key;
2753    (void)priv;
2754    (void)privSz;
2755
2756    WOLFSSL_ENTER("maxq10xx_dh_agree");
2757
2758    mxq_u2 csid_param = ssl->options.cipherSuite |
2759                        (ssl->options.cipherSuite0 << 8);
2760
2761    if (tls13_dh_obj_id == -1) {
2762        WOLFSSL_ERROR_MSG("MAXQ: DH key is not created before");
2763        rc = NOT_COMPILED_IN;
2764        return rc;
2765    }
2766
2767    if (tls13_shared_secret_obj_id == -1) {
2768        tls13_shared_secret_obj_id = alloc_temp_key_id();
2769        if (tls13_shared_secret_obj_id == -1) {
2770            WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
2771            return NOT_COMPILED_IN;
2772        }
2773    }
2774
2775    rc = wolfSSL_CryptHwMutexLock();
2776    if (rc != 0) {
2777        return rc;
2778    }
2779
2780    mxq_rc = MXQ_TLS13_Create_Secret((unsigned char*)pubKeyDer, pubKeySz,
2781                                     tls13_dh_obj_id, 0, MXQ_KEYPARAM_DHE,
2782                                     csid_param, tls13_shared_secret_obj_id,
2783                                     out, outlen);
2784    wolfSSL_CryptHwMutexUnLock();
2785    if (mxq_rc) {
2786        WOLFSSL_ERROR_MSG("MAXQ: wolfSSL_CryptHwMutexUnLock() failed");
2787        rc = WC_HW_E;
2788    }
2789
2790    *outlen = pubKeySz;
2791    free_temp_key_id(tls13_dh_obj_id);
2792    tls13_dh_obj_id = -1;
2793    free_temp_key_id(tls13_ecc_obj_id);
2794    tls13_ecc_obj_id = -1;
2795
2796    return rc;
2797}
2798
2799static int  maxq10xx_ecc_key_gen(WOLFSSL* ssl, ecc_key* key, word32 keySz,
2800                int ecc_curve, void* ctx)
2801{
2802    int rc;
2803    mxq_err_t mxq_rc;
2804    unsigned char mxq_key[MAX_EC_KEY_SIZE];
2805    (void)ctx;
2806    (void)ssl;
2807
2808    WOLFSSL_ENTER("maxq10xx_ecc_key_gen");
2809
2810    if (tls13_ecc_obj_id == -1) {
2811        tls13_ecc_obj_id = alloc_temp_key_id();
2812        if (tls13_ecc_obj_id == -1) {
2813            WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
2814            rc = NOT_COMPILED_IN;
2815            return rc;
2816        }
2817    }
2818
2819    rc = wolfSSL_CryptHwMutexLock();
2820    if (rc != 0) {
2821        return rc;
2822    }
2823    mxq_rc = MXQ_TLS13_Generate_Key(mxq_key, tls13_ecc_obj_id, MXQ_KEYTYPE_ECC,
2824                                    getMaxqKeyParamFromCurve(key->dp->id),
2825                                    keySz, NULL, 0, NULL);
2826
2827    wolfSSL_CryptHwMutexUnLock();
2828    if (mxq_rc) {
2829        WOLFSSL_ERROR_MSG("MAXQ: MXQ_TLS13_Generate_Key() failed");
2830        return WC_HW_E;
2831    }
2832
2833    rc = wc_ecc_import_unsigned(key, (byte*)mxq_key, (byte*)mxq_key + keySz,
2834                                NULL, ecc_curve);
2835    if (rc) {
2836        WOLFSSL_ERROR_MSG("MAXQ: wc_ecc_import_raw_ex() failed");
2837    }
2838
2839    return rc;
2840}
2841
2842static int maxq10xx_ecc_verify(WOLFSSL* ssl, const byte* sig,
2843                               word32 sigSz, const byte* hash,
2844                               word32 hashSz, const byte* key,
2845                               word32 keySz, int* result, void* ctx)
2846{
2847    int rc;
2848    (void)ssl;
2849    (void)key;
2850    (void)keySz;
2851    (void)ctx;
2852
2853    WOLFSSL_ENTER("maxq10xx_ecc_verify");
2854
2855    if (!tls13active) {
2856        return CRYPTOCB_UNAVAILABLE;
2857    }
2858
2859    if (tls13_server_key_algo != ECDSAk) {
2860        return CRYPTOCB_UNAVAILABLE;
2861    }
2862
2863    rc = wolfSSL_CryptHwMutexLock();
2864    if (rc != 0) {
2865        return rc;
2866    }
2867
2868    rc = maxq10xx_ecc_verify_local(tls13_server_cert_id, (mxq_u1*)hash, hashSz,
2869                                   (mxq_u1*)sig, sigSz,
2870                                   result, tls13_server_key_len);
2871    wolfSSL_CryptHwMutexUnLock();
2872
2873    return rc;
2874}
2875
2876static int maxq10xx_tls13_ecc_shared_secret(WOLFSSL* ssl, ecc_key* otherKey,
2877               unsigned char* pubKeyDer, word32* pubKeySz,
2878               unsigned char* out, word32* outlen,
2879               int side, void* ctx)
2880{
2881    int rc;
2882    mxq_err_t mxq_rc;
2883    word32 peerKeySz = otherKey->dp->size;
2884    uint8_t  peerKeyBuf[MAX_EC_KEY_SIZE];
2885    uint8_t* peerKey = peerKeyBuf;
2886    uint8_t* qx = peerKey;
2887    uint8_t* qy = &peerKey[peerKeySz];
2888    word32 qxLen = peerKeySz,  qyLen = peerKeySz;
2889    mxq_u2 csid_param = ssl->options.cipherSuite |
2890                        (ssl->options.cipherSuite0 << 8);
2891    (void)ctx;
2892    (void)pubKeyDer;
2893    (void)side;
2894    (void)pubKeySz;
2895
2896    WOLFSSL_ENTER("maxq10xx_ecc_shared_secret");
2897
2898    rc = wc_ecc_export_public_raw(otherKey, qx, &qxLen, qy, &qyLen);
2899    if (rc != 0) {
2900        return rc;
2901    }
2902
2903    if (tls13_ecc_obj_id == -1) {
2904        WOLFSSL_ERROR_MSG("MAXQ: ECDHE key is not created before");
2905        rc = NOT_COMPILED_IN;
2906        return rc;
2907    }
2908
2909    if (tls13_shared_secret_obj_id == -1) {
2910        tls13_shared_secret_obj_id = alloc_temp_key_id();
2911        if (tls13_shared_secret_obj_id == -1) {
2912            WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
2913            return NOT_COMPILED_IN;
2914        }
2915    }
2916
2917    rc = wolfSSL_CryptHwMutexLock();
2918    if (rc != 0) {
2919        return rc;
2920    }
2921
2922    mxq_rc = MXQ_TLS13_Create_Secret(peerKey, (2*peerKeySz), tls13_ecc_obj_id,
2923                                     MXQ_KEYTYPE_ECC,
2924                                     getMaxqKeyParamFromCurve(otherKey->dp->id),
2925                                     csid_param, tls13_shared_secret_obj_id,
2926                                     out, outlen);
2927
2928    wolfSSL_CryptHwMutexUnLock();
2929    if (mxq_rc) {
2930        WOLFSSL_ERROR_MSG("MAXQ: MXQ_TLS13_Create_Secret() failed");
2931        rc = WC_HW_E;
2932    }
2933
2934    *outlen = otherKey->dp->size;
2935    free_temp_key_id(tls13_dh_obj_id);
2936    tls13_dh_obj_id = -1;
2937    free_temp_key_id(tls13_ecc_obj_id);
2938    tls13_ecc_obj_id = -1;
2939
2940    return rc;
2941}
2942
2943static int maxq10xx_rsa_pss_verify_ex(WOLFSSL* ssl,
2944                                      byte* hashed_msg, word32 hashed_msg_sz,
2945                                      byte* pss_sign, word32 pss_signlen,
2946                                      int isCertId)
2947{
2948    mxq_u2 pubkey_objectid;
2949    int ret;
2950    mxq_err_t mxq_rc;
2951    (void)ssl;
2952
2953    WOLFSSL_ENTER("maxq10xx_rsa_pss_verify_ex");
2954
2955    if (!tls13active) {
2956        return NOT_COMPILED_IN;
2957    }
2958
2959    if (isCertId) {
2960        pubkey_objectid = tls13_server_cert_id;
2961    }
2962    else {
2963        pubkey_objectid = DEVICE_KEY_PAIR_OBJ_ID;
2964    }
2965
2966    ret = wolfSSL_CryptHwMutexLock();
2967    if (ret != 0) {
2968        return ret;
2969    }
2970    mxq_rc = MXQ_Verify(ALGO_RSASSAPSSPKCS1_V2_1_PLAIN, pubkey_objectid,
2971                        hashed_msg, hashed_msg_sz, pss_sign, pss_signlen);
2972
2973    wolfSSL_CryptHwMutexUnLock();
2974
2975    if (mxq_rc) {
2976        WOLFSSL_ERROR_MSG("MAXQ: MXQ_Verify() failed");
2977        ret = WC_HW_E;
2978    }
2979    return ret;
2980}
2981
2982/* This will do all the work that is normally done in RsaVerify() and
2983 * CheckRSASignature(). That is why at the bottom, we release the key. Because
2984 * verification has been completed and CheckRSASignature() should be skipped.
2985 * The same reasoning for maxq10xx_RsaSkipSignCheck() doing nothing. */
2986static int maxq10xx_rsa_pss_verify(WOLFSSL* ssl,
2987                                   unsigned char* in, unsigned int inSz,
2988                                   unsigned char** out, int hash, int mgf,
2989                                   const unsigned char* key, unsigned int keySz,
2990                                   void* ctx) {
2991    int    ret = 0;
2992    byte   sigData[MAX_SIG_DATA_SZ];
2993    word16 sigDataSz;
2994    word32 sigSz;
2995    (void)out;
2996    (void)mgf;
2997    (void)key;
2998    (void)keySz;
2999    (void)ctx;
3000
3001    if (hash == SHA256h) {
3002        hash = sha256_mac;
3003    }
3004    else if (hash == SHA384h) {
3005        hash = sha384_mac;
3006    }
3007    else if (hash  == SHA512h) {
3008        hash = sha512_mac;
3009    }
3010    else {
3011        return BAD_FUNC_ARG;
3012    }
3013
3014    ret = CreateSigData(ssl, sigData, &sigDataSz, 1);
3015    if (ret != 0)
3016        return ret;
3017
3018    /* PSS signature can be done in-place */
3019    ret = CreateRSAEncodedSig(sigData, sigData, sigDataSz,
3020                              rsa_pss_sa_algo, hash);
3021    if (ret < 0)
3022        return ret;
3023    sigSz = ret;
3024
3025    ret = maxq10xx_rsa_pss_verify_ex(ssl, sigData, sigSz, in, inSz, 1);
3026
3027    if (ret == 0) {
3028        /* This ensures call to CheckRSASignature() is skipped. */
3029        ssl->peerRsaKeyPresent = 0;
3030        FreeKey(ssl, DYNAMIC_TYPE_RSA, (void**)&ssl->peerRsaKey);
3031        ssl->options.peerAuthGood = 1;
3032    }
3033
3034    return ret;
3035}
3036
3037static int maxq10xx_skip_sign_check(WOLFSSL* ssl,
3038               unsigned char* sig, unsigned int sigSz,
3039               unsigned char** out, int hash, int mgf,
3040               const unsigned char* key, unsigned int keySz,
3041               void* ctx) {
3042    (void)ssl;
3043    (void)sig;
3044    (void)sigSz;
3045    (void)out;
3046    (void)hash;
3047    (void)mgf;
3048    (void)key;
3049    (void)keySz;
3050    (void)ctx;
3051    return 0;
3052}
3053
3054static int maxq10xx_rsa_pss_sign(WOLFSSL* ssl, const byte* in, word32 inSz,
3055                                 byte* out, word32* outSz, int hash, int mgf,
3056                                 const byte* key, word32 keySz, void* ctx)
3057{
3058    int ret;
3059    mxq_err_t mxq_rc;
3060    (void)ssl;
3061    (void)hash;
3062    (void)mgf;
3063    (void)key;
3064    (void)keySz;
3065    (void)ctx;
3066
3067    WOLFSSL_ENTER("maxq10xx_rsa_pss_sign");
3068
3069    if (!tls13active) {
3070        return NOT_COMPILED_IN;
3071    }
3072
3073    ret = wolfSSL_CryptHwMutexLock();
3074    if (ret != 0) {
3075        return ret;
3076    }
3077
3078    mxq_rc = MXQ_Sign(ALGO_RSASSAPSSPKCS1_V2_1_PLAIN, DEVICE_KEY_PAIR_OBJ_ID,
3079                      in, inSz, out, outSz);
3080
3081    wolfSSL_CryptHwMutexUnLock();
3082
3083    if (mxq_rc) {
3084        WOLFSSL_ERROR_MSG("MAXQ: MXQ_Sign() failed");
3085        return WC_HW_E;
3086    }
3087
3088    ret = wolfSSL_CryptHwMutexLock();
3089    if (ret != 0) {
3090        return ret;
3091    }
3092
3093    mxq_rc = MXQ_Verify(ALGO_RSASSAPSSPKCS1_V2_1_PLAIN, DEVICE_KEY_PAIR_OBJ_ID,
3094                        in, inSz, out, *outSz);
3095
3096    wolfSSL_CryptHwMutexUnLock();
3097    if (mxq_rc) {
3098        WOLFSSL_ERROR_MSG("MAXQ: MXQ_Verify() failed");
3099        return WC_HW_E;
3100    }
3101
3102    return ret;
3103}
3104
3105#ifdef HAVE_HKDF
3106static int maxq10xx_hkdf_extract(byte* prk, const byte* salt, word32 saltLen,
3107               byte* ikm, word32 ikmLen, int digest, void* ctx)
3108{
3109    int rc;
3110    mxq_err_t mxq_rc;
3111    mxq_length prk_len = 0;
3112    mxq_algo_id_t mxq_digest_id = ALGO_INVALID;
3113    int salt_kid = -1, ikm_kid = -1, ret_kid = -1;
3114
3115    (void)ctx;
3116
3117    switch (digest) {
3118        #ifndef NO_SHA256
3119        case WC_SHA256:
3120            prk_len = WC_SHA256_DIGEST_SIZE;
3121            mxq_digest_id = ALGO_MD_SHA256;
3122            break;
3123        #endif
3124
3125        #ifdef WOLFSSL_SHA384
3126        case WC_SHA384:
3127            prk_len = WC_SHA384_DIGEST_SIZE;
3128            mxq_digest_id = ALGO_MD_SHA384;
3129            break;
3130        #endif
3131
3132        #ifdef WOLFSSL_TLS13_SHA512
3133        case WC_SHA512:
3134            prk_len = WC_SHA512_DIGEST_SIZE;
3135            mxq_digest_id = ALGO_MD_SHA512;
3136            break;
3137        #endif
3138        default:
3139            return BAD_FUNC_ARG;
3140    }
3141
3142    /* Prepare key id parameters */
3143    if (saltLen != 0 && ikmLen != 0) {
3144        /* handshake_secret = HKDF-Extract(salt: derived_secret,
3145         *                        key: shared_secret) */
3146        if (tls13_handshake_secret_obj_id == -1) {
3147            tls13_handshake_secret_obj_id = alloc_temp_key_id();
3148            if (tls13_handshake_secret_obj_id == -1) {
3149                WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3150                return NOT_COMPILED_IN;
3151            }
3152        }
3153        salt_kid = tls13_derived_secret_obj_id;
3154        ikm_kid  = tls13_shared_secret_obj_id;
3155        ret_kid  = tls13_handshake_secret_obj_id;
3156        free_temp_key_id(tls13_derived_secret_obj_id);
3157        tls13_derived_secret_obj_id = -1;
3158    }
3159    else if (saltLen != 0 && ikmLen == 0) {
3160        /* master_secret = HKDF-Extract(salt: derived_secret,
3161         *                     key: 00...) */
3162        if (tls13_master_secret_obj_id == -1) {
3163            tls13_master_secret_obj_id = alloc_temp_key_id();
3164            if (tls13_master_secret_obj_id == -1) {
3165                WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3166                return NOT_COMPILED_IN;
3167            }
3168        }
3169
3170        salt_kid = tls13_derived_secret_obj_id;
3171        ikm_kid  = -1;
3172        ret_kid  = tls13_master_secret_obj_id;
3173        free_temp_key_id(tls13_derived_secret_obj_id);
3174        tls13_derived_secret_obj_id = -1;
3175    }
3176    else if (saltLen == 0 && ikmLen == 0) {
3177        /* early_secret = HKDF-Extract(salt: 00, key: 00...) */
3178        if (tls13_early_secret_obj_id == -1) {
3179            tls13_early_secret_obj_id = alloc_temp_key_id();
3180            if (tls13_early_secret_obj_id == -1) {
3181                WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3182                return NOT_COMPILED_IN;
3183            }
3184        }
3185
3186        salt_kid = -1;
3187        ikm_kid  = -1;
3188        ret_kid  = tls13_early_secret_obj_id;
3189
3190        tls13early = 1;
3191    }
3192    else if (saltLen == 0 && ikmLen != 0) {
3193        /* early_secret = HKDF-Extract(salt: 00, key: 00...) */
3194        if (tls13_hs_early_secret_obj_id == -1) {
3195            tls13_hs_early_secret_obj_id = alloc_temp_key_id();
3196            if (tls13_hs_early_secret_obj_id == -1) {
3197                WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3198                return NOT_COMPILED_IN;
3199            }
3200        }
3201
3202        salt_kid = -1;
3203        ikm_kid  = PSK_KID;
3204        ret_kid  = tls13_hs_early_secret_obj_id;
3205
3206        tls13early = 1;
3207    }
3208    else {
3209        WOLFSSL_MSG("MAXQ: MXQ_TLS13_Extract_Secret() does not support");
3210        return NOT_COMPILED_IN;
3211    }
3212
3213    /* When length is 0 then use zeroed data of digest length. */
3214    if (ikmLen == 0) {
3215        ikmLen = prk_len;
3216        XMEMSET(ikm, 0, prk_len);
3217    }
3218
3219    if (salt_kid != -1) {
3220        saltLen = 0;
3221    }
3222
3223    if (ikm_kid != -1) {
3224        ikmLen = 0;
3225    }
3226
3227    if (ret_kid != -1) {
3228        XMEMSET(prk, 0, prk_len);
3229        prk_len = 0;
3230    }
3231
3232    rc = wolfSSL_CryptHwMutexLock();
3233    if (rc != 0) {
3234        return rc;
3235    }
3236
3237    mxq_rc = MXQ_TLS13_Extract_Secret(mxq_digest_id, (mxq_u2)ret_kid,
3238                                      prk, &prk_len, (mxq_u2)salt_kid,
3239                                      salt, (mxq_u2)saltLen,
3240                                      (mxq_u2)ikm_kid, ikm, (mxq_u2)ikmLen);
3241    if (mxq_rc) {
3242        WOLFSSL_ERROR_MSG("MAXQ: MXQ_TLS13_Extract_Secret() failed");
3243        wolfSSL_CryptHwMutexUnLock();
3244        return WC_HW_E;
3245    }
3246
3247    wolfSSL_CryptHwMutexUnLock();
3248    return 0;
3249}
3250
3251static char *strstr_with_size(char *str, const char *substr, size_t n)
3252{
3253    char *p = str, *pEnd = str + n;
3254    size_t substr_len = XSTRLEN(substr);
3255
3256    if (substr_len == 0) {
3257        return str;
3258    }
3259
3260    pEnd -= (substr_len - 1);
3261
3262    for (;p < pEnd; ++p) {
3263        if (0 == XSTRNCMP(p, substr, substr_len))
3264            return p;
3265    }
3266
3267    return NULL;
3268}
3269
3270static int maxq10xx_HkdfExpand(int digest, const byte* inKey, word32 inKeySz,
3271                               const byte* info, word32 infoSz, byte* out,
3272                               word32 outSz, int side)
3273{
3274    int rc;
3275    mxq_err_t mxq_rc;
3276    mxq_algo_id_t mxq_digest_id = ALGO_INVALID;
3277    mxq_keytype_id_t ret_keytype = MXQ_KEYTYPE_IKM;
3278    int prk_kid = -1, ret_kid = -1;
3279    int ret_isiv = 0;
3280
3281    switch (digest) {
3282        #ifndef NO_SHA256
3283        case WC_SHA256:
3284            mxq_digest_id = ALGO_MD_SHA256;
3285            break;
3286        #endif
3287
3288        #ifdef WOLFSSL_SHA384
3289        case WC_SHA384:
3290            mxq_digest_id = ALGO_MD_SHA384;
3291            break;
3292        #endif
3293
3294        #ifdef WOLFSSL_TLS13_SHA512
3295        case WC_SHA512:
3296            mxq_digest_id = ALGO_MD_SHA512;
3297            break;
3298        #endif
3299        default:
3300            return BAD_FUNC_ARG;
3301    }
3302
3303    /* Prepare key id parameters */
3304    if (strstr_with_size((char *)info, derivedLabel, infoSz) != NULL) {
3305        if (tls13early) {
3306            if (local_is_psk) {
3307                if (tls13_hs_early_secret_obj_id == -1) {
3308                        WOLFSSL_ERROR_MSG("MAXQ: Handshake early secret is not "
3309                                    "created yet");
3310                        return NOT_COMPILED_IN;
3311                }
3312
3313                tls13_derived_secret_obj_id = alloc_temp_key_id();
3314                if (tls13_derived_secret_obj_id == -1) {
3315                    WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3316                    return NOT_COMPILED_IN;
3317                }
3318                prk_kid = tls13_hs_early_secret_obj_id;
3319                ret_kid = tls13_derived_secret_obj_id;
3320                ret_keytype = MXQ_KEYTYPE_IKM;
3321                free_temp_key_id(tls13_hs_early_secret_obj_id);
3322                tls13_hs_early_secret_obj_id = -1;
3323            }
3324            else {
3325                /* derived_secret = HKDF-Expand-Label(key: early_secret,
3326                 *                      label: "derived", ctx: empty_hash) */
3327                tls13_derived_secret_obj_id = alloc_temp_key_id();
3328                if (tls13_derived_secret_obj_id == -1) {
3329                    WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3330                    return NOT_COMPILED_IN;
3331                }
3332
3333                prk_kid = tls13_early_secret_obj_id;
3334                ret_kid = tls13_derived_secret_obj_id;
3335                ret_keytype = MXQ_KEYTYPE_IKM;
3336                free_temp_key_id(tls13_early_secret_obj_id);
3337                tls13_early_secret_obj_id = -1;
3338            }
3339            ret_isiv = 0;
3340            tls13early = 0;
3341        }
3342        else {
3343            /* derived_secret = HKDF-Expand-Label(key: handshake_secret,
3344             *                      label: "derived", ctx: empty_hash) */
3345            tls13_derived_secret_obj_id = alloc_temp_key_id();
3346            if (tls13_derived_secret_obj_id == -1) {
3347                WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3348                return NOT_COMPILED_IN;
3349            }
3350
3351            prk_kid = tls13_handshake_secret_obj_id;
3352            ret_kid = tls13_derived_secret_obj_id;
3353            ret_keytype = MXQ_KEYTYPE_IKM;
3354            free_temp_key_id(tls13_handshake_secret_obj_id);
3355            tls13_handshake_secret_obj_id = -1;
3356            ret_isiv = 0;
3357        }
3358    }
3359    else if (strstr_with_size((char *)info, cHsTrafficLabel, infoSz)
3360               != NULL) {
3361        is_hs_key = 1;
3362        /* client_secret = HKDF-Expand-Label(key: handshake_secret,
3363         *                     label: "c hs traffic", ctx: hello_hash) */
3364        if (tls13_client_secret_obj_id == -1) {
3365            tls13_client_secret_obj_id = alloc_temp_key_id();
3366            if (tls13_client_secret_obj_id == -1) {
3367                WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3368                return NOT_COMPILED_IN;
3369            }
3370        }
3371
3372        prk_kid = tls13_handshake_secret_obj_id;
3373        ret_kid = tls13_client_secret_obj_id;
3374        ret_keytype = MXQ_KEYTYPE_IKM;
3375        ret_isiv = 0;
3376    }
3377    else if (strstr_with_size((char *)info, sHsTrafficLabel, infoSz)
3378               != NULL) {
3379        /* client_secret = HKDF-Expand-Label(key: handshake_secret,
3380         *                     label: "s hs traffic", ctx: hello_hash) */
3381        if (tls13_server_secret_obj_id == -1) {
3382            tls13_server_secret_obj_id = alloc_temp_key_id();
3383            if (tls13_server_secret_obj_id == -1) {
3384                WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3385                return NOT_COMPILED_IN;
3386            }
3387        }
3388
3389        prk_kid = tls13_handshake_secret_obj_id;
3390        ret_kid = tls13_server_secret_obj_id;
3391        ret_keytype = MXQ_KEYTYPE_IKM;
3392        ret_isiv = 0;
3393    }
3394    else if (strstr_with_size((char *)info, cAppTrafficLabel, infoSz)
3395               != NULL) {
3396        is_hs_key = 0;
3397        /* client_secret = HKDF-Expand-Label(key: master_secret,
3398         *                     label: "c ap traffic", ctx: handshake_hash) */
3399        if (tls13_client_secret_obj_id == -1) {
3400            tls13_client_secret_obj_id = alloc_temp_key_id();
3401            if (tls13_client_secret_obj_id == -1) {
3402                WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3403                return NOT_COMPILED_IN;
3404            }
3405        }
3406
3407        prk_kid = tls13_master_secret_obj_id;
3408        ret_kid = tls13_client_secret_obj_id;
3409        ret_keytype = MXQ_KEYTYPE_IKM;
3410        ret_isiv = 0;
3411    }
3412    else if (strstr_with_size((char *)info, sAppTrafficLabel, infoSz)
3413               != NULL) {
3414        /* server_secret = HKDF-Expand-Label(key: master_secret,
3415         *                     label: "s ap traffic", ctx: handshake_hash) */
3416        tls13_server_secret_obj_id = alloc_temp_key_id();
3417        if (tls13_server_secret_obj_id == -1) {
3418            WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3419            return NOT_COMPILED_IN;
3420        }
3421
3422        prk_kid = tls13_master_secret_obj_id;
3423        ret_kid = tls13_server_secret_obj_id;
3424        ret_keytype = MXQ_KEYTYPE_IKM;
3425        ret_isiv = 0;
3426    }
3427    else if (strstr_with_size((char *)info, keyLabel, infoSz) != NULL) {
3428        /* first client key then server */
3429        if (side == WOLFSSL_CLIENT_END) {
3430            /* client_handshake_key = HKDF-Expand-Label(key: client_secret,
3431             *                            label: "key", ctx: "")
3432             * client_application_key = HKDF-Expand-Label(key: client_secret,
3433             *                              label: "key", ctx: "") */
3434            int tls13_client_key_obj_id = -1;
3435            if (is_hs_key) {
3436                if (tls13_client_hs_key_obj_id == -1) {
3437                    tls13_client_hs_key_obj_id = alloc_temp_key_id();
3438                    if (tls13_client_hs_key_obj_id == -1) {
3439                        WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3440                        return NOT_COMPILED_IN;
3441                    }
3442                }
3443                tls13_client_key_obj_id = tls13_client_hs_key_obj_id;
3444            }
3445            else {
3446                if (tls13_client_app_key_obj_id == -1) {
3447                    tls13_client_app_key_obj_id = alloc_temp_key_id();
3448                    if (tls13_client_app_key_obj_id == -1) {
3449                        WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3450                        return NOT_COMPILED_IN;
3451                    }
3452                }
3453                tls13_client_key_obj_id = tls13_client_app_key_obj_id;
3454            }
3455
3456            prk_kid = tls13_client_secret_obj_id;
3457            ret_kid = tls13_client_key_obj_id;
3458            ret_keytype = MXQ_KEYTYPE_AES;
3459            ret_isiv = 0;
3460        }
3461        else {
3462            /* server_handshake_key = HKDF-Expand-Label(key: server_secret,
3463             *                            label: "key", ctx: "")
3464             * server_application_key = HKDF-Expand-Label(key: server_secret,
3465                                            label: "key", ctx: "") */
3466            int tls13_server_key_obj_id = -1;
3467            if (is_hs_key) {
3468                if (tls13_server_hs_key_obj_id == -1) {
3469                    tls13_server_hs_key_obj_id = alloc_temp_key_id();
3470                    if (tls13_server_hs_key_obj_id == -1) {
3471                        WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3472                        return NOT_COMPILED_IN;
3473                    }
3474                }
3475                tls13_server_key_obj_id = tls13_server_hs_key_obj_id;
3476            }
3477            else {
3478                if (tls13_server_app_key_obj_id == -1) {
3479                    tls13_server_app_key_obj_id = alloc_temp_key_id();
3480                    if (tls13_server_app_key_obj_id == -1) {
3481                        WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3482                        return NOT_COMPILED_IN;
3483                    }
3484                }
3485                tls13_server_key_obj_id = tls13_server_app_key_obj_id;
3486            }
3487
3488            prk_kid = tls13_server_secret_obj_id;
3489            ret_kid = tls13_server_key_obj_id;
3490            ret_keytype = MXQ_KEYTYPE_AES;
3491            ret_isiv = 0;
3492        }
3493    }
3494    else if (strstr_with_size((char *)info, ivLabel, infoSz) != NULL) {
3495        /* first client key then server */
3496        if (side == WOLFSSL_CLIENT_END) {
3497            /* client_handshake_iv = HKDF-Expand-Label(key: client_secret,
3498             *                           label: "iv", ctx: "")
3499             * cient_application_iv = HKDF-Expand-Label(key: client_secret,
3500             *                            label: "iv", ctx: "") */
3501            int tls13_client_iv_obj_id = -1;
3502            if (is_hs_key) {
3503                if (tls13_client_hs_key_obj_id == -1) {
3504                    WOLFSSL_ERROR_MSG("MAXQ: client hs key not set");
3505                    return NOT_COMPILED_IN;
3506                }
3507                tls13_client_iv_obj_id = tls13_client_hs_key_obj_id;
3508            }
3509            else {
3510                if (tls13_client_app_key_obj_id == -1) {
3511                    WOLFSSL_ERROR_MSG("MAXQ: client app key not set");
3512                    return NOT_COMPILED_IN;
3513                }
3514                tls13_client_iv_obj_id = tls13_client_app_key_obj_id;
3515            }
3516
3517            prk_kid = tls13_client_secret_obj_id;
3518            ret_kid = tls13_client_iv_obj_id;
3519            ret_keytype = MXQ_KEYTYPE_AES;
3520            ret_isiv = 1;
3521        }
3522        else {
3523            /* server_handshake_iv = HKDF-Expand-Label(key: server_secret,
3524             *                           label: "iv", ctx: "")
3525             * server_application_iv = HKDF-Expand-Label(key: server_secret,
3526             * label: "iv", ctx: "") */
3527            int tls13_server_iv_obj_id = -1;
3528            if (is_hs_key) {
3529                if (tls13_server_hs_key_obj_id == -1) {
3530                    WOLFSSL_ERROR_MSG("MAXQ: server hs key not set");
3531                    return NOT_COMPILED_IN;
3532                }
3533                tls13_server_iv_obj_id = tls13_server_hs_key_obj_id;
3534            }
3535            else {
3536                if (tls13_server_app_key_obj_id == -1) {
3537                    WOLFSSL_ERROR_MSG("MAXQ: server app key not set");
3538                    return NOT_COMPILED_IN;
3539                }
3540                tls13_server_iv_obj_id = tls13_server_app_key_obj_id;
3541            }
3542
3543            prk_kid = tls13_server_secret_obj_id;
3544            ret_kid = tls13_server_iv_obj_id;
3545            ret_keytype = MXQ_KEYTYPE_AES;
3546            ret_isiv = 1;
3547            local_is_psk = 0;
3548        }
3549    }
3550    else if (strstr_with_size((char *)info, finishedLabel, infoSz) != NULL) {
3551        if (local_is_psk) {
3552            if (tls13_client_finish_obj_id == -1) {
3553                tls13_client_finish_obj_id = alloc_temp_key_id();
3554                if (tls13_client_finish_obj_id == -1) {
3555                    WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3556                    return NOT_COMPILED_IN;
3557                }
3558            }
3559            if (tls13_binder_key_obj_id == -1) {
3560                WOLFSSL_ERROR_MSG("MAXQ: Binder key is not created yet");
3561                return NOT_COMPILED_IN;
3562            }
3563            prk_kid = tls13_binder_key_obj_id;
3564            ret_kid = tls13_client_finish_obj_id;
3565            tls13_client_key_id = &tls13_binder_key_obj_id;
3566            ret_keytype = MXQ_KEYTYPE_HMAC;
3567            ret_isiv = 0;
3568        }
3569        else {
3570            /* first client key then server */
3571            if (side == WOLFSSL_CLIENT_END) {
3572                /* finished_key = HKDF-Expand-Label(key: client_secret,
3573                 * label: "finished", ctx: "") */
3574                if (is_hs_key) {
3575                    tls13_client_key_id = &tls13_client_hs_key_obj_id;
3576                }
3577                else {
3578                    tls13_client_key_id = &tls13_client_app_key_obj_id;
3579                }
3580                if (tls13_client_finish_obj_id == -1) {
3581                    tls13_client_finish_obj_id = alloc_temp_key_id();
3582                    if (tls13_client_finish_obj_id == -1) {
3583                        WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3584                        return NOT_COMPILED_IN;
3585                    }
3586                }
3587
3588                prk_kid = tls13_client_secret_obj_id;
3589                ret_kid = tls13_client_finish_obj_id;
3590
3591                ret_keytype = MXQ_KEYTYPE_HMAC;
3592                ret_isiv = 0;
3593                free_temp_key_id(tls13_client_secret_obj_id);
3594                tls13_client_secret_obj_id = -1;
3595
3596            }
3597            else {
3598                /* finished_key = HKDF-Expand-Label(key: server_secret,
3599                 *                    label: "finished", ctx: "") */
3600                if (is_hs_key) {
3601                    tls13_server_key_id = &tls13_server_hs_key_obj_id;
3602                }
3603                else {
3604                    tls13_server_key_id = &tls13_server_app_key_obj_id;
3605                }
3606                if (tls13_server_finish_obj_id == -1) {
3607                    tls13_server_finish_obj_id = alloc_temp_key_id();
3608                    if (tls13_server_finish_obj_id == -1) {
3609                        WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3610                        return NOT_COMPILED_IN;
3611                    }
3612                }
3613
3614                prk_kid = tls13_server_secret_obj_id;
3615                ret_kid = tls13_server_finish_obj_id;
3616                ret_keytype = MXQ_KEYTYPE_HMAC;
3617                ret_isiv = 0;
3618                free_temp_key_id(tls13_server_secret_obj_id);
3619                tls13_server_secret_obj_id = -1;
3620
3621            }
3622        }
3623    }
3624    else if (strstr_with_size((char *)info, extBinderLabel, infoSz) != NULL) {
3625
3626            /* binder_key = HKDF-Expand-Label(key: hs_early_secret,
3627             *                  label: "ext binder", ctx: empty_hash) */
3628            tls13_binder_key_obj_id = alloc_temp_key_id();
3629            if (tls13_binder_key_obj_id == -1) {
3630                WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3631                return NOT_COMPILED_IN;
3632            }
3633
3634            prk_kid = tls13_hs_early_secret_obj_id;
3635            ret_kid = tls13_binder_key_obj_id;
3636            ret_keytype = MXQ_KEYTYPE_IKM;
3637            ret_isiv = 0;
3638            local_is_psk = 1;
3639
3640    }
3641    else if (strstr_with_size((char *)info, resMasterLabel, infoSz) != NULL) {
3642        /* TODO: */
3643        tls13_res_master_obj_id = alloc_temp_key_id();
3644        if (tls13_res_master_obj_id == -1) {
3645            WOLFSSL_ERROR_MSG("MAXQ: alloc_temp_key_id() failed");
3646            return NOT_COMPILED_IN;
3647        }
3648        prk_kid = tls13_master_secret_obj_id;
3649        ret_kid = tls13_res_master_obj_id;
3650        ret_keytype = MXQ_KEYTYPE_IKM;
3651        ret_isiv = 0;
3652        if (tls13_client_key_id != NULL) {
3653            free_temp_key_id(*tls13_client_key_id);
3654            *tls13_client_key_id = -1;
3655        }
3656    }
3657    else if (strstr_with_size((char *)info, appTrafUpdLabel, infoSz) != NULL) {
3658        if (side == WOLFSSL_CLIENT_END) {
3659            /* updated_client_secret = HKDF-Expand-Label(key: client_secret,
3660             *                             label: "traffic upd", ctx: "") */
3661            if (tls13_client_app_key_obj_id == -1) {
3662                WOLFSSL_ERROR_MSG("MAXQ: Client Application Key was not set");
3663                return NOT_COMPILED_IN;
3664            }
3665            prk_kid = tls13_client_secret_obj_id;
3666            ret_kid = tls13_client_secret_obj_id;
3667            ret_keytype = MXQ_KEYTYPE_IKM;
3668            ret_isiv = 0;
3669        }
3670        else {
3671            /* updated_server_secret = HKDF-Expand-Label(key: server_secret,
3672             *                             label: "traffic upd", ctx: "") */
3673            if (tls13_server_app_key_obj_id == -1) {
3674                WOLFSSL_ERROR_MSG("MAXQ: Server Application Key was not set");
3675                return NOT_COMPILED_IN;
3676            }
3677            prk_kid = tls13_server_secret_obj_id;
3678            ret_kid = tls13_server_secret_obj_id;
3679            ret_keytype = MXQ_KEYTYPE_IKM;
3680            ret_isiv = 0;
3681        }
3682    }
3683    else {
3684        WOLFSSL_ERROR_MSG("MAXQ: MXQ_TLS13_Expand_Secret() does not support");
3685        return NOT_COMPILED_IN;
3686    }
3687
3688    if (prk_kid != -1) {
3689        inKeySz = 0;
3690    }
3691
3692    if (ret_kid != -1) {
3693        XMEMSET(out, 0, outSz);
3694    }
3695
3696    rc = wolfSSL_CryptHwMutexLock();
3697    if (rc != 0) {
3698        return rc;
3699    }
3700
3701    mxq_rc = MXQ_TLS13_Expand_Secret(mxq_digest_id, (mxq_u2)ret_kid,
3702                                     ret_keytype, ret_isiv, out, &outSz,
3703                                     (mxq_u2)prk_kid, inKey, inKeySz,
3704                                     info, infoSz );
3705    if (mxq_rc) {
3706        WOLFSSL_ERROR_MSG("MAXQ: MXQ_TLS13_Expand_Secret() failed");
3707        wolfSSL_CryptHwMutexUnLock();
3708        return WC_HW_E;
3709    }
3710
3711    wolfSSL_CryptHwMutexUnLock();
3712    return 0;
3713}
3714
3715static int maxq10xx_hkdf_expand_label(byte* okm, word32 okmLen,
3716                                      const byte* prk, word32 prkLen,
3717                                      const byte* protocol, word32 protocolLen,
3718                                      const byte* label, word32 labelLen,
3719                                      const byte* info, word32 infoLen,
3720                                      int digest, int side)
3721{
3722    int    ret = 0;
3723    int    idx = 0;
3724    byte   data[MAX_TLS13_HKDF_LABEL_SZ];
3725
3726    /* Output length. */
3727    data[idx++] = (byte)(okmLen >> 8);
3728    data[idx++] = (byte)okmLen;
3729    /* Length of protocol | label. */
3730    data[idx++] = (byte)(protocolLen + labelLen);
3731    /* Protocol */
3732    XMEMCPY(&data[idx], protocol, protocolLen);
3733    idx += protocolLen;
3734    /* Label */
3735    XMEMCPY(&data[idx], label, labelLen);
3736    idx += labelLen;
3737    /* Length of hash of messages */
3738    data[idx++] = (byte)infoLen;
3739    /* Hash of messages */
3740    XMEMCPY(&data[idx], info, infoLen);
3741    idx += infoLen;
3742
3743#ifdef WOLFSSL_CHECK_MEM_ZERO
3744    wc_MemZero_Add("wc_Tls13_HKDF_Expand_Label data", data, idx);
3745#endif
3746
3747    ret = maxq10xx_HkdfExpand(digest, prk, prkLen, data, idx, okm, okmLen,
3748                              side);
3749    ForceZero(data, idx);
3750
3751#ifdef WOLFSSL_CHECK_MEM_ZERO
3752    wc_MemZero_Check(data, MAX_TLS13_HKDF_LABEL_SZ);
3753#endif
3754
3755    return ret;
3756}
3757
3758static int maxq10xx_perform_tls13_record_processing(WOLFSSL* ssl,
3759               int is_encrypt, byte* out, const byte* in,
3760               word32 sz, const byte* iv, word32 ivSz,
3761               byte* authTag, word32 authTagSz,
3762               const byte* authIn, word32 authInSz)
3763{
3764    int rc;
3765    mxq_err_t mxq_rc;
3766    mxq_u2 key_id = 0xFFFF;
3767
3768    if (!tls13active) {
3769        return NOT_COMPILED_IN;
3770    }
3771
3772    if ((ssl->specs.bulk_cipher_algorithm != wolfssl_aes_gcm) &&
3773        (ssl->specs.bulk_cipher_algorithm != wolfssl_aes_ccm)) {
3774        WOLFSSL_MSG("MAXQ: tls record cipher algo not supported");
3775        return NOT_COMPILED_IN;
3776    }
3777
3778    if (is_encrypt) {
3779        if (tls13_client_hs_key_obj_id != -1) {
3780            key_id = tls13_client_hs_key_obj_id;
3781        }
3782        else if (tls13_client_app_key_obj_id != -1) {
3783            key_id = tls13_client_app_key_obj_id;
3784        }
3785        else {
3786            WOLFSSL_ERROR_MSG("MAXQ: tls record enc key was not selected");
3787        }
3788    }
3789    else {
3790        if (tls13_server_hs_key_obj_id != -1) {
3791            key_id = tls13_server_hs_key_obj_id;
3792        }
3793        else if (tls13_server_app_key_obj_id != -1) {
3794            key_id = tls13_server_app_key_obj_id;
3795        }
3796        else {
3797            WOLFSSL_ERROR_MSG("MAXQ: tls record dec key was not selected");
3798        }
3799    }
3800    mxq_algo_id_t algo_id = 0;
3801
3802    if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
3803        algo_id = ALGO_CIPHER_AES_GCM;
3804    }
3805    else if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm) {
3806        algo_id = ALGO_CIPHER_AES_CCM;
3807    }
3808
3809    rc = wolfSSL_CryptHwMutexLock();
3810    if (rc != 0) {
3811        return rc;
3812    }
3813
3814    WOLFSSL_MSG("MAXQ: MXQ_TLS13_Update_IV");
3815    mxq_rc = MXQ_TLS13_Update_IV( key_id, (mxq_u1 *)iv, ivSz);
3816    if (mxq_rc) {
3817        WOLFSSL_ERROR_MSG("MAXQ: MXQ_TLS13_Update_IV() failed");
3818        wolfSSL_CryptHwMutexUnLock();
3819        return WC_HW_E;
3820    }
3821
3822    mxq_rc = maxq10xx_cipher_do(algo_id, is_encrypt, key_id, (mxq_u1 *)in, out,
3823                                sz, (mxq_u1 *)iv, ivSz, (mxq_u1 *)authIn,
3824                                authInSz, authTag, authTagSz);
3825    if (mxq_rc) {
3826        WOLFSSL_ERROR_MSG("MAXQ: maxq10xx_cipher_do() failed");
3827        wolfSSL_CryptHwMutexUnLock();
3828        return WC_HW_E;
3829    }
3830
3831    wolfSSL_CryptHwMutexUnLock();
3832    return 0;
3833}
3834#endif /* HAVE_HKDF */
3835#endif /* WOLFSSL_MAXQ108X */
3836
3837void maxq10xx_SetupPkCallbacks(struct WOLFSSL_CTX* ctx, ProtocolVersion *pv)
3838{
3839    (void)pv;
3840
3841    if (pv == NULL) {
3842        return;
3843    }
3844
3845    WOLFSSL_ENTER("maxq10xx_SetupPkCallbacks");
3846    if (init_pk_callbacks) {
3847        return;
3848    }
3849
3850#ifdef WOLFSSL_MAXQ108X
3851    #ifdef HAVE_HKDF
3852    wolfSSL_CTX_SetHKDFExtractCb(ctx, maxq10xx_hkdf_extract);
3853    wolfSSL_CTX_SetHKDFExpandLabelCb(ctx, maxq10xx_hkdf_expand_label);
3854    #endif
3855
3856    if ((pv->major == SSLv3_MAJOR) && (pv->minor == WOLFSSL_TLSV1_3)) {
3857        tls13active = 1;
3858        wolfSSL_CTX_SetEccKeyGenCb(ctx, maxq10xx_ecc_key_gen);
3859        wolfSSL_CTX_SetEccSharedSecretCb(ctx, maxq10xx_tls13_ecc_shared_secret);
3860        wolfSSL_CTX_SetEccVerifyCb(ctx, maxq10xx_ecc_verify);
3861        wolfSSL_CTX_SetDhGenerateKeyPair(ctx, maxq10xx_dh_gen_key_pair);
3862        wolfSSL_CTX_SetDhAgreeCb(ctx, maxq10xx_dh_agree);
3863        wolfSSL_CTX_SetRsaPssSignCb(ctx, maxq10xx_rsa_pss_sign);
3864        wolfSSL_CTX_SetRsaPssSignCheckCb(ctx, maxq10xx_skip_sign_check);
3865        wolfSSL_CTX_SetRsaPssVerifyCb(ctx, maxq10xx_rsa_pss_verify);
3866
3867        wolfSSL_CTX_SetPerformTlsRecordProcessingCb(ctx,
3868            maxq10xx_perform_tls13_record_processing);
3869    }
3870    else
3871#endif /* WOLFSSL_MAXQ108X */
3872    {
3873        wolfSSL_CTX_SetEccSharedSecretCb(ctx, maxq10xx_tls12_ecc_shared_secret);
3874        wolfSSL_CTX_SetPerformTlsRecordProcessingCb(ctx,
3875            maxq10xx_perform_tls12_record_processing);
3876    }
3877
3878    wolfSSL_CTX_SetProcessPeerCertCb(ctx, maxq10xx_process_server_certificate);
3879    wolfSSL_CTX_SetProcessServerSigKexCb(ctx, maxq10xx_process_server_sig_kex);
3880    wolfSSL_CTX_SetGenMasterSecretCb(ctx, maxq10xx_gen_tls_master_secret);
3881    wolfSSL_CTX_SetTlsFinishedCb(ctx, maxq10xx_perform_client_finished);
3882
3883    wolfSSL_CTX_SetEccSignCb(ctx, maxq10xx_ecc_sign);
3884
3885    init_pk_callbacks = 1;
3886}
3887
3888#endif /* WOLFSSL_MAXQ1065 || WOLFSSL_MAXQ108X */