From 20044576c46ca15a0ffff8a65acb6c4828418d36 Mon Sep 17 00:00:00 2001 From: ShubhamMalasane <108782058+ShubhamMalasane@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:08:25 +0530 Subject: [PATCH] [Silabs] Added tinycrypt changes (#24024) * Added tinycrypt changes * Added tinycrypt files in matter support --- src/platform/silabs/PlatformManagerImpl.h | 12 +++++++++ .../silabs/SiWx917/PlatformManagerImpl.cpp | 27 +++++++++++++++++++ src/platform/silabs/SiWx917/wifi_args.gni | 2 ++ third_party/silabs/SiWx917_sdk.gni | 22 ++++++++++----- third_party/silabs/matter_support | 2 +- 5 files changed, 57 insertions(+), 8 deletions(-) diff --git a/src/platform/silabs/PlatformManagerImpl.h b/src/platform/silabs/PlatformManagerImpl.h index 511070c55b002f..7d6eef7cd90ed3 100644 --- a/src/platform/silabs/PlatformManagerImpl.h +++ b/src/platform/silabs/PlatformManagerImpl.h @@ -41,6 +41,18 @@ class PlatformManagerImpl final : public PlatformManager, public Internal::Gener // the implementation methods provided by this class. friend PlatformManager; +#if defined(TINYCRYPT_PRIMITIVES) + // Since the RNG callback will be called from multiple threads, + // use this mutex to lock/unlock the call to Matter RNG API, which + // uses some global variables. + static sys_mutex_t rngMutexHandle; + + // Callback used by tinycrypt to generate random numbers. + // It must be set before calling any sign operations, + // which are used in both Matter and OT threads. + static int uECC_RNG_Function(uint8_t * dest, unsigned int size); +#endif + // Allow the generic implementation base class to call helper methods on // this class. #ifndef DOXYGEN_SHOULD_SKIP_THIS diff --git a/src/platform/silabs/SiWx917/PlatformManagerImpl.cpp b/src/platform/silabs/SiWx917/PlatformManagerImpl.cpp index 8032c840210804..d14947d65af3f3 100644 --- a/src/platform/silabs/SiWx917/PlatformManagerImpl.cpp +++ b/src/platform/silabs/SiWx917/PlatformManagerImpl.cpp @@ -30,6 +30,9 @@ #include #include #include +#if defined(TINYCRYPT_PRIMITIVES) +#include "tinycrypt/ecc.h" +#endif #if CHIP_SYSTEM_CONFIG_USE_LWIP #include @@ -42,6 +45,22 @@ namespace chip { namespace DeviceLayer { PlatformManagerImpl PlatformManagerImpl::sInstance; +#if defined(TINYCRYPT_PRIMITIVES) +sys_mutex_t PlatformManagerImpl::rngMutexHandle = NULL; +#endif + +#if defined(TINYCRYPT_PRIMITIVES) +int PlatformManagerImpl::uECC_RNG_Function(uint8_t * dest, unsigned int size) +{ + int res; + + sys_mutex_lock(&rngMutexHandle); + res = (chip::Crypto::DRBG_get_bytes(dest, size) == CHIP_NO_ERROR) ? size : 0; + sys_mutex_unlock(&rngMutexHandle); + + return res; +} +#endif static void app_get_random(uint8_t * aOutput, size_t aLen) { @@ -79,6 +98,14 @@ CHIP_ERROR PlatformManagerImpl::_InitChipStack(void) // 16 : Threshold value ReturnErrorOnFailure(chip::Crypto::add_entropy_source(app_entropy_source, NULL, 16)); +#if defined(TINYCRYPT_PRIMITIVES) + /* Set RNG function for tinycrypt operations. */ + err_t ret; + ret = sys_mutex_new(&rngMutexHandle); + VerifyOrExit((ERR_OK == ret), err = CHIP_ERROR_NO_MEMORY); + uECC_set_rng(PlatformManagerImpl::uECC_RNG_Function); +#endif + // Call _InitChipStack() on the generic implementation base class // to finish the initialization process. err = Internal::GenericPlatformManagerImpl_FreeRTOS::_InitChipStack(); diff --git a/src/platform/silabs/SiWx917/wifi_args.gni b/src/platform/silabs/SiWx917/wifi_args.gni index a913be42065da9..e892aa13338bc1 100644 --- a/src/platform/silabs/SiWx917/wifi_args.gni +++ b/src/platform/silabs/SiWx917/wifi_args.gni @@ -25,6 +25,8 @@ arm_platform_config = "${efr32_sdk_build_root}/efr32_arm.gni" mbedtls_target = "${efr32_sdk_build_root}:efr32_sdk" +chip_crypto = "tinycrypt" + # Transitional CommissionableDataProvider not used anymore # examples/platform/efr32/EFR32DeviceDataProvider is now used. chip_use_transitional_commissionable_data_provider = false diff --git a/third_party/silabs/SiWx917_sdk.gni b/third_party/silabs/SiWx917_sdk.gni index a60d443f7ed2c0..b50ceedf817803 100644 --- a/third_party/silabs/SiWx917_sdk.gni +++ b/third_party/silabs/SiWx917_sdk.gni @@ -82,7 +82,7 @@ template("efr32_sdk") { # Treat these includes as system includes, so warnings in them are not fatal. _include_dirs = [ "${sdk_support_root}/platform/emdrv/nvm3/inc", - + "${sdk_support_root}/matter/mbedtls/tinycrypt/inc", "${chip_root}/third_party/mbedtls/repo/include", ### CCP includes ### @@ -138,6 +138,8 @@ template("efr32_sdk") { "RSI_BLE_ENABLE=1", "BRD4325A", "CHIP_9117", + "TINYCRYPT_PRIMITIVES", + "OPTIMIZE_TINYCRYPT_ASM", "RS91X_BLE_ENABLE=1", ] @@ -311,17 +313,23 @@ template("efr32_sdk") { "${chip_root}/third_party/mbedtls/repo/library/hkdf.c", "${chip_root}/third_party/mbedtls/repo/library/hmac_drbg.c", "${chip_root}/third_party/mbedtls/repo/library/md.c", - "${chip_root}/third_party/mbedtls/repo/library/oid.c", - "${chip_root}/third_party/mbedtls/repo/library/pk.c", - "${chip_root}/third_party/mbedtls/repo/library/pk_wrap.c", "${chip_root}/third_party/mbedtls/repo/library/pkcs5.c", - "${chip_root}/third_party/mbedtls/repo/library/pkwrite.c", "${chip_root}/third_party/mbedtls/repo/library/platform.c", - "${chip_root}/third_party/mbedtls/repo/library/platform_util.c", "${chip_root}/third_party/mbedtls/repo/library/sha256.c", "${chip_root}/third_party/mbedtls/repo/library/sha512.c", "${chip_root}/third_party/mbedtls/repo/library/x509_create.c", - "${chip_root}/third_party/mbedtls/repo/library/x509write_csr.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/ecc.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/ecc_dh.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/ecc_dsa.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/error.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/oid.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/pk.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/pk_wrap.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/pkparse.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/pkwrite.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/platform_util.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/x509_crt.c", + "${sdk_support_root}/matter/mbedtls/tinycrypt/src/x509write_csr.c", ] public_deps = [ diff --git a/third_party/silabs/matter_support b/third_party/silabs/matter_support index 3b70797dae4a24..da8827efde529d 160000 --- a/third_party/silabs/matter_support +++ b/third_party/silabs/matter_support @@ -1 +1 @@ -Subproject commit 3b70797dae4a24302f8320a38dc704bde3addf16 +Subproject commit da8827efde529d79e6d7f29277721ba460efbca7