diff --git a/components/esp8266/include/esp_wifi_crypto_types.h b/components/esp8266/include/esp_wifi_crypto_types.h index 807da863..e6ddf3da 100644 --- a/components/esp8266/include/esp_wifi_crypto_types.h +++ b/components/esp8266/include/esp_wifi_crypto_types.h @@ -750,48 +750,6 @@ typedef struct{ esp_eap_msg_alloc_t eap_msg_alloc; }wps_crypto_funcs_t; -/** - * @brief The crypto callback function structure used when do WPA enterprise connect. - * The structure can be set as software crypto or the crypto optimized by ESP32 - * hardware. - */ -typedef struct { - uint32_t size; - uint32_t version; - esp_crypto_hash_init_t crypto_hash_init; /**< function used to initialize a crypto_hash structure when use TLSV1 */ - esp_crypto_hash_update_t crypto_hash_update; /**< function used to calculate hash data when use TLSV1 */ - esp_crypto_hash_finish_t crypto_hash_finish; /**< function used to finish the hash calculate when use TLSV1 */ - esp_crypto_cipher_init_t crypto_cipher_init; /**< function used to initialize a crypt_cipher structure when use TLSV1 */ - esp_crypto_cipher_encrypt_t crypto_cipher_encrypt; /**< function used to encrypt cipher when use TLSV1 */ - esp_crypto_cipher_decrypt_t crypto_cipher_decrypt; /**< function used to decrypt cipher when use TLSV1 */ - esp_crypto_cipher_deinit_t crypto_cipher_deinit; /**< function used to free context when use TLSV1 */ - esp_crypto_mod_exp_t crypto_mod_exp; /**< function used to do key exchange when use TLSV1 */ - esp_sha256_vector_t sha256_vector; /**< function used to do X.509v3 certificate parsing and processing */ - esp_tls_init_t tls_init; - esp_tls_deinit_t tls_deinit; - esp_eap_peer_blob_init_t eap_peer_blob_init; - esp_eap_peer_blob_deinit_t eap_peer_blob_deinit; - esp_eap_peer_config_init_t eap_peer_config_init; - esp_eap_peer_config_deinit_t eap_peer_config_deinit; - esp_eap_peer_register_methods_t eap_peer_register_methods; - esp_eap_peer_unregister_methods_t eap_peer_unregister_methods; - esp_eap_deinit_prev_method_t eap_deinit_prev_method; - esp_eap_peer_get_eap_method_t eap_peer_get_eap_method; - esp_eap_sm_abort_t eap_sm_abort; - esp_eap_sm_build_nak_t eap_sm_build_nak; - esp_eap_sm_build_identity_resp_t eap_sm_build_identity_resp; - esp_eap_msg_alloc_t eap_msg_alloc; -} wpa2_crypto_funcs_t; - -/** - * @brief The crypto callback function structure used in mesh vendor IE encryption. The - * structure can be set as software crypto or the crypto optimized by ESP32 - * hardware. - */ -typedef struct{ - esp_aes_128_encrypt_t aes_128_encrypt; /**< function used in mesh vendor IE encryption */ - esp_aes_128_decrypt_t aes_128_decrypt; /**< function used in mesh vendor IE decryption */ -} mesh_crypto_funcs_t; #ifdef __cplusplus } diff --git a/components/wpa_supplicant/CMakeLists.txt b/components/wpa_supplicant/CMakeLists.txt index 175c8e53..593cf204 100644 --- a/components/wpa_supplicant/CMakeLists.txt +++ b/components/wpa_supplicant/CMakeLists.txt @@ -1,7 +1,8 @@ -set(COMPONENT_SRCDIRS "src/crypto" "src/wps" "port") -set(COMPONENT_ADD_INCLUDEDIRS "include" "port/include") -set(COMPONENT_PRIV_REQUIRES "freertos" "heap" "newlib" "util") +set(COMPONENT_SRCDIRS "src/crypto" "src/fast_crypto" "src/wps" "port" "src") +set(COMPONENT_ADD_INCLUDEDIRS "include" "port/include") +set(COMPONENT_PRIV_REQUIRES "ssl" "freertos" "heap" "newlib" "util") + register_component() diff --git a/components/wpa_supplicant/component.mk b/components/wpa_supplicant/component.mk index 27788b93..452a0ac1 100644 --- a/components/wpa_supplicant/component.mk +++ b/components/wpa_supplicant/component.mk @@ -1,4 +1,4 @@ COMPONENT_ADD_INCLUDEDIRS := include include/wps port/include -COMPONENT_SRCDIRS := src/crypto src/wps src/fast_crypto port +COMPONENT_SRCDIRS := src/crypto src/wps src/fast_crypto src port CFLAGS += -DEMBEDDED_SUPP -D__ets__ -DESPRESSIF_USE -DCONFIG_WPS2 -DCONFIG_WPS_PIN -DUSE_WPS_TASK -DESP8266_WORKAROUND -Wno-strict-aliasing \ No newline at end of file diff --git a/components/wpa_supplicant/src/fast_crypto/fast_aes-cbc.c b/components/wpa_supplicant/src/fast_crypto/fast_aes-cbc.c index 377eac7a..18af1a8a 100644 --- a/components/wpa_supplicant/src/fast_crypto/fast_aes-cbc.c +++ b/components/wpa_supplicant/src/fast_crypto/fast_aes-cbc.c @@ -2,6 +2,7 @@ // // Licensed under the Apache License, Version 2.0 (the "License"); +#include "sdkconfig.h" #include "crypto/includes.h" #include "crypto/common.h" @@ -77,5 +78,34 @@ fast_aes_128_cbc_decrypt(const uint8_t *key, const uint8_t *iv, uint8_t *data, s return ret; +} +#else +/** + * fast_aes_128_cbc_encrypt - AES-128 CBC encryption + * @key: Encryption key + * @iv: Encryption IV for CBC mode (16 bytes) + * @data: Data to encrypt in-place + * @data_len: Length of data in bytes (must be divisible by 16) + * Returns: 0 on success, -1 on failure + */ +int +fast_aes_128_cbc_encrypt(const uint8_t *key, const uint8_t *iv, uint8_t *data, size_t data_len) +{ + return 0; +} + +/** + * fast_aes_128_cbc_decrypt - AES-128 CBC decryption + * @key: Decryption key + * @iv: Decryption IV for CBC mode (16 bytes) + * @data: Data to decrypt in-place + * @data_len: Length of data in bytes (must be divisible by 16) + * Returns: 0 on success, -1 on failure + */ +int +fast_aes_128_cbc_decrypt(const uint8_t *key, const uint8_t *iv, uint8_t *data, size_t data_len) +{ + return 0; + } #endif \ No newline at end of file diff --git a/components/wpa_supplicant/src/fast_crypto/fast_aes-unwrap.c b/components/wpa_supplicant/src/fast_crypto/fast_aes-unwrap.c index 02f0ed88..bcc785db 100644 --- a/components/wpa_supplicant/src/fast_crypto/fast_aes-unwrap.c +++ b/components/wpa_supplicant/src/fast_crypto/fast_aes-unwrap.c @@ -11,13 +11,13 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. +#include "sdkconfig.h" #include "crypto/includes.h" #include "crypto/common.h" #if CONFIG_SSL_USING_MBEDTLS #include "mbedtls/aes.h" - /** * fast_aes_unwrap - Unwrap key with AES Key Wrap Algorithm (128-bit KEK) (RFC3394) * @kek: Key encryption key (KEK) @@ -84,4 +84,19 @@ fast_aes_unwrap(const uint8_t *kek, int n, const uint8_t *cipher, uint8_t *plain return ret; } +#else +/** + * fast_aes_unwrap - Unwrap key with AES Key Wrap Algorithm (128-bit KEK) (RFC3394) + * @kek: Key encryption key (KEK) + * @n: Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 + * bytes + * @cipher: Wrapped key to be unwrapped, (n + 1) * 64 bits + * @plain: Plaintext key, n * 64 bits + * Returns: 0 on success, -1 on failure (e.g., integrity verification failed) + */ +int +fast_aes_unwrap(const uint8_t *kek, int n, const uint8_t *cipher, uint8_t *plain) +{ + return 0; +} #endif \ No newline at end of file diff --git a/components/wpa_supplicant/src/fast_crypto/fast_aes-wrap.c b/components/wpa_supplicant/src/fast_crypto/fast_aes-wrap.c index 37e4c876..f69657ba 100644 --- a/components/wpa_supplicant/src/fast_crypto/fast_aes-wrap.c +++ b/components/wpa_supplicant/src/fast_crypto/fast_aes-wrap.c @@ -12,6 +12,8 @@ // See the License for the specific language governing permissions and // limitations under the License. +#include "sdkconfig.h" + #include "crypto/includes.h" #include "crypto/common.h" @@ -83,4 +85,18 @@ int fast_aes_wrap(const uint8_t *kek, int n, const uint8_t *plain, uint8_t *ciph return ret; } +#else +/** + * fast_aes_wrap - Wrap keys with AES Key Wrap Algorithm (128-bit KEK) (RFC3394) + * @kek: 16-octet Key encryption key (KEK) + * @n: Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 + * bytes + * @plain: Plaintext key to be wrapped, n * 64 bits + * @cipher: Wrapped key, (n + 1) * 64 bits + * Returns: 0 on success, -1 on failure + */ +int fast_aes_wrap(const uint8_t *kek, int n, const uint8_t *plain, uint8_t *cipher) +{ + return 0; +} #endif \ No newline at end of file diff --git a/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal-cipher.c b/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal-cipher.c index e8a0ee52..d71a617a 100644 --- a/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal-cipher.c +++ b/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal-cipher.c @@ -13,6 +13,7 @@ // limitations under the License. //#include "wpa/includes.h" +#include "sdkconfig.h" //#include "wpa/common.h" #include "crypto/common.h" diff --git a/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal-modexp.c b/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal-modexp.c index b8207a7d..383f1c8c 100644 --- a/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal-modexp.c +++ b/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal-modexp.c @@ -12,6 +12,8 @@ // See the License for the specific language governing permissions and // limitations under the License. +#include "sdkconfig.h" + #include "crypto/includes.h" #include "crypto/common.h" @@ -20,8 +22,7 @@ #if CONFIG_SSL_USING_MBEDTLS #include "mbedtls/bignum.h" -int -fast_crypto_mod_exp(const uint8_t *base, size_t base_len, +int fast_crypto_mod_exp(const uint8_t *base, size_t base_len, const uint8_t *power, size_t power_len, const uint8_t *modulus, size_t modulus_len, uint8_t *result, size_t *result_len) @@ -60,4 +61,12 @@ fast_crypto_mod_exp(const uint8_t *base, size_t base_len, return ret; } +#else +int fast_crypto_mod_exp(const uint8_t *base, size_t base_len, + const uint8_t *power, size_t power_len, + const uint8_t *modulus, size_t modulus_len, + uint8_t *result, size_t *result_len) +{ + return 0; +} #endif \ No newline at end of file diff --git a/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal.c b/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal.c index 5abc360c..dcb55459 100644 --- a/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal.c +++ b/components/wpa_supplicant/src/fast_crypto/fast_crypto_internal.c @@ -7,6 +7,7 @@ * This software may be distributed under the terms of the BSD license. * See README for more details. */ +#include "sdkconfig.h" #include "crypto/includes.h" #include "crypto/common.h" @@ -281,4 +282,6 @@ int fast_crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len) return 0; } +#else + #endif \ No newline at end of file diff --git a/components/wpa_supplicant/src/fast_crypto/fast_sha256-internal.c b/components/wpa_supplicant/src/fast_crypto/fast_sha256-internal.c index 2d97d670..0e809dc5 100644 --- a/components/wpa_supplicant/src/fast_crypto/fast_sha256-internal.c +++ b/components/wpa_supplicant/src/fast_crypto/fast_sha256-internal.c @@ -12,6 +12,8 @@ // See the License for the specific language governing permissions and // limitations under the License. +#include "sdkconfig.h" + #include "crypto/includes.h" #include "crypto/common.h" @@ -57,4 +59,20 @@ out: return ret; } +#else + +/** + * fast_sha256_vector - SHA256 hash for data vector + * @num_elem: Number of elements in the data vector + * @addr: Pointers to the data areas + * @len: Lengths of the data blocks + * @mac: Buffer for the hash + * Returns: 0 on success, -1 of failure + */ +int +fast_sha256_vector(size_t num_elem, const uint8_t *addr[], const size_t *len, + uint8_t *mac) +{ + return 0; +} #endif \ No newline at end of file diff --git a/components/wpa_supplicant/src/fast_crypto/fast_sha256.c b/components/wpa_supplicant/src/fast_crypto/fast_sha256.c index 245bea6f..1c77248c 100644 --- a/components/wpa_supplicant/src/fast_crypto/fast_sha256.c +++ b/components/wpa_supplicant/src/fast_crypto/fast_sha256.c @@ -13,6 +13,7 @@ * * See README and COPYING for more details. */ +#include "sdkconfig.h" #include "crypto/includes.h" @@ -164,4 +165,54 @@ fast_sha256_prf(const uint8_t *key, size_t key_len, const char *label, counter++; } } +#else +/** + * fast_hmac_sha256_vector - HMAC-SHA256 over data vector (RFC 2104) + * @key: Key for HMAC operations + * @key_len: Length of the key in bytes + * @num_elem: Number of elements in the data vector + * @addr: Pointers to the data areas + * @len: Lengths of the data blocks + * @mac: Buffer for the hash (32 bytes) + */ +void +fast_hmac_sha256_vector(const uint8_t *key, size_t key_len, size_t num_elem, + const uint8_t *addr[], const size_t *len, uint8_t *mac) +{ +} + + +/** + * fast_hmac_sha256 - HMAC-SHA256 over data buffer (RFC 2104) + * @key: Key for HMAC operations + * @key_len: Length of the key in bytes + * @data: Pointers to the data area + * @data_len: Length of the data area + * @mac: Buffer for the hash (20 bytes) + */ +void +fast_hmac_sha256(const uint8_t *key, size_t key_len, const uint8_t *data, + size_t data_len, uint8_t *mac) +{ +} + + +/** + * fast_sha256_prf - SHA256-based Pseudo-Random Function (IEEE 802.11r, 8.5.1.5.2) + * @key: Key for PRF + * @key_len: Length of the key in bytes + * @label: A unique label for each purpose of the PRF + * @data: Extra data to bind into the key + * @data_len: Length of the data + * @buf: Buffer for the generated pseudo-random key + * @buf_len: Number of bytes of key to generate + * + * This function is used to derive new, cryptographically separate keys from a + * given key. + */ +void +fast_sha256_prf(const uint8_t *key, size_t key_len, const char *label, + const uint8_t *data, size_t data_len, uint8_t *buf, size_t buf_len) +{ +} #endif \ No newline at end of file diff --git a/components/esp8266/source/fast_crypto_ops.c b/components/wpa_supplicant/src/fast_crypto_ops.c similarity index 74% rename from components/esp8266/source/fast_crypto_ops.c rename to components/wpa_supplicant/src/fast_crypto_ops.c index 62b84afe..4cbde3eb 100644 --- a/components/esp8266/source/fast_crypto_ops.c +++ b/components/wpa_supplicant/src/fast_crypto_ops.c @@ -12,6 +12,8 @@ // See the License for the specific language governing permissions and // limitations under the License. +#include "sdkconfig.h" + #include "crypto/common.h" #include "crypto/aes_wrap.h" #include "crypto/sha256.h" @@ -137,44 +139,4 @@ const wps_crypto_funcs_t g_wifi_default_wps_crypto_funcs = { .wps_is_selected_pbc_registrar = (esp_wps_is_selected_pbc_registrar_t)wps_is_selected_pbc_registrar, .eap_msg_alloc = (esp_eap_msg_alloc_t)eap_msg_alloc }; -#endif -/* - * What should notice is that the cyrpto hash type function and crypto cipher type function can not register - * as different, i.e, if you use fast_crypto_hash_init, you should use fast_crypto_hash_update and - * fast_crypto_hash_finish for finish hash calculate, rather than call crypto_hash_update and - * crypto_hash_finish, so do crypto_cipher. - */ -#if 0 -const wpa2_crypto_funcs_t g_wifi_default_wpa2_crypto_funcs = { - .size = sizeof(wpa2_crypto_funcs_t), - .version = ESP_WIFI_CRYPTO_VERSION, - .crypto_hash_init = (esp_crypto_hash_init_t)fast_crypto_hash_init, - .crypto_hash_update = (esp_crypto_hash_update_t)fast_crypto_hash_update, - .crypto_hash_finish = (esp_crypto_hash_finish_t)fast_crypto_hash_finish, - .crypto_cipher_init = (esp_crypto_cipher_init_t)fast_crypto_cipher_init, - .crypto_cipher_encrypt = (esp_crypto_cipher_encrypt_t)fast_crypto_cipher_encrypt, - .crypto_cipher_decrypt = (esp_crypto_cipher_decrypt_t)fast_crypto_cipher_decrypt, - .crypto_cipher_deinit = (esp_crypto_cipher_deinit_t)fast_crypto_cipher_deinit, - .crypto_mod_exp = (esp_crypto_mod_exp_t)crypto_mod_exp, - .sha256_vector = (esp_sha256_vector_t)fast_sha256_vector, - .tls_init = (esp_tls_init_t)tls_init, - .tls_deinit = (esp_tls_deinit_t)tls_deinit, - .eap_peer_blob_init = (esp_eap_peer_blob_init_t)eap_peer_blob_init, - .eap_peer_blob_deinit = (esp_eap_peer_blob_deinit_t)eap_peer_blob_deinit, - .eap_peer_config_init = (esp_eap_peer_config_init_t)eap_peer_config_init, - .eap_peer_config_deinit = (esp_eap_peer_config_deinit_t)eap_peer_config_deinit, - .eap_peer_register_methods = (esp_eap_peer_register_methods_t)eap_peer_register_methods, - .eap_peer_unregister_methods = (esp_eap_peer_unregister_methods_t)eap_peer_unregister_methods, - .eap_deinit_prev_method = (esp_eap_deinit_prev_method_t)eap_deinit_prev_method, - .eap_peer_get_eap_method = (esp_eap_peer_get_eap_method_t)eap_peer_get_eap_method, - .eap_sm_abort = (esp_eap_sm_abort_t)eap_sm_abort, - .eap_sm_build_nak = (esp_eap_sm_build_nak_t)eap_sm_build_nak, - .eap_sm_build_identity_resp = (esp_eap_sm_build_identity_resp_t)eap_sm_build_identity_resp, - .eap_msg_alloc = (esp_eap_msg_alloc_t)eap_msg_alloc -}; - -const mesh_crypto_funcs_t g_wifi_default_mesh_crypto_funcs = { - .aes_128_encrypt = (esp_aes_128_encrypt_t)fast_aes_128_cbc_encrypt, - .aes_128_decrypt = (esp_aes_128_decrypt_t)fast_aes_128_cbc_decrypt, -}; #endif \ No newline at end of file diff --git a/examples/wifi/wps/CMakeLists.txt b/examples/wifi/wps/CMakeLists.txt index 797c5317..64a6bfd6 100644 --- a/examples/wifi/wps/CMakeLists.txt +++ b/examples/wifi/wps/CMakeLists.txt @@ -1,6 +1,6 @@ -# The following four lines of boilerplate have to be in your project's CMakeLists +# The following lines of boilerplate have to be in your project's CMakeLists # in this exact order for cmake to work correctly cmake_minimum_required(VERSION 3.5) include($ENV{IDF_PATH}/tools/cmake/project.cmake) -project(wps) +project(wps_example) \ No newline at end of file diff --git a/examples/wifi/wps/main/CMakeLists.txt b/examples/wifi/wps/main/CMakeLists.txt index 995c1359..c0a1063f 100644 --- a/examples/wifi/wps/main/CMakeLists.txt +++ b/examples/wifi/wps/main/CMakeLists.txt @@ -1,3 +1,4 @@ set(COMPONENT_SRCS "wps.c") +set(COMPONENT_ADD_INCLUDEDIRS ".") register_component()