From cc0c960a73fd09422194002cf2c71bf8b6463252 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Thu, 9 Jul 2026 14:40:09 +0900 Subject: [PATCH] fix fenrir issues for Renesas SCE --- .../src/port/Renesas/renesas_fspsm_aes.c | 2 +- .../src/port/Renesas/renesas_fspsm_util.c | 43 ++++++++++++------- 2 files changed, 29 insertions(+), 16 deletions(-) diff --git a/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c b/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c index d818ee00870..0dff415cbe6 100644 --- a/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c +++ b/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c @@ -586,7 +586,7 @@ int wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out, } if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) { - WOLFSSL_MSG("GcmEncrypt authTagSz too small error"); + WOLFSSL_MSG("GcmDecrypt authTagSz too small error"); return BAD_FUNC_ARG; } diff --git a/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c b/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c index 72e99b9d435..dbcec915b63 100644 --- a/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c +++ b/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c @@ -759,6 +759,7 @@ int wc_fspsm_generateSessionKey(WOLFSSL *ssl, key_server_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY), ssl->heap, DYNAMIC_TYPE_AES); if (key_client_aes == NULL || key_server_aes == NULL) { + wc_fspsm_hw_unlock(); return MEMORY_E; } @@ -790,15 +791,19 @@ int wc_fspsm_generateSessionKey(WOLFSSL *ssl, if (enc->aes == NULL) { enc->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap, DYNAMIC_TYPE_CIPHER); - if (enc->aes == NULL) + if (enc->aes == NULL) { + wc_fspsm_hw_unlock(); return MEMORY_E; + } } XMEMSET(enc->aes, 0, sizeof(Aes)); enc->aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)XMALLOC (sizeof(FSPSM_AES_WKEY), ssl->heap, DYNAMIC_TYPE_AES); - if (enc->aes->ctx.wrapped_key == NULL) + if (enc->aes->ctx.wrapped_key == NULL) { + wc_fspsm_hw_unlock(); return MEMORY_E; + } } if (dec) { if (dec->aes == NULL) { @@ -808,6 +813,7 @@ int wc_fspsm_generateSessionKey(WOLFSSL *ssl, if (enc) { XFREE(enc->aes, NULL, DYNAMIC_TYPE_CIPHER); } + wc_fspsm_hw_unlock(); return MEMORY_E; } XMEMSET(dec->aes, 0, sizeof(Aes)); @@ -815,22 +821,29 @@ int wc_fspsm_generateSessionKey(WOLFSSL *ssl, dec->aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)XMALLOC (sizeof(FSPSM_AES_WKEY), ssl->heap, DYNAMIC_TYPE_AES); - if (dec->aes->ctx.wrapped_key == NULL) + if (dec->aes->ctx.wrapped_key == NULL) { + wc_fspsm_hw_unlock(); return MEMORY_E; } + } } - /* copy key index into aes */ - if (ssl->options.side == PROVISION_CLIENT) { - XMEMCPY(enc->aes->ctx.wrapped_key, key_client_aes, - sizeof(FSPSM_AES_WKEY)); - XMEMCPY(dec->aes->ctx.wrapped_key, key_server_aes, - sizeof(FSPSM_AES_WKEY)); - } - else { - XMEMCPY(enc->aes->ctx.wrapped_key, key_server_aes, - sizeof(FSPSM_AES_WKEY)); - XMEMCPY(dec->aes->ctx.wrapped_key, key_client_aes, - sizeof(FSPSM_AES_WKEY)); + /* copy key index into aes. Skipped when AES-GCM session-key + * generation was deferred above -- key_client_aes/key_server_aes + * are NULL in that case, and the real per-record key is + * generated later inside wc_fspsm_AesGcmEncrypt/Decrypt. */ + if (key_client_aes != NULL && key_server_aes != NULL) { + if (ssl->options.side == PROVISION_CLIENT) { + XMEMCPY(enc->aes->ctx.wrapped_key, key_client_aes, + sizeof(FSPSM_AES_WKEY)); + XMEMCPY(dec->aes->ctx.wrapped_key, key_server_aes, + sizeof(FSPSM_AES_WKEY)); + } + else { + XMEMCPY(enc->aes->ctx.wrapped_key, key_server_aes, + sizeof(FSPSM_AES_WKEY)); + XMEMCPY(dec->aes->ctx.wrapped_key, key_client_aes, + sizeof(FSPSM_AES_WKEY)); + } } /* copy mac key index into keys */ ssl->keys.fspsm_client_write_MAC_secret = key_client_mac;