Fix for NO_SWAP_EXT=1 with encryption enabled. Peer review fixes.

Author: dgarske

include/user_settings.h

@@ -118,7 +118,11 @@ extern int tolower(int c);
 #       if !defined(WOLFBOOT_TPM)
 #          define NO_ECC_SIGN
 #          define NO_ECC_DHE
-#          define WOLFSSL_NO_CT_OPS /* don't use constant time ops in misc.c */
+           /* For Renesas RX do not enable the misc.c constant time code
+            * due to issue with 64-bit types */
+#          if defined(__RX__)
+#              define WOLFSSL_NO_CT_OPS /* don't use constant time ops in misc.c */
+#          endif
 #          if !defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT)
 #              define NO_ECC_EXPORT
 #              define NO_ECC_KEY_EXPORT

src/image.c

@@ -1565,7 +1565,7 @@ static int update_hash_flash_fwimg(wolfBoot_hash_t*       ctx,
 {
     uint32_t current_offset = offset;
     uint32_t remaining_size = size;
-    uint8_t read_buf[WOLFBOOT_SHA_BLOCK_SIZE] XALIGNED(4); /* Use local buffer*/
+    uint8_t read_buf[WOLFBOOT_SHA_BLOCK_SIZE] XALIGNED_STACK(4); /* Use local buffer */
 
     while (remaining_size > 0) {
         uint32_t read_size = (remaining_size > WOLFBOOT_SHA_BLOCK_SIZE)
@@ -1594,7 +1594,7 @@ static int update_hash_flash_fwimg(wolfBoot_hash_t*       ctx,
 static int update_hash_flash_addr(wolfBoot_hash_t* ctx, uintptr_t addr,
                                   uint32_t size, int src_ext)
 {
-    uint8_t   buffer[WOLFBOOT_SHA_BLOCK_SIZE] XALIGNED(4);
+    uint8_t   buffer[WOLFBOOT_SHA_BLOCK_SIZE] XALIGNED_STACK(4);
     uint32_t  remaining_size = size;
     uintptr_t current_addr   = addr;
 
@@ -1633,7 +1633,7 @@ int wolfBoot_check_flash_image_elf(uint8_t part, unsigned long* entry_out)
     size_t                ph_size           = 0;
     size_t                current_ph_offset = 0;
     int64_t               final_offset      = -1;
-    uint8_t               calc_digest[WOLFBOOT_SHA_DIGEST_SIZE] XALIGNED(4);
+    uint8_t               calc_digest[WOLFBOOT_SHA_DIGEST_SIZE] XALIGNED_STACK(4);
     uint8_t*              exp_digest;
     int32_t               stored_sha_len;
     int                   i;

src/libwolfboot.c

@@ -1836,8 +1836,8 @@ int RAMFUNCTION ext_flash_encrypt_write(uintptr_t address, const uint8_t *data,
  */
 int RAMFUNCTION ext_flash_decrypt_read(uintptr_t address, uint8_t *data, int len)
 {
-    uint8_t  block[ENCRYPT_BLOCK_SIZE] XALIGNED(4);
-    uint8_t  dec_block[ENCRYPT_BLOCK_SIZE] XALIGNED(4);
+    uint8_t  block[ENCRYPT_BLOCK_SIZE] XALIGNED_STACK(4);
+    uint8_t  dec_block[ENCRYPT_BLOCK_SIZE] XALIGNED_STACK(4);
     uint32_t row_address = address, row_offset, iv_counter = 0;
     int i;
     int flash_read_size;
@@ -1915,7 +1915,7 @@ int RAMFUNCTION ext_flash_decrypt_read(uintptr_t address, uint8_t *data, int len
     unaligned_trailer_size = read_remaining;
     if (unaligned_trailer_size > 0)
     {
-        uint8_t dec_block[ENCRYPT_BLOCK_SIZE] XALIGNED(4);
+        uint8_t dec_block[ENCRYPT_BLOCK_SIZE] XALIGNED_STACK(4);
         if (ext_flash_read(address, block, ENCRYPT_BLOCK_SIZE)
                 != ENCRYPT_BLOCK_SIZE)
             return -1;

src/update_flash.c

@@ -153,7 +153,7 @@ static int RAMFUNCTION wolfBoot_copy_sector(struct wolfBoot_image *src,
 
 #ifdef EXT_ENCRYPTED
     wolfBoot_get_encrypt_key(key, nonce);
-    if(src->part == PART_SWAP)
+    if (src->part == PART_SWAP)
         iv_counter = dst_sector_offset;
     else
         iv_counter = src_sector_offset;
@@ -172,8 +172,8 @@ static int RAMFUNCTION wolfBoot_copy_sector(struct wolfBoot_image *src,
         while (pos < WOLFBOOT_SECTOR_SIZE)  {
           if (src_sector_offset + pos <
               (src->fw_size + IMAGE_HEADER_SIZE + FLASHBUFFER_SIZE)) {
-              /* bypass decryption, copy encrypted data into swap */
-              if (dst->part == PART_SWAP) {
+              /* bypass decryption, copy encrypted data into swap (and its external) */
+              if (dst->part == PART_SWAP && SWAP_EXT) {
                   ext_flash_read((uintptr_t)(src->hdr) + src_sector_offset + pos,
                                  (void *)buffer, FLASHBUFFER_SIZE);
               } else {