Merge pull request #6123 from dgarske/math_info

Add introspection for math build and math cleanups
wolfSSL · Mar 30, 2023 · 6bed0c5 · 6bed0c5
2 parents 7fae945 + 22a5a5c
commit 6bed0c5
Show file tree

Hide file tree

Showing 32 changed files with 277 additions and 190 deletions.
diff --git a/IDE/Espressif/ESP-IDF/test/test_wolfssl.c b/IDE/Espressif/ESP-IDF/test/test_wolfssl.c
@@ -21,7 +21,7 @@
 #include <wolfssl/wolfcrypt/wc_port.h>
 #include <wolfssl/wolfcrypt/logging.h>
 #include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/integer.h>
+#include <wolfssl/wolfcrypt/wolfmath.h>
 
 #ifdef NO_INLINE
     #include <wolfssl/wolfcrypt/misc.h>

diff --git a/examples/client/client.c b/examples/client/client.c
@@ -66,11 +66,8 @@ static const char *wolfsentry_config_path = NULL;
 #include <wolfssl/certs_test.h>
 #endif
 
-#ifdef USE_FAST_MATH
-    /* included to inspect the size of FP_MAX_BITS */
-    /* need integer.h header to make sure right math version used */
-    #include <wolfssl/wolfcrypt/integer.h>
-#endif
+#include <wolfssl/wolfcrypt/wolfmath.h> /* for max bits */
+
 #ifdef HAVE_ECC
     #include <wolfssl/wolfcrypt/ecc.h>
 #endif

diff --git a/tests/api.c b/tests/api.c
@@ -61817,7 +61817,7 @@ static void test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer,
 }
 #endif /* WOLFSSL_STATIC_MEMORY && HAVE_IO_TESTS_DEPENDENCIES */
 
-#ifdef WOLFSSL_STATIC_MEMORY
+#if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
 #if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) || \
         defined(SESSION_CERTS)
     #ifdef OPENSSL_EXTRA
@@ -61867,12 +61867,12 @@ static int test_wolfSSL_CTX_StaticMemory_SSL(WOLFSSL_CTX* ctx)
 
     return TEST_RES_CHECK(1);
 }
-#endif /* WOLFSSL_STATIC_MEMORY */
+#endif /* WOLFSSL_STATIC_MEMORY && !WOLFCRYPT_ONLY */
 
 static int test_wolfSSL_CTX_StaticMemory(void)
 {
     int res = TEST_SKIPPED;
-#ifdef WOLFSSL_STATIC_MEMORY
+#if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
     wolfSSL_method_func method_func;
     WOLFSSL_CTX* ctx;
     const int kMaxCtxClients = 2;
@@ -61945,7 +61945,7 @@ static int test_wolfSSL_CTX_StaticMemory(void)
 #endif /* HAVE_IO_TESTS_DEPENDENCIES */
 
     res = TEST_RES_CHECK(1);
-#endif
+#endif /* WOLFSSL_STATIC_MEMORY && !WOLFCRYPT_ONLY */
     return res;
 }
 

diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c
@@ -63,6 +63,7 @@
 #include <wolfssl/version.h>
 #include <wolfssl/wolfcrypt/wc_port.h>
 #include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/wolfmath.h>
 
 #ifdef WOLFSSL_ESPIDF
     #include <xtensa/hal.h> /* reminder Espressif RISC-V not yet implemented */
@@ -2842,6 +2843,10 @@ int benchmark_init(void)
         return EXIT_FAILURE;
     }
 
+#ifdef HAVE_WC_INTROSPECTION
+    printf("Math: %s\n", wc_GetMathInfo());
+#endif
+
 #ifdef WOLFSSL_SECO_CAAM
     if (wc_SECO_OpenHSM(SECO_KEY_STORE_ID,
             SECO_BENCHMARK_NONCE, SECO_MAX_UPDATES, CAAM_KEYSTORE_CREATE)

diff --git a/wolfcrypt/src/dsa.c b/wolfcrypt/src/dsa.c
@@ -29,7 +29,7 @@
 #ifndef NO_DSA
 
 #include <wolfssl/wolfcrypt/random.h>
-#include <wolfssl/wolfcrypt/integer.h>
+#include <wolfssl/wolfcrypt/wolfmath.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 #include <wolfssl/wolfcrypt/sha.h>

diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c
@@ -45,7 +45,7 @@
 #include <wolfssl/openssl/ecdsa.h>
 #include <wolfssl/openssl/evp.h>
 #include <wolfssl/openssl/kdf.h>
-#include <wolfssl/wolfcrypt/integer.h>
+#include <wolfssl/wolfcrypt/wolfmath.h>
 
 #ifndef NO_AES
     #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)

diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c
@@ -47,7 +47,7 @@
     #include <wolfcrypt/src/misc.c>
 #endif
 
-#include <wolfssl/wolfcrypt/integer.h>
+#include <wolfssl/wolfcrypt/wolfmath.h>
 
 #if defined(FREESCALE_LTC_TFM)
     #include <wolfssl/wolfcrypt/port/nxp/ksdk_port.h>

diff --git a/wolfcrypt/src/port/Espressif/esp32_mp.c b/wolfcrypt/src/port/Espressif/esp32_mp.c
@@ -39,7 +39,7 @@
     #define WOLFSSL_MISC_INCLUDED
     #include <wolfcrypt/src/misc.c>
 #endif
-#include <wolfssl/wolfcrypt/tfm.h>
+#include <wolfssl/wolfcrypt/wolfmath.h>
 
 static const char* const TAG = "wolfssl_mp";
 
@@ -115,12 +115,12 @@ static int esp_mp_hw_lock()
             espmp_CryptHwMutexInit = 1;
         }
         else {
-            ESP_LOGE(TAG, "mp mutx initialization failed.");
+            ESP_LOGE(TAG, "mp mutex initialization failed.");
             return MP_NG;
         }
     }
     else {
-        /* esp aes has already been iniitlized */
+        /* esp aes has already been initialized */
     }
 
     /* lock hardware */
@@ -138,7 +138,7 @@ static int esp_mp_hw_lock()
      */
     DPORT_REG_CLR_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
 
-    /* remionder: wait until RSA_CLEAN_REG reads 1
+    /* reminder: wait until RSA_CLEAN_REG reads 1
      *  see esp_mp_hw_wait_clean()
      */
 
@@ -161,9 +161,9 @@ static void esp_mp_hw_unlock( void )
     esp_CryptHwMutexUnLock(&mp_mutex);
 }
 
-/* this is based on an article by Cetin Kaya Koc, A New Algorithm for Inversion*/
-/* mod p^k, June 28 2017.                                                     */
-static int esp_calc_Mdash(mp_int *M, word32 k, mp_digit* md)
+/* this is based on an article by Cetin Kaya Koc,
+ * A New Algorithm for Inversion: mod p^k, June 28 2017 */
+static int esp_calc_Mdash(MATH_INT_T *M, word32 k, mp_digit* md)
 {
     int i;
     int xi;
@@ -199,7 +199,7 @@ static void process_start(word32 reg)
 }
 
 /* wait until done */
-static int wait_uitil_done(word32 reg)
+static int wait_until_done(word32 reg)
 {
     word32 timeout = 0;
     /* wait until done && not timeout */
@@ -221,7 +221,7 @@ static int wait_uitil_done(word32 reg)
 
 /* read data from memory into mp_init          */
 static void esp_memblock_to_mpint(word32 mem_address,
-                                  mp_int* mp,
+                                  MATH_INT_T* mp,
                                   word32 numwords)
 {
     esp_dport_access_read_buffer((uint32_t*)mp->dp, mem_address, numwords);
@@ -230,7 +230,7 @@ static void esp_memblock_to_mpint(word32 mem_address,
 
 /* write mp_init into memory block
  */
-static void esp_mpint_to_memblock(word32 mem_address, const mp_int* mp,
+static void esp_mpint_to_memblock(word32 mem_address, const MATH_INT_T* mp,
                                                       const word32 bits,
                                                       const word32 hwords)
 {
@@ -271,7 +271,7 @@ static word32 bits2words(word32 bits)
 }
 
 /* get rinv */
-static int esp_get_rinv(mp_int *rinv, mp_int *M, word32 exp)
+static int esp_get_rinv(MATH_INT_T *rinv, MATH_INT_T *M, word32 exp)
 {
     int ret = 0;
 
@@ -291,17 +291,19 @@ static int esp_get_rinv(mp_int *rinv, mp_int *M, word32 exp)
 }
 
 /* Z = X * Y;  */
-int esp_mp_mul(fp_int* X, fp_int* Y, fp_int* Z)
+int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
 {
     int ret = 0;
-    int neg = (X->sign == Y->sign)? MP_ZPOS : MP_NEG;
-
+    int neg;
     word32 Xs;
     word32 Ys;
     word32 Zs;
     word32 maxWords_sz;
     word32 hwWords_sz;
 
+    /* neg check - X*Y becomes negative */
+    neg = mp_isneg(X) != mp_isneg(Y) ? 1 : 0;
+
     /* ask bits number */
     Xs = mp_count_bits(X);
     Ys = mp_count_bits(Y);
@@ -356,9 +358,9 @@ int esp_mp_mul(fp_int* X, fp_int* Y, fp_int* Z)
     process_start(RSA_MULT_START_REG);
 
     /* step.4,5 wait until done                       */
-    ret = wait_uitil_done(RSA_INTERRUPT_REG);
+    ret = wait_until_done(RSA_INTERRUPT_REG);
     if (ret != MP_OKAY) {
-        ESP_LOGE(TAG, "wait_uitil_done failed.");
+        ESP_LOGE(TAG, "wait_until_done failed.");
         return ret;
     }
     /* step.6 read the result form MEM_Z              */
@@ -367,32 +369,32 @@ int esp_mp_mul(fp_int* X, fp_int* Y, fp_int* Z)
     /* step.7 clear and release hw                    */
     esp_mp_hw_unlock();
 
-    Z->sign = (Z->used > 0) ? neg : MP_ZPOS;
+    if (!mp_iszero(Z) && neg) {
+        mp_setneg(mpi);
+    }
 
     return ret;
 }
 
 /* Z = X * Y (mod M)                                  */
-int esp_mp_mulmod(fp_int* X, fp_int* Y, fp_int* M, fp_int* Z)
+int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
 {
     int ret = 0;
-    int negcheck = 0;
+    int negcheck;
     word32 Xs;
     word32 Ys;
     word32 Ms;
     word32 maxWords_sz;
     word32 hwWords_sz;
     word32 zwords;
 
-    mp_int r_inv;
-    mp_int tmpZ;
+    MATH_INT_T r_inv;
+    MATH_INT_T tmpZ;
     mp_digit mp;
 
-    /* neg check */
-    if (X->sign != Y->sign) {
-        /* X*Y becomes negative */
-        negcheck = 1;
-    }
+    /* neg check - X*Y becomes negative */
+    negcheck = mp_isneg(X) != mp_isneg(Y) ? 1 : 0;
+
     /* ask bits number */
     Xs = mp_count_bits(X);
     Ys = mp_count_bits(Y);
@@ -470,15 +472,15 @@ int esp_mp_mulmod(fp_int* X, fp_int* Y, fp_int* M, fp_int* Z)
     process_start(RSA_MULT_START_REG);
 
     /* step.5,6 wait until done                       */
-    wait_uitil_done(RSA_INTERRUPT_REG);
+    wait_until_done(RSA_INTERRUPT_REG);
     /* step.7 Y to MEM_X                              */
     esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, Y, Ys, hwWords_sz);
 
     /* step.8 start process                           */
     process_start(RSA_MULT_START_REG);
 
     /* step.9,11 wait until done                      */
-    wait_uitil_done(RSA_INTERRUPT_REG);
+    wait_until_done(RSA_INTERRUPT_REG);
 
     /* step.12 read the result from MEM_Z             */
     esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, &tmpZ, zwords);
@@ -488,7 +490,7 @@ int esp_mp_mulmod(fp_int* X, fp_int* Y, fp_int* M, fp_int* Z)
 
     /* additional steps                               */
     /* this needs for known issue when Z is greater than M */
-    if (mp_cmp(&tmpZ, M) == FP_GT) {
+    if (mp_cmp(&tmpZ, M) == MP_GT) {
         /*  Z -= M  */
         mp_sub(&tmpZ, M, &tmpZ);
     }
@@ -522,7 +524,7 @@ int esp_mp_mulmod(fp_int* X, fp_int* Y, fp_int* M, fp_int* Z)
 .*
 .* Note some DH references may use: Y = (G ^ X) mod P
  */
-int esp_mp_exptmod(fp_int* X, fp_int* Y, word32 Ys, fp_int* M, fp_int* Z)
+int esp_mp_exptmod(MATH_INT_T* X, MATH_INT_T* Y, word32 Ys, MATH_INT_T* M, MATH_INT_T* Z)
 {
     int ret = 0;
 
@@ -531,7 +533,7 @@ int esp_mp_exptmod(fp_int* X, fp_int* Y, word32 Ys, fp_int* M, fp_int* Z)
     word32 maxWords_sz;
     word32 hwWords_sz;
 
-    mp_int r_inv;
+    MATH_INT_T r_inv;
     mp_digit mp;
 
     /* ask bits number */
@@ -600,7 +602,7 @@ int esp_mp_exptmod(fp_int* X, fp_int* Y, word32 Ys, fp_int* M, fp_int* Z)
     process_start(RSA_START_MODEXP_REG);
 
     /* step.5 wait until done                         */
-    wait_uitil_done(RSA_INTERRUPT_REG);
+    wait_until_done(RSA_INTERRUPT_REG);
     /* step.6 read a result form memory               */
     esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(Ms));
     /* step.7 clear and release hw                    */
@@ -610,6 +612,8 @@ int esp_mp_exptmod(fp_int* X, fp_int* Y, word32 Ys, fp_int* M, fp_int* Z)
 
     return ret;
 }
-#endif /* !NO_RSA || HAVE_ECC */
 
-#endif /* (WOLFSS_ESP32WROOM32_CRYPT) && (NO_WOLFSSL_ESP32WROOM32_CRYPT_RES_PRI)*/
+#endif /* WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) &&
+        * !NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI */
+
+#endif /* !NO_RSA || HAVE_ECC */
diff --git a/wolfcrypt/src/port/cypress/psoc6_crypto.c b/wolfcrypt/src/port/cypress/psoc6_crypto.c
@@ -32,23 +32,17 @@
 #endif
 
 #if defined(WOLFSSL_PSOC6_CRYPTO)
-#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
-    struct sp_int;
-    #define MATH_INT_T struct sp_int
-#elif defined(USE_FAST_MATH)
-    struct fp_int;
-    #define MATH_INT_T struct fp_int
-#else
-    struct mp_int;
-	#define MATH_INT_T struct mp_int
-#endif
 
 #include <wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h>
 #include <wolfssl/wolfcrypt/random.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 #include <stdint.h>
 
+#ifdef HAVE_ECC
+#include <wolfssl/wolfcrypt/ecc.h>
+#endif
+
 static CRYPTO_Type *crypto_base = PSOC6_CRYPTO_BASE;
 
 /* Hook for device specific initialization */
@@ -192,15 +186,14 @@ static cy_en_crypto_ecc_curve_id_t psoc6_get_curve_id(int size)
         case 32:
             return CY_CRYPTO_ECC_ECP_SECP256R1;
         case 48:
-            return CY_CRYPTO_ECC_ECP_SECP384R1; 
+            return CY_CRYPTO_ECC_ECP_SECP384R1;
         case 66:
             return CY_CRYPTO_ECC_ECP_SECP521R1;
         default:
             return CY_CRYPTO_ECC_ECP_NONE;
     }
 }
 
-#include <wolfssl/wolfcrypt/ecc.h>
 int psoc6_ecc_verify_hash_ex(MATH_INT_T *r, MATH_INT_T *s, const byte* hash,
                     word32 hashlen, int* verif_res, ecc_key* key)
 {
@@ -214,7 +207,7 @@ int psoc6_ecc_verify_hash_ex(MATH_INT_T *r, MATH_INT_T *s, const byte* hash,
 
     if (!key || !verif_res || !r || !s || !hash)
         return -BAD_FUNC_ARG;
-    
+
     /* retrieve and check sizes */
     szModulus = mp_unsigned_bin_size(key->pubkey.x);
     szkbin = mp_unsigned_bin_size(r);