Add RealTek AmebaPro2 (RTL8735B) HUK crypto-callback port#10677
Draft
dgarske wants to merge 1 commit into
Draft
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces a new wolfCrypt crypto-callback device port for the RealTek AmebaPro2 (RTL8735B) Hardware Unique Key (HUK), enabling hardware-bound AES operations by deriving per-purpose working keys inside the SoC. It also extends shared DHUK (Device Hardware Unique Key) plumbing and improves STM32 bare-metal integration and robustness in related crypto paths.
Changes:
- Add RealTek AmebaPro2 (RTL8735B) HUK CryptoCb device (AES-GCM/ECB/CBC/CTR) plus host compile-test shim and documentation.
- Extend shared DHUK/CCB plumbing (ECC wrapped-private import API, key struct fields, scrubbing) and tighten STM32 family/build-path configuration.
- Improve STM32 bare-metal support (headers/clock macros) and harden STM32 RNG polling/recovery to avoid infinite loops.
Reviewed changes
Copilot reviewed 17 out of 18 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| zephyr/CMakeLists.txt | Adds the AmebaPro2 port source to Zephyr module build. |
| wolfssl/wolfcrypt/settings.h | Adds STM32 family/build-path gating and implies WOLFSSL_DHUK for RealTek HUK builds. |
| wolfssl/wolfcrypt/port/st/stm32.h | Expands STM32 bare-metal support macros, DHUK/CCB gating, and related prototypes. |
| wolfssl/wolfcrypt/port/realtek/amebapro2.h | Public header for registering/unregistering the AmebaPro2 HUK CryptoCb device and config macros. |
| wolfssl/wolfcrypt/include.am | Registers the new RealTek port header for distribution. |
| wolfssl/wolfcrypt/ecc.h | Adds DHUK-related fields to ecc_key and declares wrapped-private import APIs. |
| wolfssl/wolfcrypt/aes.h | Removes legacy STM32U5 DHUK fields and makes devId/devCtx purely CryptoCb-based. |
| wolfcrypt/src/random.c | Adds bounded polling + recovery for STM32 RNG and pulls in STM32 bare clock-enable macros. |
| wolfcrypt/src/port/st/README.md | Updates STM32 port documentation (families, BARE/CubeMX, DHUK, CCB). |
| wolfcrypt/src/port/realtek/README.md | Documents AmebaPro2 HUK port, build options, API usage, and limitations. |
| wolfcrypt/src/port/realtek/amebapro2.c | Implements the AmebaPro2 HUK CryptoCb device (AES paths; ECDSA sign stub). |
| wolfcrypt/src/port/realtek/amebapro2_shim.h | Host compile-test HAL shim for --enable-amebapro2. |
| wolfcrypt/src/include.am | Wires RealTek port sources/docs into the autotools build and distribution lists. |
| wolfcrypt/src/ecc.c | Adds DHUK/CCB key import helpers, scrubbing, and STM32 PKA input-validation parity. |
| wolfcrypt/src/aes.c | Routes STM32 bare AES ops through the bare driver, removes legacy DHUK flow, and stages devKey for CryptoCb. |
| configure.ac | Adds --enable-amebapro2 host compile-test option and wires it to CryptoCb enablement. |
| .wolfssl_known_macro_extras | Adds additional known macros for tooling/source checks related to new ports/STM32 work. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
dgarske
force-pushed
the
realtek_huk
branch
2 times, most recently
from
4c51469 to
59f1d53
Compare
Binds wolfCrypt AES (GCM/ECB/CBC/CTR) and HUK-bound ECDSA sign to the RTL8735B silicon Hardware Unique Key via the crypto-callback (CryptoCb) framework. A 256-bit seed runs through the HAL secure HKDF key-ladder against the HUK to land a device-bound working key in a secure key-storage slot; the working key never enters software. Pure crypto-callback device: no new wolfSSL core API or struct fields, and no changes to shared core files. AES reads its seed from the standard aes->devKey; ECDSA reads a port-defined wc_AmebaPro2_EccKey (the HUK-wrapped scalar + seed) the caller attaches via the standard ecc_key->devCtx. The HAL needs 32-byte-aligned DMA buffers, so unaligned iv/aad/in/out are bounced through aligned temporaries. Enabled with WOLFSSL_REALTEK_HUK + WOLF_CRYPTO_CB; --enable-amebapro2 builds a host compile-test against a HAL shim. Validated on RTL8735B silicon (FreeRTOS SDK and Zephyr): full wolfcrypt_test PASS, the HUK AES modes (incl. unaligned-buffer GCM), and HUK-bound ECDSA (P-256 signature verifies against the original public key). See wolfcrypt/src/port/realtek/README.md.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add RealTek AmebaPro2 (RTL8735B) HUK crypto-callback port
Summary
Adds a wolfCrypt port that binds keys to the RealTek RTL8735B (AmebaPro2) silicon Hardware Unique Key (HUK) via the crypto-callback (CryptoCb) framework. A 256-bit "seed" is run through the AmebaPro2 HAL secure HKDF key-ladder against the HUK to derive a per-purpose working key in a secure key-storage slot; the working key never enters software.
It is a pure crypto-callback device -- no new wolfSSL core API, no new struct fields, and no changes to any shared core file (only the new port files plus
configure.ac/include.am/zephyrbuild wiring). AES reads its seed from the standardaes->devKey; ECDSA reads a port-definedwc_AmebaPro2_EccKey(the HUK-wrapped scalar + seed) attached via the standardecc_key->devCtx.Features
in == out) and multi-call chaining; CTR maintains the partial-block keystream state across calls.Build options
WOLFSSL_REALTEK_HUK+WOLF_CRYPTO_CBenable the device (set inuser_settings.h); slot/device IDs are overridable (WC_HUK_DEVID,WC_AMEBAPRO2_*).--enable-amebapro2builds a host compile-test against a HAL shim (no vendor SDK needed) to exercise the crypto-callback dispatch and build wiring.Testing
--enable-amebapro2builds clean; default build unaffected.Documentation
wolfcrypt/src/port/realtek/README.md-- hardware blocks used, enabling, API (AES + thedevCtxECDSA usage), config macros, notes/limitations, on-target benchmarks, and optimization notes (sp_cortexm.c, Thumb-2 asm).wolfssl/wolfcrypt/port/realtek/amebapro2.h-- public API and thewc_AmebaPro2_EccKeycontext struct.wolfssl-examplesAmebaPro2/.