Address PR comments

Author: twcook86

wolfcrypt/src/port/nxp/README.md

@@ -1,6 +1,46 @@
 # wolfSSL NXP Hardware Acceleration Ports
 
-wolfSSL supports hardware acceleration on NXP DCP, LTC (KSDK), and SE050.
+wolfSSL supports hardware acceleration on NXP DCP, LTC (KSDK), LPC55S69, and SE050.
+
+## NXP LPC55S69
+
+The LPC55S69 is a general purpose edge computing device, with dual ARM
+Cortex-M33 cores running up to 150 MHz, 640/320 KB internal flash/ram,
+TrustZone-M, a DSP accelerator, and extensive cryptographic acceleration.
+
+wolfSSL supports the following hardware acceleration on the LPC55S69:
+- TRNG
+- HashCrypt (Hash/AES Crypto Engine)
+  - AES (128, 192, 256) encrypt/decrypt
+    - AES-CBC, AES-ECB, AES-CTR, AES-OFB, AES-CFB
+  - SHA-1, SHA-256
+- CASPER (Asymmetric Crypto Accelerator)
+  - RSA verify/encrypt/decrypt (up to 4096-bit, public key only)
+
+### LPC55S69 Hardware Acceleration Caveats
+
+The following caveats should be noted about the LPC55S69 hardware acceleration:
+- AES-CTR mode fails when the counter wraps from all FF's to 0.  User should
+ensure this never happens, by properly managing the iv/counter in use.
+- AES-CFB and AES-OFB only support full 16-byte blocks and multiples thereof.
+Encrypt/Decrypt requests of other sizes will fail.
+- RSA acceleration is only supported for public keys.  Private key operations
+will use a fully software implementation.
+- When the HashCrypt engine is in use for SHA-1 or SHA-256, it must not be
+interrupted with another hash request or an AES request.  The hash must be
+completed before another operation is requested.
+
+### wolfSSL LPC55S69 Hardware Acceleration Enable/Disable
+
+To enable LPC55S69 hardware acceleration, define the following symbol:
+
+**`WOLFSSL_NXP_LPC55S69_WITH_HWACCEL`**
+
+To disable LPC55S69 hardware acceleration, define the following symbol:
+
+**`WOLFSSL_NXP_LPC55S69_NO_HWACCEL`**
+
+NOTE: In either case, the TRNG is always enabled for use.
 
 ## NXP SE050
 
@@ -10,3 +50,4 @@ see [README_SE050.md](./README_SE050.md).
 ## Support
 
 For questions please email support@wolfssl.com
+

wolfcrypt/src/port/nxp/casper_port.c

@@ -82,7 +82,7 @@ int casper_rsa_public_exptmod(
 
     return 0;
 }
-#endif
+#endif /* !NO_RSA && WOLFSSL_NXP_CASPER_RSA_PUB_EXPTMOD */
 
 
 /* 32 for 256 bits, 48 for 384 bits and 72 for 521 bits... */
@@ -157,7 +157,7 @@ int casper_ecc_mulmod(
 
     return 0;
 }
-#endif
+#endif /* HAVE_ECC && WOLFSSL_NXP_CASPER_ECC_MULMOD */
 
 #if defined(HAVE_ECC) && defined(WOLFSSL_NXP_CASPER_ECC_MUL2ADD)
 /* calculates R = m*P[X, Y] + n*Q[X, Y] */
@@ -248,6 +248,6 @@ int casper_ecc_mul2add(
 
     return 0;
 }
-#endif
+#endif /* HAVE_ECC && WOLFSSL_NXP_CASPER_ECC_MUL2ADD */
 
 #endif /* WOLFSSL_NXP_CASPER */

wolfcrypt/test/test.c

@@ -12119,7 +12119,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
         if (XMEMCMP(cipher + WC_AES_BLOCK_SIZE, cipher1 + WC_AES_BLOCK_SIZE,
                     WC_AES_BLOCK_SIZE))
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    #endif
+    #endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
 
     #ifdef HAVE_AES_DECRYPT
         ret = wc_AesOfbDecrypt(dec, plain, cipher1, WC_AES_BLOCK_SIZE);
@@ -12138,7 +12138,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
         if (XMEMCMP(plain + WC_AES_BLOCK_SIZE, plain1 + WC_AES_BLOCK_SIZE,
                     WC_AES_BLOCK_SIZE))
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    #endif
+    #endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
     #endif /* HAVE_AES_DECRYPT */
 
         /* multiple blocks at once */
@@ -12223,7 +12223,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
     #ifndef WOLFSSL_NXP_HASHCRYPT_AES
         if (XMEMCMP(cipher + 3, cipher1 + 3, WC_AES_BLOCK_SIZE))
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    #endif
+    #endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
 
     #ifdef HAVE_AES_DECRYPT
         ret = wc_AesOfbDecrypt(dec, plain, cipher1, 6);
@@ -12240,7 +12240,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
     #ifndef WOLFSSL_NXP_HASHCRYPT_AES
         if (XMEMCMP(plain + 6, plain1 + 6, WC_AES_BLOCK_SIZE))
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    #endif
+    #endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
     #endif /* HAVE_AES_DECRYPT */
 #endif /* WOLFSSL_AES_256 */
 
@@ -12460,7 +12460,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
         if (XMEMCMP(plain, msg1, WC_AES_BLOCK_SIZE * 3))
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     #endif /* HAVE_AES_DECRYPT */
-    #endif
+    #endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
 #endif /* WOLFSSL_AES_128 */
 
 #ifdef WOLFSSL_AES_192
@@ -12574,7 +12574,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
         if (XMEMCMP(plain, msg3, WC_AES_BLOCK_SIZE * 4))
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     #endif /* HAVE_AES_DECRYPT */
-    #endif
+    #endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
 #endif /* WOLFSSL_AES_256 */
 
   out:
@@ -16038,7 +16038,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
         { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128,
           ctrPlain, (int)sizeof(ctr128Wrap128CipherLong),
           ctr128Wrap128CipherLong },
-    #endif
+    #endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
     #if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_RISCV_ASM)
         { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128_2,
           ctrPlain, (int)sizeof(ctr128Wrap128_2CipherLong),
@@ -16082,7 +16082,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
         { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap128,
           ctrPlain, (int)sizeof(ctr192Wrap128CipherLong),
           ctr192Wrap128CipherLong },
-    #endif
+    #endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
     #if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_RISCV_ASM)
         { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap128_2,
           ctrPlain, (int)sizeof(ctr192Wrap128_2CipherLong),
@@ -16126,7 +16126,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
         { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128,
           ctrPlain, (int)sizeof(ctr256Wrap128CipherLong),
           ctr256Wrap128CipherLong },
-    #endif
+    #endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
     #if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_RISCV_ASM)
         { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128_2,
           ctrPlain, (int)sizeof(ctr256Wrap128_2CipherLong),

wolfssl/wolfcrypt/port/nxp/casper_port.h

@@ -26,13 +26,12 @@
 int wc_casper_init(void);
 
 #if !defined(NO_RSA) && defined(WOLFSSL_NXP_CASPER_RSA_PUB_EXPTMOD)
-
 #include <wolfssl/wolfcrypt/rsa.h>
 
 int casper_rsa_public_exptmod(
     const byte* in, word32 inLen, byte* out, word32* outLen, RsaKey* key
 );
-#endif
+#endif /* !NO_RSA && WOLFSSL_NXP_CASPER_RSA_PUB_EXPTMOD */
 
 
 #if defined(HAVE_ECC)
@@ -42,14 +41,14 @@ int casper_rsa_public_exptmod(
 int casper_ecc_mulmod(
     const mp_int *m, ecc_point *P, ecc_point *R, int curve_id
 );
-#endif
+#endif /* WOLFSSL_NXP_CASPER_ECC_MULMOD */
 
 #ifdef WOLFSSL_NXP_CASPER_ECC_MUL2ADD
 int casper_ecc_mul2add(
     const mp_int *m, ecc_point *P, const mp_int *n, ecc_point *Q,
     ecc_point *R, int curve_id
 );
-#endif
-#endif
+#endif /* WOLFSSL_NXP_CASPER_ECC_MUL2ADD */
+#endif /* HAVE_ECC */
 
-#endif
+#endif /* _CASPER_PORT_H_ */

wolfssl/wolfcrypt/port/nxp/hashcrypt_port.h

@@ -25,4 +25,4 @@
 
 int wc_hashcrypt_init(void);
 
-#endif
+#endif /* _HASHCRYPT_PORT_H_ */