WIP

mkardous-silabs · Jul 30, 2024 · 4d02295 · 4d02295
1 parent 37fc757
commit 4d02295
Show file tree

Hide file tree

Showing 7 changed files with 46 additions and 24 deletions.
diff --git a/src/platform/silabs/CHIPPlatformConfig.h b/src/platform/silabs/CHIPPlatformConfig.h
@@ -45,7 +45,7 @@
 #if CHIP_HAVE_CONFIG_H
 #include <crypto/CryptoBuildConfig.h>
 #endif
-#if (CHIP_CRYPTO_PLATFORM == 1)
+#if (CHIP_CRYPTO_PLATFORM == 1) && (SL_MBEDTLS_USE_TINYCRYPT == 0)
 #include "psa/crypto.h"
 
 #if !defined(CHIP_CONFIG_SHA256_CONTEXT_SIZE)
@@ -56,7 +56,7 @@
 #define CHIP_CONFIG_SHA256_CONTEXT_ALIGN psa_hash_operation_t
 #endif
 
-#endif // CHIP_CRYPTO_PLATFORM
+#endif // CHIP_CRYPTO_PLATFORM && (SL_MBEDTLS_USE_TINYCRYPT == 0)
 
 // ==================== General Configuration Overrides ====================
 

diff --git a/src/platform/silabs/SiWx917/BUILD.gn b/src/platform/silabs/SiWx917/BUILD.gn
@@ -91,10 +91,7 @@ static_library("SiWx917") {
       sources += [ "${silabs_platform_dir}/efr32/CHIPCryptoPALPsaEfr32.cpp" ]
     }
 
-    public_deps += [
-      "${chip_root}/src/crypto",
-      "${mbedtls_root}:mbedtls",
-    ]
+    public_deps += [ "${chip_root}/src/crypto" ]
   }
 
   sources += [

diff --git a/src/platform/silabs/SiWx917/CHIPCryptoPALTinyCrypt.cpp b/src/platform/silabs/SiWx917/CHIPCryptoPALTinyCrypt.cpp
@@ -19,6 +19,7 @@
  *    @file
  *      mbedTLS based implementation of CHIP crypto primitives
  */
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
 
 #include <crypto/CHIPCryptoPAL.h>
 
@@ -85,6 +86,8 @@ namespace Crypto {
 #define CHIP_CRYPTO_PAL_PRIVATE_X509(x) x
 #endif
 
+namespace {
+
 typedef struct
 {
     bool mInitialized;
@@ -93,9 +96,15 @@ typedef struct
     mbedtls_entropy_context mEntropy;
 } EntropyContext;
 
-static EntropyContext gsEntropyContext;
+typedef struct
+{
+    uint8_t private_key[NUM_ECC_BYTES];
+    uint8_t public_key[2 * NUM_ECC_BYTES];
+} mbedtls_uecc_keypair;
+
+EntropyContext gsEntropyContext;
 
-static void _log_mbedTLS_error(int error_code)
+void _log_mbedTLS_error(int error_code)
 {
     if (error_code != 0 && error_code != UECC_SUCCESS)
     {
@@ -110,7 +119,7 @@ static void _log_mbedTLS_error(int error_code)
     }
 }
 
-static bool _isValidTagLength(size_t tag_length)
+bool _isValidTagLength(size_t tag_length)
 {
     if (tag_length == 8 || tag_length == 12 || tag_length == 16)
     {
@@ -119,6 +128,13 @@ static bool _isValidTagLength(size_t tag_length)
     return false;
 }
 
+inline mbedtls_uecc_keypair * mbedtls_pk_uecc(const mbedtls_pk_context pk)
+{
+    return ((mbedtls_uecc_keypair *) (pk).pk_ctx);
+}
+
+} // namespace
+
 CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length,
                            const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext,
                            uint8_t * tag, size_t tag_length)

diff --git a/src/platform/silabs/SiWx917/siwx917-chip-mbedtls-config.h b/src/platform/silabs/SiWx917/siwx917-chip-mbedtls-config.h
@@ -100,6 +100,10 @@
 typedef void mbedtls_ecp_restart_ctx;
 #endif
 
+#define MBEDTLS_CAN_ECDH
+#define MBEDTLS_PK_CAN_ECDSA_SIGN
+#define MBEDTLS_PK_HAVE_ECC_KEYS
+
 #endif // SL_MBEDTLS_USE_TINYCRYPT
 
 // SLC GENERATED

diff --git a/src/platform/silabs/efr32/BUILD.gn b/src/platform/silabs/efr32/BUILD.gn
@@ -111,10 +111,7 @@ static_library("efr32") {
       "Efr32PsaOperationalKeystore.h",
     ]
 
-    public_deps += [
-      "${chip_root}/src/crypto",
-      "${mbedtls_root}:mbedtls",
-    ]
+    public_deps += [ "${chip_root}/src/crypto" ]
   }
 
   if (chip_enable_openthread) {

diff --git a/third_party/silabs/SiWx917_sdk.gni b/third_party/silabs/SiWx917_sdk.gni
@@ -548,7 +548,7 @@ template("siwx917_sdk") {
     }
 
     if (sl_si91x_crypto_flavor == "tinycrypt") {
-      _mbedtls_root = "${mbedtls_root}/repo"
+      _mbedtls_root = "${efr32_sdk_root}/util/third_party/mbedtls"
 
       config("siwx917_tinycrypt_config") {
         defines = [
@@ -557,14 +557,20 @@ template("siwx917_sdk") {
         ]
 
         include_dirs = [
-          "${sdk_support_root}/matter/mbedtls/tinycrypt/inc",
+          "${sdk_support_root}/matter/si91x/siwx917/BRD4338A/autogen/config",
+          "${sdk_support_root}/matter/si91x/siwx917/BRD4338A/autogen/autogen",
+
+          # "${sdk_support_root}/matter/mbedtls/tinycrypt/inc",
           "${_mbedtls_root}/include",
           "${_mbedtls_root}/library",
 
           # GECKO SDK configuration included to be used in autogenerated files
+
           "${efr32_sdk_root}/platform/security/sl_component/sl_mbedtls_support/config",
           "${efr32_sdk_root}/platform/security/sl_component/sl_mbedtls_support/config/preset",
           "${efr32_sdk_root}/platform/security/sl_component/sl_mbedtls_support/inc",
+
+          "${sdk_support_root}/matter/mbedtls/tinycrypt/inc/",
         ]
       }
 
@@ -581,6 +587,7 @@ template("siwx917_sdk") {
           "${_mbedtls_root}/library/asn1write.c",
           "${_mbedtls_root}/library/base64.c",
           "${_mbedtls_root}/library/bignum.c",
+          "${_mbedtls_root}/library/bignum_core.c",
           "${_mbedtls_root}/library/ccm.c",
           "${_mbedtls_root}/library/cipher.c",
           "${_mbedtls_root}/library/cipher_wrap.c",
@@ -594,27 +601,28 @@ template("siwx917_sdk") {
           "${_mbedtls_root}/library/hkdf.c",
           "${_mbedtls_root}/library/hmac_drbg.c",
           "${_mbedtls_root}/library/md.c",
+          "${_mbedtls_root}/library/oid.c",
           "${_mbedtls_root}/library/pem.c",
+          "${_mbedtls_root}/library/pk.c",
+          "${_mbedtls_root}/library/pk_wrap.c",
           "${_mbedtls_root}/library/pkcs5.c",
+          "${_mbedtls_root}/library/pkparse.c",
+          "${_mbedtls_root}/library/pkwrite.c",
           "${_mbedtls_root}/library/platform.c",
+          "${_mbedtls_root}/library/platform_util.c",
           "${_mbedtls_root}/library/sha256.c",
           "${_mbedtls_root}/library/sha512.c",
           "${_mbedtls_root}/library/version.c",
           "${_mbedtls_root}/library/x509_create.c",
+          "${_mbedtls_root}/library/x509_crt.c",
+          "${_mbedtls_root}/library/x509write_csr.c",
 
           # tinycrypt
+          "${sdk_support_root}//matter/mbedtls/tinycrypt/src/tinycript_util.c",
           "${sdk_support_root}/matter/mbedtls/tinycrypt/src/ecc.c",
           "${sdk_support_root}/matter/mbedtls/tinycrypt/src/ecc_dh.c",
           "${sdk_support_root}/matter/mbedtls/tinycrypt/src/ecc_dsa.c",
           "${sdk_support_root}/matter/mbedtls/tinycrypt/src/error.c",
-          "${sdk_support_root}/matter/mbedtls/tinycrypt/src/oid.c",
-          "${sdk_support_root}/matter/mbedtls/tinycrypt/src/pk.c",
-          "${sdk_support_root}/matter/mbedtls/tinycrypt/src/pk_wrap.c",
-          "${sdk_support_root}/matter/mbedtls/tinycrypt/src/pkparse.c",
-          "${sdk_support_root}/matter/mbedtls/tinycrypt/src/pkwrite.c",
-          "${sdk_support_root}/matter/mbedtls/tinycrypt/src/platform_util.c",
-          "${sdk_support_root}/matter/mbedtls/tinycrypt/src/x509_crt.c",
-          "${sdk_support_root}/matter/mbedtls/tinycrypt/src/x509write_csr.c",
         ]
 
         public_deps = [ "${chip_root}/src/crypto:crypto_buildconfig" ]

diff --git a/third_party/silabs/matter_support b/third_party/silabs/matter_support