diff --git a/esp-mbedtls-sys/headers/esp32c3/config.h b/esp-mbedtls-sys/headers/esp32c3/config.h index 7eb82a8..8b1b00e 100644 --- a/esp-mbedtls-sys/headers/esp32c3/config.h +++ b/esp-mbedtls-sys/headers/esp32c3/config.h @@ -3609,6 +3609,8 @@ /* MPI / BIGNUM options */ //#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */ //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ +#define MBEDTLS_MPI_EXP_MOD_ALT +// #define MBEDTLS_MPI_MUL_MPI_ALT /* CTR_DRBG options */ //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ diff --git a/esp-mbedtls-sys/headers/esp32s3/config.h b/esp-mbedtls-sys/headers/esp32s3/config.h index 6c1deff..d956588 100644 --- a/esp-mbedtls-sys/headers/esp32s3/config.h +++ b/esp-mbedtls-sys/headers/esp32s3/config.h @@ -3610,8 +3610,8 @@ //#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */ //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ // #define MBEDTLS_BIGNUM_ALT -// #define MBEDTLS_MPI_EXP_MOD_ALT -#define MBEDTLS_MPI_MUL_MPI_ALT +#define MBEDTLS_MPI_EXP_MOD_ALT +// #define MBEDTLS_MPI_MUL_MPI_ALT /* CTR_DRBG options */ //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ diff --git a/esp-mbedtls/Cargo.toml b/esp-mbedtls/Cargo.toml index b4e358a..56e23c4 100644 --- a/esp-mbedtls/Cargo.toml +++ b/esp-mbedtls/Cargo.toml @@ -13,6 +13,7 @@ esp32-hal = { version = "0.16.0", optional = true } esp32c3-hal = { version = "0.13.0", optional = true } esp32s2-hal = { version = "0.13.0", optional = true } esp32s3-hal = { version = "0.13.0", optional = true } +cfg-if = "1.0.0" [features] async = ["dep:embedded-io-async"] diff --git a/esp-mbedtls/src/bignum.rs b/esp-mbedtls/src/bignum.rs index 557b4a4..ab6d01e 100644 --- a/esp-mbedtls/src/bignum.rs +++ b/esp-mbedtls/src/bignum.rs @@ -1,9 +1,11 @@ #![allow(non_snake_case)] -use crate::hal::rsa::{operand_sizes, RsaMultiplication, RsaModularMultiplication, Rsa}; +use crate::hal::rsa::{operand_sizes, RsaModularExponentiation, RsaMultiplication, RsaModularMultiplication, Rsa}; use crate::hal::peripherals::RSA; +use crate::hal::prelude::nb; + +use crypto_bigint::*; -use crypto_bigint::{U512, U2048, U4096, Uint, Encoding}; use esp_mbedtls_sys::bindings::*; use esp_mbedtls_sys::c_types::*; @@ -28,17 +30,189 @@ const SOC_RSA_MAX_BIT_LEN: usize = 4096; #[cfg(feature = "esp32s3")] const SOC_RSA_MAX_BIT_LEN: usize = 4096; -// #[no_mangle] -// pub extern "C" fn mbedtls_mpi_exp_mod( -// X: *mut mbedtls_mpi, -// A: *const mbedtls_mpi, -// E: *const mbedtls_mpi, -// N: *const mbedtls_mpi, -// prec_RR: *mut mbedtls_mpi, -// ) -> c_int { -// log::info!("exp_mod"); -// return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; -// } + +/// An error occurred while reading from or writing to a file. +const MBEDTLS_ERR_MPI_FILE_IO_ERROR: c_int = -0x0002; +/// Bad input parameters to function. +const MBEDTLS_ERR_MPI_BAD_INPUT_DATA: c_int = -0x0004; +/// There is an invalid character in the digit string. +const MBEDTLS_ERR_MPI_INVALID_CHARACTER: c_int = -0x0006; +/// The buffer is too small to write to. +const MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL: c_int = -0x0008; +/// The input arguments are negative or result in illegal output. +const MBEDTLS_ERR_MPI_NEGATIVE_VALUE: c_int = -0x000A; +/// The input argument for division is zero, which is not allowed. +const MBEDTLS_ERR_MPI_DIVISION_BY_ZERO: c_int = -0x000C; +/// The input arguments are not acceptable. +const MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: c_int = -0x000E; +/// Memory allocation failed. +const MBEDTLS_ERR_MPI_ALLOC_FAILED: c_int = -0x0010; + + +fn compute_mprime(M: *const mbedtls_mpi) -> u32 { + let mut t: u64 = 1; + let mut two_2_i_minus_1: u64 = 2; // 2^(i-1) + let mut two_2_i: u64 = 4; // 2^i + let n = unsafe {(*M).private_p.read()} as u64; + + + for i in 2..=32 { + if n * t % two_2_i >= two_2_i_minus_1 { + t += two_2_i_minus_1; + } + + two_2_i_minus_1 <<= 1; + two_2_i <<= 1; + } + + return (u32::MAX as u64 - t + 1) as u32 +} + +unsafe fn calculate_rinv(prec_RR: *mut mbedtls_mpi, M: *const mbedtls_mpi, num_words: usize) -> c_int { + + let ret = 0; + let num_bits = num_words * 32; + let mut RR = mbedtls_mpi { + private_s: 0, + private_n: 0, + private_p: core::ptr::null_mut(), + }; + + mbedtls_mpi_init(&mut RR); + error_checked!(mbedtls_mpi_set_bit(&mut RR, num_bits * 2, 1)); + error_checked!(mbedtls_mpi_mod_mpi(prec_RR, &RR, M)); + + mbedtls_mpi_free(&mut RR); + + ret +} + +/// Z = X ^ Y mod M +#[no_mangle] +pub unsafe extern "C" fn mbedtls_mpi_exp_mod( + Z: *mut mbedtls_mpi, + X: *const mbedtls_mpi, + Y: *const mbedtls_mpi, + M: *const mbedtls_mpi, + prec_RR: *mut mbedtls_mpi, +) -> c_int { + log::info!("exp_mod"); + let mut ret = 0; + + let x_words = mpi_words(X); + let y_words = mpi_words(Y); + let m_words = mpi_words(M); + + // All numbers must be the lame length, so choose longest number as + // cardinal length of operation + let num_words = calculate_hw_words(core::cmp::max(m_words, core::cmp::max(x_words, y_words))); + + if num_words * 32 > SOC_RSA_MAX_BIT_LEN { + return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; + } + + if mbedtls_mpi_cmp_int(M, 0) <= 0 || (*M).private_p.read() & 1 == 0 { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + + if mbedtls_mpi_cmp_int(Y, 0) < 0 { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + + if mbedtls_mpi_cmp_int(Y, 0) == 0 { + return mbedtls_mpi_lset(Z, 1); + } + + + // Determine RR pointer, either _RR for cached value or local RR_new + let mut rinv = mbedtls_mpi { + private_s: 0, + private_n: 0, + private_p: core::ptr::null_mut(), + }; + + if prec_RR.is_null() { + log::error!("using local RR"); + mbedtls_mpi_init(&mut rinv); + } else { + rinv = *prec_RR; + } + + if rinv.private_p.is_null() { + log::error!("calculating rinv"); + calculate_rinv(&mut rinv, M, num_words); + } + + log_timestamp(); + let mut rsa = Rsa::new(RSA::steal()); + nb::block!(rsa.ready()).unwrap(); + rsa.enable_disable_constant_time_acceleration(true); + rsa.enable_disable_search_acceleration(true); + cfg_if::cfg_if! { + if #[cfg(feature = "esp32c3")] { + // const OP_SIZE: usize = U3072::BYTES; + // let mut base = [0u8; OP_SIZE]; + // let mut exponent = [0u8; OP_SIZE]; + // let mut modulus = [0u8; OP_SIZE]; + // let mut r = [0u8; OP_SIZE]; + // core::ptr::copy_nonoverlapping((*X).private_p as *const u8, base.as_mut_ptr(), num_words * 4); + // core::ptr::copy_nonoverlapping((*Y).private_p as *const u8, exponent.as_mut_ptr(), num_words * 4); + // core::ptr::copy_nonoverlapping((*M).private_p as *const u8, modulus.as_mut_ptr(), (*M).private_n * 4); + // core::ptr::copy_nonoverlapping((*rinv).private_p as *const u8, r.as_mut_ptr(), 12 * 4); + // let mut mod_exp = RsaModularExponentiation::::new( + // &mut rsa, + // &exponent, // exponent (Y) + // &modulus, // modulus (M) + // compute_mprime(M) // mprime + // ); + // let mut out = [0u8; OP_SIZE]; + } else { + const OP_SIZE: usize = U512::BYTES; + let mut base = [0u8; OP_SIZE]; + let mut exponent = [0u8; OP_SIZE]; + let mut modulus = [0u8; OP_SIZE]; + let mut r = [0u8; OP_SIZE]; + core::ptr::copy_nonoverlapping((*X).private_p as *const u8, base.as_mut_ptr(), num_words * 4); + core::ptr::copy_nonoverlapping((*Y).private_p as *const u8, exponent.as_mut_ptr(), num_words * 4); + core::ptr::copy_nonoverlapping((*M).private_p as *const u8, modulus.as_mut_ptr(), m_words * 4); + core::ptr::copy_nonoverlapping(rinv.private_p as *const u8, r.as_mut_ptr(), m_words * 4); + let mut mod_exp = RsaModularExponentiation::::new( + &mut rsa, + &exponent, // exponent (Y) Y_MEM + &modulus, // modulus (M) M_MEM + compute_mprime(M) // mprime + ); + let mut out = [0u8; OP_SIZE]; + } + } + + + // This log is a temp patch to fix an issue where copy_nonoverlapping fails. + log::info!(""); + ret = mbedtls_mpi_grow(Z, m_words); + mod_exp.start_exponentiation( + &base, // X_MEM + &r // Z_MEM + ); + + mod_exp.read_results(&mut out); + core::ptr::copy_nonoverlapping(out.as_ptr() as *mut u32, (*Z).private_p, m_words); + + // Compensate for negative X + if (*X).private_s == -1 && ((*Y).private_p.read() & 1) != 0 { + (*Z).private_s = -1; + error_checked!(mbedtls_mpi_add_mpi(Z, M, Z)); + } else { + (*Z).private_s = 1; + } + + + // TODO: determine if should free and when + // if prec_RR.is_null() { + // mbedtls_mpi_free(&mut RR); + // } + ret +} const fn bits_to_words(bits: usize) -> usize { (bits + 31) / 32 @@ -55,8 +229,8 @@ const fn calculate_hw_words(words: usize) -> usize { } unsafe fn mpi_words(X: *const mbedtls_mpi) -> usize { - for i in (0..(*X).private_n).rev() { - if (*X).private_p.wrapping_add(i - 1).is_null() { + for i in (0..=(*X).private_n).rev() { + if (*X).private_p.add(i - 1).read() != 0 { return i; } } @@ -131,177 +305,189 @@ unsafe fn mpi_mult_mpi_overlong( } -unsafe fn mbedtls_mpi_mult_mpi_failover_mod_mult( - X: *mut mbedtls_mpi, - A: *const mbedtls_mpi, - B: *const mbedtls_mpi, - z_words: usize) -> c_int { - let mut ret = 0; - - let a_bits = mbedtls_mpi_bitlen(A); - let b_bits = mbedtls_mpi_bitlen(B); - // TODO: We can have the words value from the mpi - let a_words = bits_to_words(a_bits); - let b_words = bits_to_words(b_bits); - let hw_words = calculate_hw_words(z_words); - - let a = core::ptr::slice_from_raw_parts((*A).private_p as *const u8, a_words * 4); - let b = core::ptr::slice_from_raw_parts((*B).private_p as *const u8, b_words * 4); - - let mut operand_a: [u8; U4096::BYTES] = [0u8; U4096::BYTES]; - operand_a[..a_words * 4].copy_from_slice(&*a); - - let mut operand_b: [u8; U4096::BYTES] = [0u8; U4096::BYTES]; - operand_b[..b_words * 4].copy_from_slice(&*b); - - let mut rsa = Rsa::new(RSA::steal()); - let mut calc = RsaModularMultiplication::::new( - &mut rsa, - &operand_a, - &operand_b, - &[u8::MAX; U4096::BYTES], - 1 - ); - calc.start_modular_multiplication(&[0u8; U4096::BYTES]); - - let mut out = [0u8; U4096::BYTES]; - calc.read_results(&mut out); - - // Grow X to result size early, avoid interim allocations - error_checked!(mbedtls_mpi_grow(X, hw_words)); - - core::ptr::copy_nonoverlapping(out.as_ptr() as *mut u32, (*X).private_p, hw_words); - (*X).private_s = (*A).private_s * (*B).private_s; - - - // Relevant: https://github.com/espressif/esp-idf/issues/11850 - // - // If z_words < mpi_words(Z) (the actual words taken by the MPI result), - // the assert fails due to unsigned arithmetic - most likely hardware - // peripheral has produced an incorrect result for MPI operation. - // This can happen if data fed to the peripheral register was incorrect. - // - // z_words is calculated as the worst-case possible size of the result - // MPI Z. The difference between z_words and the actual words taken by - // the MPI result (mpi_words(Z)) can be a maximum of 1 word. - // The value z_bits (actual bits taken by the MPI result) is calculated - // as x_bits + y_bits bits, however, in some cases, z_bits can be - // x_bits + y_bits - 1 bits (see example below). - // 0b1111 * 0b1111 = 0b11100001 -> 8 bits - // 0b1000 * 0b1000 = 0b01000000 -> 7 bits. - // The code rounds up to the nearest word size, so the maximum difference - // could be of only 1 word. The assert handles this. - assert!(z_words - unsafe {mpi_words(X)} <= 1); - - ret -} - -/// Baseline multiplication: X = A * B (HAC 14.12) -#[no_mangle] -pub unsafe extern "C" fn mbedtls_mpi_mul_mpi( - X: *mut mbedtls_mpi, - A: *const mbedtls_mpi, - B: *const mbedtls_mpi, -) -> c_int { - let mut ret = 0; - - let a_bits = mbedtls_mpi_bitlen(A); - let b_bits = mbedtls_mpi_bitlen(B); - // TODO: We can have the words value from the mpi - let a_words = bits_to_words(a_bits); - let b_words = bits_to_words(b_bits); - let z_words = a_words + b_words; - let hw_words = calculate_hw_words(core::cmp::max(a_words, b_words)); - - - // Short-circuit eval if either argument is 0 or 1. - // - // This is needed as the mpi modular division - // argument will sometimes call in here when one - // argument is too large for the hardware unit, but other - // argument is zero or one. - if a_bits == 0 || b_bits == 0 { - mbedtls_mpi_lset(X, 0); - return 0; - } - if a_bits == 1 { - ret = mbedtls_mpi_copy(X, B); - (*X).private_s *= (*A).private_s; - return ret; - } - if b_bits == 1 { - ret = mbedtls_mpi_copy(X, A); - (*X).private_s *= (*B).private_s; - return ret; - } - - // Grow X to result size early, avoid interim allocations - error_checked!(mbedtls_mpi_grow(X, z_words)); - - // If either factor is over 2048 bits, we can't use the standard hardware multiplier - // (it assumes result is double longest factor, and result is max 4096 bits.) - // - // However, we can fail over to mod_mult for up to 4096 bits of result (modulo - // multiplication doesn't have the same restriction, so result is simply the - // number of bits in X plus number of bits in in Y.) - - if hw_words * 32 > SOC_RSA_MAX_BIT_LEN / 2 { - // if z_words * 32 <= SOC_RSA_MAX_BIT_LEN { - // // Note: It's possible to use mpi_mult_mpi_overlong - // // for this case as well, but it's very slightly - // // slower and requires a memory allocation. - // return mbedtls_mpi_mult_mpi_failover_mod_mult(X, A, B, z_words); - // } else { - // Still too long for the hardware unit... - if b_words > a_words { - return mpi_mult_mpi_overlong(X, A, B, b_words) - } else { - return mpi_mult_mpi_overlong(X, B, A, a_words) - } - // } - } - - let a = core::ptr::slice_from_raw_parts((*A).private_p as *const u8, a_words * 4); - let b = core::ptr::slice_from_raw_parts((*B).private_p as *const u8, b_words * 4); - - // Otherwise, we can use the (faster) multiply hardware unit - let mut operand_a: [u8; U2048::BYTES] = [0u8; U2048::BYTES]; - operand_a[..a_words * 4].copy_from_slice(&*a); - - let mut operand_b: [u8; U2048::BYTES] = [0u8; U2048::BYTES]; - operand_b[..b_words * 4].copy_from_slice(&*b); - - let mut rsa = Rsa::new(RSA::steal()); - let mut calc = RsaMultiplication::::new(&mut rsa, &operand_a); - calc.start_multiplication(&operand_b); - - let mut out = [0u8; U4096::BYTES]; - calc.read_results(&mut out); - - core::ptr::copy_nonoverlapping(out.as_ptr() as *mut u32, (*X).private_p, z_words); - (*X).private_s = (*A).private_s * (*B).private_s; - - ret -} - - -#[no_mangle] -pub unsafe extern "C" fn mbedtls_mpi_mul_int( - X: *mut mbedtls_mpi, - A: *const mbedtls_mpi, - b: mbedtls_mpi_uint, -) -> c_int { - - let mut p: [mbedtls_mpi_uint; 1] = [0]; - p[0] = b; - - - let B: mbedtls_mpi = mbedtls_mpi { - private_s: 1, - private_n: 1, - private_p: p.as_mut_ptr(), - }; - - mbedtls_mpi_mul_mpi(X, A, &B) -} +// unsafe fn mbedtls_mpi_mult_mpi_failover_mod_mult( +// X: *mut mbedtls_mpi, +// A: *const mbedtls_mpi, +// B: *const mbedtls_mpi, +// z_words: usize) -> c_int { +// let mut ret = 0; +// +// let a_bits = mbedtls_mpi_bitlen(A); +// let b_bits = mbedtls_mpi_bitlen(B); +// // TODO: We can have the words value from the mpi +// let a_words = bits_to_words(a_bits); +// let b_words = bits_to_words(b_bits); +// let hw_words = calculate_hw_words(z_words); +// +// let a = core::ptr::slice_from_raw_parts((*A).private_p as *const u8, a_words * 4); +// let b = core::ptr::slice_from_raw_parts((*B).private_p as *const u8, b_words * 4); +// +// let mut operand_a: [u8; U4096::BYTES] = [0u8; U4096::BYTES]; +// operand_a[..a_words * 4].copy_from_slice(&*a); +// +// let mut operand_b: [u8; U4096::BYTES] = [0u8; U4096::BYTES]; +// operand_b[..b_words * 4].copy_from_slice(&*b); +// +// let mut rsa = Rsa::new(RSA::steal()); +// let mut calc = RsaModularMultiplication::::new( +// &mut rsa, +// &operand_a, +// &operand_b, +// &[u8::MAX; U4096::BYTES], +// 1 +// ); +// calc.start_modular_multiplication(&[0u8; U4096::BYTES]); +// +// let mut out = [0u8; U4096::BYTES]; +// calc.read_results(&mut out); +// +// // Grow X to result size early, avoid interim allocations +// error_checked!(mbedtls_mpi_grow(X, hw_words)); +// +// core::ptr::copy_nonoverlapping(out.as_ptr() as *mut u32, (*X).private_p, hw_words); +// (*X).private_s = (*A).private_s * (*B).private_s; +// +// +// // Relevant: https://github.com/espressif/esp-idf/issues/11850 +// // +// // If z_words < mpi_words(Z) (the actual words taken by the MPI result), +// // the assert fails due to unsigned arithmetic - most likely hardware +// // peripheral has produced an incorrect result for MPI operation. +// // This can happen if data fed to the peripheral register was incorrect. +// // +// // z_words is calculated as the worst-case possible size of the result +// // MPI Z. The difference between z_words and the actual words taken by +// // the MPI result (mpi_words(Z)) can be a maximum of 1 word. +// // The value z_bits (actual bits taken by the MPI result) is calculated +// // as x_bits + y_bits bits, however, in some cases, z_bits can be +// // x_bits + y_bits - 1 bits (see example below). +// // 0b1111 * 0b1111 = 0b11100001 -> 8 bits +// // 0b1000 * 0b1000 = 0b01000000 -> 7 bits. +// // The code rounds up to the nearest word size, so the maximum difference +// // could be of only 1 word. The assert handles this. +// assert!(z_words - unsafe {mpi_words(X)} <= 1); +// +// ret +// } +// Baseline multiplication: X = A * B (HAC 14.12) +// #[no_mangle] +// pub unsafe extern "C" fn mbedtls_mpi_mul_mpi( +// X: *mut mbedtls_mpi, +// A: *const mbedtls_mpi, +// B: *const mbedtls_mpi, +// ) -> c_int { +// let mut ret = 0; +// +// let a_bits = mbedtls_mpi_bitlen(A); +// let b_bits = mbedtls_mpi_bitlen(B); +// // TODO: We can have the words value from the mpi +// let a_words = bits_to_words(a_bits); +// let b_words = bits_to_words(b_bits); +// let z_words = a_words + b_words; +// let hw_words = calculate_hw_words(core::cmp::max(a_words, b_words)); +// +// +// // Short-circuit eval if either argument is 0 or 1. +// // +// // This is needed as the mpi modular division +// // argument will sometimes call in here when one +// // argument is too large for the hardware unit, but other +// // argument is zero or one. +// if a_bits == 0 || b_bits == 0 { +// mbedtls_mpi_lset(X, 0); +// return 0; +// } +// if a_bits == 1 { +// ret = mbedtls_mpi_copy(X, B); +// (*X).private_s *= (*A).private_s; +// return ret; +// } +// if b_bits == 1 { +// ret = mbedtls_mpi_copy(X, A); +// (*X).private_s *= (*B).private_s; +// return ret; +// } +// +// // Grow X to result size early, avoid interim allocations +// error_checked!(mbedtls_mpi_grow(X, z_words)); +// +// // If either factor is over 2048 bits, we can't use the standard hardware multiplier +// // (it assumes result is double longest factor, and result is max 4096 bits.) +// // +// // However, we can fail over to mod_mult for up to 4096 bits of result (modulo +// // multiplication doesn't have the same restriction, so result is simply the +// // number of bits in X plus number of bits in in Y.) +// +// if hw_words * 32 > SOC_RSA_MAX_BIT_LEN / 2 { +// // if z_words * 32 <= SOC_RSA_MAX_BIT_LEN { +// // // Note: It's possible to use mpi_mult_mpi_overlong +// // // for this case as well, but it's very slightly +// // // slower and requires a memory allocation. +// // return mbedtls_mpi_mult_mpi_failover_mod_mult(X, A, B, z_words); +// // } else { +// // Still too long for the hardware unit... +// if b_words > a_words { +// return mpi_mult_mpi_overlong(X, A, B, b_words) +// } else { +// return mpi_mult_mpi_overlong(X, B, A, a_words) +// } +// // } +// } +// +// // Otherwise, we can use the (faster) multiply hardware unit +// let mut rsa = Rsa::new(RSA::steal()); +// cfg_if::cfg_if! { +// if #[cfg(feature = "esp32c3")] { +// +// let mut operand_a = [0u8; U1536::BYTES]; +// let mut operand_b = [0u8; U1536::BYTES]; +// core::ptr::copy_nonoverlapping((*A).private_p as *const u8, operand_a.as_mut_ptr(), a_words * 4); +// core::ptr::copy_nonoverlapping((*B).private_p as *const u8, operand_b.as_mut_ptr(), b_words * 4); +// let mut calc = RsaMultiplication::::new(&mut rsa, &operand_a); +// calc.start_multiplication(&operand_b); +// let mut out = [0u8; U3072::BYTES]; +// calc.read_results(&mut out); +// } else { +// let mut operand_a = [0u8; U2048::BYTES]; +// let mut operand_b = [0u8; U2048::BYTES]; +// core::ptr::copy_nonoverlapping((*A).private_p as *const u8, operand_a.as_mut_ptr(), a_words * 4); +// core::ptr::copy_nonoverlapping((*B).private_p as *const u8, operand_b.as_mut_ptr(), b_words * 4); +// let mut calc = RsaMultiplication::::new(&mut rsa, &operand_a); +// calc.start_multiplication(&operand_b); +// let mut out = [0u8; U4096::BYTES]; +// calc.read_results(&mut out); +// } +// } +// +// +// core::ptr::copy_nonoverlapping(out.as_ptr() as *mut u32, (*X).private_p, z_words); +// (*X).private_s = (*A).private_s * (*B).private_s; +// +// // log::error!("hash result in out: {:?}", &out[..z_words * 4]); +// // log::error!("hash result in X: {:?}", &*core::ptr::slice_from_raw_parts((*X).private_p, z_words)); +// +// ret +// } +// +// +// #[no_mangle] +// pub unsafe extern "C" fn mbedtls_mpi_mul_int( +// X: *mut mbedtls_mpi, +// A: *const mbedtls_mpi, +// b: mbedtls_mpi_uint, +// ) -> c_int { +// +// let mut p: [mbedtls_mpi_uint; 1] = [0]; +// p[0] = b; +// +// +// let B: mbedtls_mpi = mbedtls_mpi { +// private_s: 1, +// private_n: 1, +// private_p: p.as_mut_ptr(), +// }; +// +// mbedtls_mpi_mul_mpi(X, A, &B) +// } +// diff --git a/esp-mbedtls/src/compat.rs b/esp-mbedtls/src/compat.rs index 48fb52f..0785c8b 100644 --- a/esp-mbedtls/src/compat.rs +++ b/esp-mbedtls/src/compat.rs @@ -1,6 +1,8 @@ use core::ffi::VaListImpl; use core::fmt::Write; +use crate::random; + #[no_mangle] extern "C" fn putchar(c: crate::c_int) { log::info!("{c}"); @@ -120,8 +122,8 @@ extern "C" fn vsnprintf( } #[no_mangle] -extern "C" fn rand() { - todo!() +extern "C" fn rand() -> u32 { + unsafe {random()} } pub struct StrBuf { diff --git a/esp-mbedtls/src/lib.rs b/esp-mbedtls/src/lib.rs index c6e26c0..a98effc 100644 --- a/esp-mbedtls/src/lib.rs +++ b/esp-mbedtls/src/lib.rs @@ -20,12 +20,17 @@ pub use esp32s3_hal as hal; mod compat; -#[cfg(feature = "esp32s3")] +#[cfg(any(feature = "esp32s3", feature = "esp32c3"))] mod bignum; use core::ffi::CStr; use core::mem::size_of; +#[no_mangle] +pub unsafe extern "C" fn log_timestamp() { + log::info!("timestamp: {}", crate::hal::systimer::SystemTimer::now()); +} + use compat::StrBuf; use embedded_io::Read; use embedded_io::Write;