|
| 1 | +# wolfCrypt on RealTek AmebaPro2 (RTL8735B) -- Hardware Unique Key (HUK) |
| 2 | + |
| 3 | +This example demonstrates wolfCrypt AES-GCM, AES-ECB, AES-CBC and AES-CTR bound to the RealTek RTL8735B silicon **Hardware Unique Key (HUK)** through the wolfCrypt crypto-callback (CryptoCb) framework. A 256-bit "seed" is run through the AmebaPro2 HAL secure HKDF key-ladder against the HUK to derive a per-purpose working key inside a secure key-storage slot; that working key never enters software. The application just sets the seed as the AES key and uses the normal wolfCrypt AES APIs -- the RealTek HUK crypto-callback device does the rest. |
| 4 | + |
| 5 | +It is built inside the RealTek AmebaPro2 FreeRTOS SDK (which provides the startup, HAL, and the `elf2bin`/`uartfwburn` image+flash tooling). |
| 6 | + |
| 7 | +## What it shows |
| 8 | + |
| 9 | +- Registering the HUK crypto-callback device: `wc_AmebaPro2_HukRegister(WC_HUK_DEVID)`. |
| 10 | +- AES-GCM (full payload), AES-ECB, AES-CBC and AES-CTR run under the HUK-derived key (init an `Aes` with `devId = WC_HUK_DEVID`, then use the usual `wc_AesGcmSetKey`/`wc_AesGcmEncrypt`, `wc_AesSetKey`/`wc_AesEcb*`/`wc_AesCbc*`, `wc_AesSetKeyDirect`/`wc_AesCtrEncrypt`). |
| 11 | +- The key is device-bound and deterministic: the same seed yields the same key (so GMAC verifies and AES round-trips), and a different seed yields a different key (GCM decrypt returns `AES_GCM_AUTH_E`). |
| 12 | +- The port tolerates unaligned caller buffers (it bounces them to satisfy the HAL's 32-byte alignment); the example includes an explicitly-unaligned GCM check. |
| 13 | + |
| 14 | +## Prerequisites |
| 15 | + |
| 16 | +- RealTek AmebaPro2 FreeRTOS SDK: https://github.com/Ameba-AIoT/ameba-rtos-pro2 |
| 17 | +- RealTek ASDK 10.3.0 toolchain (GCC 10.3.0): https://github.com/Ameba-AIoT/ameba-toolchain (tag `V10.3.0-ameba-rtos-pro2`). The stock system `arm-none-eabi-gcc` does not build the SDK (newlib/lwip header clashes); use the ASDK toolchain. |
| 18 | +- wolfSSL with the RealTek HUK port (`wolfcrypt/src/port/realtek/amebapro2.c` and `wolfssl/wolfcrypt/port/realtek/amebapro2.h`). Enable with `WOLFSSL_REALTEK_HUK` (which implies `WOLFSSL_DHUK`) and `WOLF_CRYPTO_CB`. |
| 19 | + |
| 20 | +## Files |
| 21 | + |
| 22 | +- `main.c` -- the example application (a FreeRTOS task that registers the HUK device and runs the AES-GCM/ECB/CBC/CTR checks plus unaligned-buffer GCM, in-place/multi-call CBC, and non-12-byte-IV rejection checks). |
| 23 | +- `user_settings.h` -- a lean wolfCrypt configuration for this example. |
| 24 | +- `wolfcrypt_huk.cmake` -- wiring that adds wolfCrypt + the RealTek HUK port to the SDK app build. |
| 25 | + |
| 26 | +## Build |
| 27 | + |
| 28 | +1. Copy this directory into the SDK as an example component: |
| 29 | + `cp -r AmebaPro2 <SDK>/component/example/wolfcrypt_huk` |
| 30 | +2. Install the example `main()` as the project app: |
| 31 | + `cp <SDK>/component/example/wolfcrypt_huk/main.c <SDK>/project/realtek_amebapro2_v0_example/src/main.c` |
| 32 | +3. Configure and build with the ASDK toolchain on PATH, pointing `WOLFSSL_ROOT` at your wolfSSL tree: |
| 33 | + ``` |
| 34 | + export PATH=<asdk>/asdk-10.3.0/linux/newlib/bin:$PATH |
| 35 | + cd <SDK>/project/realtek_amebapro2_v0_example/GCC-RELEASE |
| 36 | + mkdir -p build && cd build |
| 37 | + cmake .. -G"Unix Makefiles" -DCMAKE_TOOLCHAIN_FILE=../toolchain.cmake \ |
| 38 | + -DBUILD_FPGA=OFF -DBUILD_PXP=OFF \ |
| 39 | + -DEXAMPLE=wolfcrypt_huk -DWOLFSSL_ROOT=<path-to-wolfssl> |
| 40 | + make flash -j8 |
| 41 | + ``` |
| 42 | + The output image is `build/flash_ntz.bin`. |
| 43 | + |
| 44 | +## Flash and run |
| 45 | + |
| 46 | +Put the board in download mode (J27 jumper + reset), then flash over UART with the SDK `uartfwburn` tool (from the SDK `tools/Pro2_PG_tool*` directory, which also holds `boot_recover.bin`, `flash_loader_nor.bin`, `flash_control_info.bin`): |
| 47 | +``` |
| 48 | +./uartfwburn.linux -p <COM_PORT> -f <build>/flash_ntz.bin -b 3000000 -U |
| 49 | +``` |
| 50 | +Remove the J27 jumper and reset to boot. The console (UART, 115200) prints: |
| 51 | +``` |
| 52 | +=== wolfCrypt AmebaPro2 (RTL8735B) HUK example === |
| 53 | +[PASS] wolfCrypt_Init |
| 54 | +[PASS] wc_AmebaPro2_HukRegister |
| 55 | +== AES-GCM (full payload) under HUK-derived key == |
| 56 | +[PASS] AesInit(devId=WC_HUK_DEVID) |
| 57 | +[PASS] AesGcmSetKey(seed,32) |
| 58 | +[PASS] AesGcmEncrypt |
| 59 | +[PASS] deterministic tag |
| 60 | +[PASS] AesGcmDecrypt verifies |
| 61 | +[PASS] plaintext round-trips |
| 62 | +[PASS] wrong seed -> AES_GCM_AUTH_E |
| 63 | +== AES-ECB under HUK-derived key == ... round-trip PASS |
| 64 | +== AES-CBC under HUK-derived key == ... round-trip PASS |
| 65 | +== AES-CTR under HUK-derived key == ... round-trip PASS |
| 66 | +== AES-GCM with UNALIGNED buffers (port bounces) == ... round-trip PASS |
| 67 | +== AES-CBC in-place + multi-call under HUK-derived key == ... round-trip PASS |
| 68 | +== AES-GCM non-12-byte IV must hard-fail == ... 16-byte IV rejected PASS |
| 69 | +=== done === |
| 70 | +``` |
| 71 | + |
| 72 | +## Notes |
| 73 | + |
| 74 | +- The AmebaPro2 HAL crypto engine DMAs its key/IV/AAD/tag buffers on 32-byte boundaries; the port stages and bounces buffers as needed, so callers need not align (the example aligns its buffers anyway, and adds an explicitly-unaligned GCM case to exercise the bounce path). |
| 75 | +- The seed is HKDF input, not the AES key itself -- it diversifies the HUK into a working key. Keep the seed stable for a given purpose to get a stable derived key. |
| 76 | +- HUK-bound ECDSA signing is a planned follow-on; this example covers the AES surface. |
| 77 | +- Port internals (the HKDF key-ladder, slot configuration macros such as `WC_HUK_DEVID`, `WC_AMEBAPRO2_*`) are documented in `wolfssl/wolfcrypt/port/realtek/amebapro2.h` and `wolfcrypt/src/port/realtek/README.md` in the wolfSSL tree. |
0 commit comments