feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com.

Browse Source
This commit is contained in:
David Garske
2016-08-15 13:59:41 -06:00
parent 5347e32d63
commit 17a34c5899
63 changed files with 6611 additions and 4471 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitignore
+2
View File
@@ -41,6 +41,8 @@ fips_test.c
fips
src/async.c
wolfssl/async.h
wolfcrypt/src/async.c
wolfssl/wolfcrypt/async.h
ctaocrypt/benchmark/benchmark
ctaocrypt/test/testctaocrypt
wolfcrypt/benchmark/benchmark
IDE/WIN/wolfssl-fips.vcxproj
+1
View File
@@ -300,6 +300,7 @@
<ClCompile Include="..\..\src\ssl.c" />
<ClCompile Include="..\..\src\tls.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_encrypt.c" />
<ClCompile Include="..\..\wolfcrypt\src\wolfevent.c" />
</ItemGroup>
<ItemGroup>
<CustomBuild Include="..\..\wolfcrypt\src\aes_asm.asm">
autogen.sh
+2 -2
View File
@@ -20,8 +20,8 @@ if test -d .git; then
touch ./ctaocrypt/src/fips_test.c
# touch async crypt files
touch ./src/async.c
touch ./wolfssl/async.h
touch ./wolfcrypt/src/async.c
touch ./wolfssl/wolfcrypt/async.h
else
WARNINGS="all"
fi
configure.ac
+46 -1
View File
@@ -2458,9 +2458,50 @@ AC_ARG_WITH([cavium],
AC_MSG_RESULT([yes])
enable_shared=no
enable_static=yes
ENABLED_CAVIUM=yes
],
[ ENABLED_CAVIUM=no ]
)
# cavium V
trycaviumdir=""
AC_ARG_WITH([cavium-v],
[ --with-cavium-v=PATH PATH to Cavium V/software dir ],
[
AC_MSG_CHECKING([for cavium])
CPPFLAGS="$CPPFLAGS -DHAVE_CAVIUM -DHAVE_CAVIUM_V"
if test "x$withval" == "xyes" ; then
AC_MSG_ERROR([need a PATH for --with-cavium])
fi
if test "x$withval" != "xno" ; then
trycaviumdir=$withval
fi
LDFLAGS="$AM_LDFLAGS $trycaviumdir/utils/sample_tests/cavium_common.o $trycaviumdir/utils/sample_tests/cavium_sym_crypto.o $trycaviumdir/utils/sample_tests/cavium_asym_crypto.o"
CPPFLAGS="$CPPFLAGS -I$trycaviumdir/include"
#AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include "cavium_common.h"]], [[ CspShutdown(0); ]])],[ cavium_linked=yes ],[ cavium_linked=no ])
if test "x$cavium_linked" == "xno" ; then
AC_MSG_ERROR([cavium isn't found.
If it's already installed, specify its path using --with-cavium-v=/dir/])
fi
AC_MSG_RESULT([yes])
enable_shared=no
enable_static=yes
ENABLED_CAVIUM=yes
ENABLED_CAVIUM_V=yes
],
[
ENABLED_CAVIUM_=no
ENABLED_CAVIUM_V=no
]
)
AM_CONDITIONAL([BUILD_CAVIUM], [test "x$ENABLED_CAVIUM" = "xyes"])
# Fast RSA using Intel IPP
ippdir="${srcdir}/IPP"
@@ -2668,7 +2709,7 @@ AC_ARG_ENABLE([asynccrypt],
if test "$ENABLED_ASYNCCRYPT" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT -DHAVE_WOLF_EVENT"
# if Cavium not enabled the use async simulator for testing
if test "x$ENABLED_CAVIUM" = "xno"
@@ -2679,6 +2720,9 @@ fi
AM_CONDITIONAL([BUILD_ASYNCCRYPT], [test "x$ENABLED_ASYNCCRYPT" = "xyes"])
AM_CONDITIONAL([BUILD_WOLFEVENT], [test "x$ENABLED_ASYNCCRYPT" = "xyes"])
# Session Export
AC_ARG_ENABLE([sessionexport],
@@ -3069,6 +3113,7 @@ echo " * Examples: $ENABLED_EXAMPLES"
echo " * User Crypto: $ENABLED_USER_CRYPTO"
echo " * Fast RSA: $ENABLED_FAST_RSA"
echo " * Async Crypto: $ENABLED_ASYNCCRYPT"
echo " * Cavium: $ENABLED_CAVIUM"
echo ""
echo "---"
cyassl/ctaocrypt/aes.h
-5
View File
@@ -56,11 +56,6 @@
#define AesCcmDecrypt wc_AesCcmDecrypt
#endif /* HAVE_AESCCM */
#ifdef HAVE_CAVIUM
#define AesInitCavium wc_AesInitCavium
#define AesFreeCavium wc_AesFreeCavium
#endif
#endif /* CTAO_CRYPT_AES_H */
#endif /* NO_AES */
cyassl/ctaocrypt/arc4.h
+2 -3
View File
@@ -26,11 +26,10 @@
/* for arc4 reverse compatibility */
#ifndef NO_RC4
#include <wolfssl/wolfcrypt/arc4.h>
#define CYASSL_ARC4_CAVIUM_MAGIC WOLFSSL_ARC4_CAVIUM_MAGIC
#define Arc4Process wc_Arc4Process
#define Arc4SetKey wc_Arc4SetKey
#define Arc4InitCavium wc_Arc4InitCavium
#define Arc4FreeCavium wc_Arc4FreeCavium
#define Arc4AsyncInit wc_Arc4AsyncInit
#define Arc4AsyncFree wc_Arc4AsyncFree
#endif
#endif /* CTAO_CRYPT_ARC4_H */
cyassl/ctaocrypt/des3.h
+3 -3
View File
@@ -39,9 +39,9 @@
#define Des3_CbcEncrypt wc_Des3_CbcEncrypt
#define Des3_CbcDecrypt wc_Des3_CbcDecrypt
#define Des3_CbcDecryptWithKey wc_Des3_CbcDecryptWithKey
#ifdef HAVE_CAVIUM
#define Des3_InitCavium wc_Des3_InitCavium
#define Des3_FreeCavium wc_Des3_FreeCavium
#ifdef WOLFSSL_ASYNC_CRYPT
#define Des3AsyncInit wc_Des3AsyncInit
#define Des3AsyncFree wc_Des3AsyncFree
#endif
#endif /* NO_DES3 */
cyassl/ctaocrypt/hmac.h
+3 -3
View File
@@ -30,9 +30,9 @@
#define HmacSetKey wc_HmacSetKey
#define HmacUpdate wc_HmacUpdate
#define HmacFinal wc_HmacFinal
#ifdef HAVE_CAVIUM
#define HmacInitCavium wc_HmacInitCavium
#define HmacFreeCavium wc_HmacFreeCavium
#ifdef WOLFSSL_ASYNC_CRYPT
#define HmacAsyncInit wc_HmacAsyncInit
#define HmacAsyncFree wc_HmacAsyncFree
#endif
#define CyaSSL_GetHmacMaxSize wolfSSL_GetHmacMaxSize
#ifdef HAVE_HKDF
cyassl/ctaocrypt/rsa.h
+3 -3
View File
@@ -47,9 +47,9 @@
#define RsaKeyToDer wc_RsaKeyToDer
#endif
#ifdef HAVE_CAVIUM
#define RsaInitCavium wc_RsaInitCavium
#define RsaFreeCavium wc_RsaFreeCavium
#ifdef WOLFSSL_ASYNC_CRYPT
#define RsaAsyncInit wc_RsaAsyncInit
#define RsaAsyncFree wc_RsaAsyncFree
#endif
#endif /* CTAO_CRYPT_RSA_H */
examples/client/client.c
+22 -17
View File
@@ -53,6 +53,10 @@
#include "examples/client/client.h"
#ifdef WOLFSSL_ASYNC_CRYPT
static int devId = INVALID_DEVID;
#endif
/* Note on using port 0: the client standalone example doesn't utilize the
* port 0 port sharing; that is used by (1) the server in external control
* test mode and (2) the testsuite which uses this code and sets up the correct
@@ -78,7 +82,7 @@ static void NonBlockingSSL_Connect(WOLFSSL* ssl)
#endif
int error = wolfSSL_get_error(ssl, 0);
SOCKET_T sockfd = (SOCKET_T)wolfSSL_get_fd(ssl);
int select_ret;
int select_ret = 0;
while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
error == SSL_ERROR_WANT_WRITE ||
@@ -91,15 +95,17 @@ static void NonBlockingSSL_Connect(WOLFSSL* ssl)
printf("... client would write block\n");
#ifdef WOLFSSL_ASYNC_CRYPT
else if (error == WC_PENDING_E) {
ret = AsyncCryptPoll(ssl);
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
#ifdef WOLFSSL_DTLS
if (error != WC_PENDING_E) {
#ifdef WOLFSSL_DTLS
currTimeout = wolfSSL_dtls_get_current_timeout(ssl);
#endif
#endif
select_ret = tcp_select(sockfd, currTimeout);
}
if ((select_ret == TEST_RECV_READY) ||
(select_ret == TEST_ERROR_READY)) {
@@ -1175,9 +1181,13 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myDateCb);
#endif
#ifdef HAVE_CAVIUM
wolfSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID);
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevOpen(&devId);
if (ret != 0) {
err_sys("Async device open failed");
}
wolfSSL_CTX_UseAsync(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef HAVE_SNI
if (sniHostName)
@@ -1343,7 +1353,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = AsyncCryptPoll(ssl);
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
@@ -1622,6 +1632,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
((func_args*)args)->return_code = 0;
#ifdef WOLFSSL_ASYNC_CRYPT
wolfAsync_DevClose(&devId);
#endif
#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
if (trackMemory)
ShowMemoryTracker();
@@ -1650,11 +1664,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
@@ -1674,10 +1683,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
wolfSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
examples/echoclient/echoclient.c
+20 -13
View File
@@ -52,6 +52,11 @@
#include "examples/echoclient/echoclient.h"
#ifdef WOLFSSL_ASYNC_CRYPT
static int devId = INVALID_DEVID;
#endif
void echoclient_test(void* args)
{
SOCKET_T sockfd = 0;
@@ -162,9 +167,17 @@ void echoclient_test(void* args)
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(WOLFSSL_MDK_ARM)
#if defined(WOLFSSL_MDK_ARM)
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
#endif
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevOpen(&devId);
if (ret != 0) {
err_sys("Async device open failed");
}
wolfSSL_CTX_UseAsync(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */
ssl = SSL_new(ctx);
tcp_connect(&sockfd, yasslIP, port, doDTLS, ssl);
@@ -178,7 +191,7 @@ void echoclient_test(void* args)
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = AsyncCryptPoll(ssl);
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
@@ -250,6 +263,10 @@ void echoclient_test(void* args)
SSL_free(ssl);
SSL_CTX_free(ctx);
#ifdef WOLFSSL_ASYNC_CRYPT
wolfAsync_DevClose(&devId);
#endif
fflush(fout);
if (inCreated) fclose(fin);
if (outCreated) fclose(fout);
@@ -266,12 +283,6 @@ void echoclient_test(void* args)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
err_sys("Whitewood netRandom global config failed");
@@ -293,10 +304,6 @@ void echoclient_test(void* args)
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
examples/echoserver/echoserver.c
+17 -11
View File
@@ -53,6 +53,10 @@
#include "examples/echoserver/echoserver.h"
#ifdef WOLFSSL_ASYNC_CRYPT
static int devId = INVALID_DEVID;
#endif
#define SVR_COMMAND_SIZE 256
static void SignalReady(void* args, word16 port)
@@ -226,6 +230,14 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#endif
}
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevOpen(&devId);
if (ret != 0) {
err_sys("Async device open failed");
}
wolfSSL_CTX_UseAsync(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */
SignalReady(args, port);
while (!shutDown) {
@@ -272,7 +284,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = AsyncCryptPoll(ssl);
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
@@ -390,6 +402,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
TicketCleanup();
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
wolfAsync_DevClose(&devId);
#endif
#ifndef CYASSL_TIRTOS
return 0;
#endif
@@ -403,12 +419,6 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
err_sys("Whitewood netRandom global config failed");
@@ -427,10 +437,6 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
echoserver_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
examples/server/server.c
+17 -10
View File
@@ -55,6 +55,10 @@
#include "examples/server/server.h"
#ifdef WOLFSSL_ASYNC_CRYPT
static int devId = INVALID_DEVID;
#endif
/* Note on using port 0: if the server uses port 0 to bind an ephemeral port
* number and is using the ready file for scripted testing, the code in
* test.h will write the actual port number into the ready file for use
@@ -806,6 +810,14 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
}
#endif /* USE_WINDOWS_API */
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevOpen(&devId);
if (ret != 0) {
err_sys("Async device open failed");
}
wolfSSL_CTX_UseAsync(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */
while (1) {
/* allow resume option */
if(resumeCount > 1) {
@@ -947,7 +959,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = AsyncCryptPoll(ssl);
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
@@ -1088,6 +1100,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
TicketCleanup();
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
wolfAsync_DevClose(&devId);
#endif
/* There are use cases when these assignments are not read. To avoid
* potential confusion those warnings have been handled here.
*/
@@ -1112,11 +1128,6 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
func_args args;
tcp_ready ready;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
@@ -1139,10 +1150,6 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
CyaSSL_Cleanup();
FreeTcpReady(&ready);
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
mcapi/crypto.c
+1
View File
@@ -223,6 +223,7 @@ int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX* sha512, unsigned char* digest)
int CRYPT_HMAC_SetKey(CRYPT_HMAC_CTX* hmac, int type, const unsigned char* key,
unsigned int sz)
{
/* compile-time check to verify CRYPT_HMAC_CTX is large enough to hold Hmac */
typedef char hmac_test[sizeof(CRYPT_HMAC_CTX) >= sizeof(Hmac) ? 1 : -1];
(void)sizeof(hmac_test);
mcapi/crypto.h
+1 -1
View File
@@ -104,7 +104,7 @@ enum {
/* HMAC */
typedef struct CRYPT_HMAC_CTX {
long long holder[67]; /* big enough to hold internal, but check on init */
long long holder[68]; /* big enough to hold internal, but check on init */
} CRYPT_HMAC_CTX;
int CRYPT_HMAC_SetKey(CRYPT_HMAC_CTX*, int, const unsigned char*, unsigned int);
src/include.am
+8 -4
View File
@@ -65,6 +65,14 @@ src_libwolfssl_la_SOURCES += \
wolfcrypt/src/sha256.c \
wolfcrypt/src/hash.c
if BUILD_WOLFEVENT
src_libwolfssl_la_SOURCES += wolfcrypt/src/wolfevent.c
endif
if BUILD_ASYNCCRYPT
src_libwolfssl_la_SOURCES += wolfcrypt/src/async.c
endif
if !BUILD_USER_RSA
if BUILD_RSA
if BUILD_FAST_RSA
@@ -254,8 +262,4 @@ if BUILD_SNIFFER
src_libwolfssl_la_SOURCES += src/sniffer.c
endif
if BUILD_ASYNCCRYPT
src_libwolfssl_la_SOURCES += src/async.c
endif
endif # !BUILD_CRYPTONLY
src/internal.c
+2399 -1792
View File
File diff suppressed because it is too large Load Diff
src/keys.c
+26 -26
View File
@@ -2070,18 +2070,18 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
if (dec && dec->arc4 == NULL)
return MEMORY_E;
#ifdef HAVE_CAVIUM
if (devId != NO_CAVIUM_DEVICE) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (devId != INVALID_DEVID) {
if (enc) {
if (wc_Arc4InitCavium(enc->arc4, devId) != 0) {
WOLFSSL_MSG("Arc4InitCavium failed in SetKeys");
return CAVIUM_INIT_E;
if (wc_Arc4AsyncInit(enc->arc4, devId) != 0) {
WOLFSSL_MSG("Arc4AsyncInit failed in SetKeys");
return ASYNC_INIT_E;
}
}
if (dec) {
if (wc_Arc4InitCavium(dec->arc4, devId) != 0) {
WOLFSSL_MSG("Arc4InitCavium failed in SetKeys");
return CAVIUM_INIT_E;
if (wc_Arc4AsyncInit(dec->arc4, devId) != 0) {
WOLFSSL_MSG("Arc4AsyncInit failed in SetKeys");
return ASYNC_INIT_E;
}
}
}
@@ -2282,18 +2282,18 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
if (dec && dec->des3 == NULL)
return MEMORY_E;
#ifdef HAVE_CAVIUM
if (devId != NO_CAVIUM_DEVICE) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (devId != INVALID_DEVID) {
if (enc) {
if (wc_Des3_InitCavium(enc->des3, devId) != 0) {
WOLFSSL_MSG("Des3_InitCavium failed in SetKeys");
return CAVIUM_INIT_E;
if (wc_Des3AsyncInit(enc->des3, devId) != 0) {
WOLFSSL_MSG("Des3AsyncInit failed in SetKeys");
return ASYNC_INIT_E;
}
}
if (dec) {
if (wc_Des3_InitCavium(dec->des3, devId) != 0) {
WOLFSSL_MSG("Des3_InitCavium failed in SetKeys");
return CAVIUM_INIT_E;
if (wc_Des3AsyncInit(dec->des3, devId) != 0) {
WOLFSSL_MSG("Des3AsyncInit failed in SetKeys");
return ASYNC_INIT_E;
}
}
}
@@ -2346,18 +2346,18 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
if (dec && dec->aes == NULL)
return MEMORY_E;
#ifdef HAVE_CAVIUM
if (devId != NO_CAVIUM_DEVICE) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (devId != INVALID_DEVID) {
if (enc) {
if (wc_AesInitCavium(enc->aes, devId) != 0) {
WOLFSSL_MSG("AesInitCavium failed in SetKeys");
return CAVIUM_INIT_E;
if (wc_AesAsyncInit(enc->aes, devId) != 0) {
WOLFSSL_MSG("AesAsyncInit failed in SetKeys");
return ASYNC_INIT_E;
}
}
if (dec) {
if (wc_AesInitCavium(dec->aes, devId) != 0) {
WOLFSSL_MSG("AesInitCavium failed in SetKeys");
return CAVIUM_INIT_E;
if (wc_AesAsyncInit(dec->aes, devId) != 0) {
WOLFSSL_MSG("AesAsyncInit failed in SetKeys");
return ASYNC_INIT_E;
}
}
}
@@ -2675,14 +2675,14 @@ static int SetAuthKeys(OneTimeAuth* authentication, Keys* keys,
*/
int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side)
{
int devId = NO_CAVIUM_DEVICE, ret, copy = 0;
int devId = INVALID_DEVID, ret, copy = 0;
Ciphers* wc_encrypt = NULL;
Ciphers* wc_decrypt = NULL;
Keys* keys = &ssl->keys;
(void)copy;
#ifdef HAVE_CAVIUM
#ifdef WOLFSSL_ASYNC_CRYPT
devId = ssl->devId;
#endif
src/ssl.c
+27 -108
View File
@@ -1090,10 +1090,10 @@ int wolfSSL_read(WOLFSSL* ssl, void* data, int sz)
}
#ifdef HAVE_CAVIUM
#ifdef WOLFSSL_ASYNC_CRYPT
/* let's use cavium, SSL_SUCCESS on ok */
int wolfSSL_UseCavium(WOLFSSL* ssl, int devId)
/* let's use async hardware, SSL_SUCCESS on ok */
int wolfSSL_UseAsync(WOLFSSL* ssl, int devId)
{
if (ssl == NULL)
return BAD_FUNC_ARG;
@@ -1104,8 +1104,8 @@ int wolfSSL_UseCavium(WOLFSSL* ssl, int devId)
}
/* let's use cavium, SSL_SUCCESS on ok */
int wolfSSL_CTX_UseCavium(WOLFSSL_CTX* ctx, int devId)
/* let's use async hardware, SSL_SUCCESS on ok */
int wolfSSL_CTX_UseAsync(WOLFSSL_CTX* ctx, int devId)
{
if (ctx == NULL)
return BAD_FUNC_ARG;
@@ -1115,8 +1115,7 @@ int wolfSSL_CTX_UseCavium(WOLFSSL_CTX* ctx, int devId)
return SSL_SUCCESS;
}
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef HAVE_SNI
@@ -19016,118 +19015,38 @@ void* wolfSSL_get_jobject(WOLFSSL* ssl)
#endif /* WOLFSSL_JNI */
#ifdef HAVE_WOLF_EVENT
static int _wolfSSL_CTX_poll(WOLFSSL_CTX* ctx, WOLFSSL* ssl, WOLF_EVENT* events,
int maxEvents, unsigned char flags, int* eventCount)
#ifdef WOLFSSL_ASYNC_CRYPT
int wolfSSL_CTX_AsyncPoll(WOLFSSL_CTX* ctx, WOLF_EVENT** events, int maxEvents,
WOLF_EVENT_FLAG flags, int* eventCount)
{
WOLF_EVENT* event, *event_prev = NULL;
int count = 0, ret = SSL_ERROR_NONE;
if (ctx == NULL || maxEvents <= 0) {
if (ctx == NULL) {
return BAD_FUNC_ARG;
}
/* Events arg can be NULL only if peek */
if (events == NULL && !(flags & WOLF_POLL_FLAG_PEEK)) {
return wolfAsync_EventQueuePoll(&ctx->event_queue, NULL,
events, maxEvents, flags, eventCount);
}
int wolfSSL_AsyncPoll(WOLFSSL* ssl, WOLF_EVENT_FLAG flags)
{
int ret, eventCount = 0;
WOLF_EVENT* events[1];
if (ssl == NULL) {
return BAD_FUNC_ARG;
}
#ifndef SINGLE_THREADED
/* In single threaded mode "event_queue.lock" doesn't exist */
if (LockMutex(&ctx->event_queue.lock) != 0) {
return BAD_MUTEX_E;
}
#endif
/* Itterate event queue */
for (event = ctx->event_queue.head; event != NULL; event = event->next)
{
byte removeEvent = 0;
/* Optionally filter by ssl object pointer */
if (ssl == NULL || (ssl == event->ssl)) {
if (flags & WOLF_POLL_FLAG_PEEK) {
if (events) {
/* Copy event data to provided buffer */
XMEMCPY(&events[count], event, sizeof(WOLF_EVENT));
}
count++;
}
else {
/* Check hardware */
if (flags & WOLF_POLL_FLAG_CHECK_HW) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (event->type >= WOLF_EVENT_TYPE_ASYNC_FIRST &&
event->type <= WOLF_EVENT_TYPE_ASYNC_LAST)
{
ret = wolfSSL_async_poll(event, flags);
}
#endif /* WOLFSSL_ASYNC_CRYPT */
}
/* If event is done then return in 'events' argument */
if (event->done) {
/* Copy event data to provided buffer */
XMEMCPY(&events[count], event, sizeof(WOLF_EVENT));
count++;
removeEvent = 1;
}
}
}
if (removeEvent) {
/* Remove from queue list */
if (event_prev == NULL) {
ctx->event_queue.head = event->next;
if (ctx->event_queue.head == NULL) {
ctx->event_queue.tail = NULL;
}
}
else {
event_prev->next = event->next;
}
}
else {
/* Leave in queue, save prev pointer */
event_prev = event;
}
/* Check to make sure our event list isn't full */
if (events && count >= maxEvents) {
break; /* Exit for */
}
/* Check for error */
if (ret < 0) {
break; /* Exit for */
}
}
#ifndef SINGLE_THREADED
UnLockMutex(&ctx->event_queue.lock);
#endif
/* Return number of properly populated events */
if (eventCount) {
*eventCount = count;
/* not filtering on "ssl", since its the asyncDev */
ret = wolfAsync_EventQueuePoll(&ssl->ctx->event_queue, NULL,
events, sizeof(events)/sizeof(events), flags, &eventCount);
if (ret == 0 && eventCount > 0) {
ret = 1; /* Success */
}
return ret;
}
#endif /* WOLFSSL_ASYNC_CRYPT */
int wolfSSL_CTX_poll(WOLFSSL_CTX* ctx, WOLF_EVENT* events,
int maxEvents, unsigned char flags, int* eventCount)
{
return _wolfSSL_CTX_poll(ctx, NULL, events, maxEvents, flags, eventCount);
}
int wolfSSL_poll(WOLFSSL* ssl, WOLF_EVENT* events,
int maxEvents, unsigned char flags, int* eventCount)
{
return _wolfSSL_CTX_poll(ssl->ctx, ssl, events, maxEvents, flags,
eventCount);
}
#endif /* HAVE_WOLF_EVENT */
#endif /* WOLFCRYPT_ONLY */
tests/api.c
+76 -17
View File
@@ -537,6 +537,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
char msg[] = "I hear you fa shizzle!";
char input[1024];
int idx;
int ret, err = 0;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
@@ -602,9 +603,22 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
#endif
#endif
if (wolfSSL_accept(ssl) != SSL_SUCCESS)
{
int err = wolfSSL_get_error(ssl, 0);
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
err = 0; /* Reset error */
ret = wolfSSL_accept(ssl);
if (ret != SSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
}
} while (ret != SSL_SUCCESS && err == WC_PENDING_E);
if (ret != SSL_SUCCESS) {
char buffer[WOLFSSL_MAX_ERROR_SZ];
printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
/*err_sys("SSL_accept failed");*/
@@ -666,6 +680,7 @@ static void test_client_nofail(void* args)
char reply[1024];
int input;
int msgSz = (int)XSTRLEN(msg);
int ret, err = 0;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
@@ -706,12 +721,25 @@ static void test_client_nofail(void* args)
goto done2;
}
if (wolfSSL_connect(ssl) != SSL_SUCCESS)
{
int err = wolfSSL_get_error(ssl, 0);
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
err = 0; /* Reset error */
ret = wolfSSL_connect(ssl);
if (ret != SSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
}
} while (ret != SSL_SUCCESS && err == WC_PENDING_E);
if (ret != SSL_SUCCESS) {
char buffer[WOLFSSL_MAX_ERROR_SZ];
printf("err = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
/*printf("SSL_connect failed");*/
printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
/*err_sys("SSL_connect failed");*/
goto done2;
}
@@ -759,6 +787,7 @@ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
int len = (int) XSTRLEN(msg);
char input[1024];
int idx;
int ret, err = 0;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
@@ -829,13 +858,27 @@ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
if (callbacks->ssl_ready)
callbacks->ssl_ready(ssl);
/* AssertIntEQ(SSL_SUCCESS, wolfSSL_accept(ssl)); */
if (wolfSSL_accept(ssl) != SSL_SUCCESS) {
int err = wolfSSL_get_error(ssl, 0);
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
err = 0; /* Reset error */
ret = wolfSSL_accept(ssl);
if (ret != SSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
}
} while (ret != SSL_SUCCESS && err == WC_PENDING_E);
if (ret != SSL_SUCCESS) {
char buffer[WOLFSSL_MAX_ERROR_SZ];
printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
} else {
/*err_sys("SSL_accept failed");*/
}
else {
if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
input[idx] = 0;
printf("Client message: %s\n", input);
@@ -898,6 +941,7 @@ static void run_wolfssl_client(void* args)
int len = (int) XSTRLEN(msg);
char input[1024];
int idx;
int ret, err = 0;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
@@ -932,12 +976,27 @@ static void run_wolfssl_client(void* args)
if (callbacks->ssl_ready)
callbacks->ssl_ready(ssl);
if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
int err = wolfSSL_get_error(ssl, 0);
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
err = 0; /* Reset error */
ret = wolfSSL_connect(ssl);
if (ret != SSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
}
} while (ret != SSL_SUCCESS && err == WC_PENDING_E);
if (ret != SSL_SUCCESS) {
char buffer[WOLFSSL_MAX_ERROR_SZ];
printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
} else {
/*err_sys("SSL_connect failed");*/
}
else {
AssertIntEQ(len, wolfSSL_write(ssl, msg, len));
if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
tests/unit.c
-9
View File
@@ -54,11 +54,6 @@ int unit_test(int argc, char** argv)
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
wolfSSL_Debugging_ON();
#endif
#ifdef HAVE_CAVIUM
ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
@@ -85,10 +80,6 @@ int unit_test(int argc, char** argv)
SrpTest();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
testsuite/testsuite.c
-10
View File
@@ -84,12 +84,6 @@ int testsuite_test(int argc, char** argv)
int num = 6;
#endif
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0) {
err_sys("Whitewood netRandom global config failed");
@@ -204,10 +198,6 @@ int testsuite_test(int argc, char** argv)
fdCloseSession(Task_self());
#endif
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
wolfcrypt/benchmark/benchmark.c
+279 -79
View File
@@ -77,15 +77,16 @@
#endif
#include <wolfssl/wolfcrypt/dh.h>
#ifdef HAVE_CAVIUM
#include "cavium_sysdep.h"
#include "cavium_common.h"
#include "cavium_ioctl.h"
#endif
#ifdef HAVE_NTRU
#include "libntruencrypt/ntru_crypto.h"
#endif
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
static int devId = INVALID_DEVID;
#endif
#ifdef HAVE_WNR
const char* wnrConfigFile = "wnr-example.conf";
@@ -161,6 +162,9 @@ void bench_ripemd(void);
void bench_cmac(void);
void bench_rsa(void);
#ifdef WOLFSSL_ASYNC_CRYPT
void bench_rsa_async(void);
#endif
void bench_rsaKeyGen(void);
void bench_dh(void);
#ifdef HAVE_ECC
@@ -189,29 +193,6 @@ void bench_rng(void);
double current_time(int);
#ifdef HAVE_CAVIUM
static int OpenNitroxDevice(int dma_mode,int dev_id)
{
Csp1CoreAssignment core_assign;
Uint32 device;
if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
return -1;
if (Csp1GetDevType(&device))
return -1;
if (device != NPX_DEVICE) {
if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
(Uint32 *)&core_assign)!= 0)
return -1;
}
CspShutdown(CAVIUM_DEV_ID);
return CspInitialize(dma_mode, dev_id);
}
#endif
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
WOLFSSL_API int wolfSSL_Debugging_ON();
#endif
@@ -274,29 +255,28 @@ int benchmark_test(void *args)
wolfCrypt_Init();
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
wolfSSL_Debugging_ON();
#endif
#endif
(void)plain;
(void)cipher;
(void)key;
(void)iv;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0) {
printf("Cavium OpenNitroxDevice failed\n");
#ifdef WOLFSSL_ASYNC_CRYPT
if (wolfAsync_DevOpen(&devId) != 0) {
printf("Async device open failed\n");
exit(-1);
}
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef HAVE_WNR
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfigFile, NULL, 5000) != 0) {
printf("Whitewood netRandom config init failed\n");
exit(-1);
}
#endif /* HAVE_WNR */
#endif /* HAVE_WNR */
#if defined(HAVE_LOCAL_RNG)
{
@@ -384,16 +364,18 @@ int benchmark_test(void *args)
#ifndef NO_RSA
bench_rsa();
#ifdef WOLFSSL_ASYNC_CRYPT
bench_rsa_async();
#endif
#ifdef WOLFSSL_KEY_GEN
bench_rsaKeyGen();
#endif
#endif
#ifndef NO_DH
bench_dh();
#endif
#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
bench_rsaKeyGen();
#endif
#ifdef HAVE_NTRU
bench_ntru();
bench_ntruKeyGen();
@@ -426,6 +408,10 @@ int benchmark_test(void *args)
wc_FreeRng(&rng);
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
wolfAsync_DevClose(&devId);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0) {
printf("Failed to free netRandom context\n");
@@ -452,9 +438,15 @@ static const char blockType[] = "kB"; /* used in printf output */
#else
enum BenchmarkBounds {
numBlocks = 50, /* how many megs to test (en/de)cryption */
#ifdef WOLFSSL_ASYNC_CRYPT
ntimes = 1000,
genTimes = 1000,
agreeTimes = 1000
#else
ntimes = 100,
genTimes = 100,
agreeTimes = 100
#endif
};
static const char blockType[] = "megs"; /* used in printf output */
#endif
@@ -526,9 +518,9 @@ void bench_aes(int show)
int i;
int ret;
#ifdef HAVE_CAVIUM
if (wc_AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) {
printf("aes init cavium failed\n");
#ifdef WOLFSSL_ASYNC_CRYPT
if ((ret = wc_AesAsyncInit(&enc, devId)) != 0) {
printf("wc_AesAsyncInit failed, ret = %d\n", ret);
return;
}
#endif
@@ -559,10 +551,10 @@ void bench_aes(int show)
SHOW_INTEL_CYCLES
printf("\n");
}
#ifdef HAVE_CAVIUM
wc_AesFreeCavium(&enc);
if (wc_AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) {
printf("aes init cavium failed\n");
#ifdef WOLFSSL_ASYNC_CRYPT
wc_AesAsyncFree(&enc);
if ((ret = wc_AesAsyncInit(&enc, devId)) != 0) {
printf("wc_AesAsyncInit failed, ret = %d\n", ret);
return;
}
#endif
@@ -593,8 +585,8 @@ void bench_aes(int show)
SHOW_INTEL_CYCLES
printf("\n");
}
#ifdef HAVE_CAVIUM
wc_AesFreeCavium(&enc);
#ifdef WOLFSSL_ASYNC_CRYPT
wc_AesAsyncFree(&enc);
#endif
}
#endif /* HAVE_AES_CBC */
@@ -805,9 +797,9 @@ void bench_des(void)
double start, total, persec;
int i, ret;
#ifdef HAVE_CAVIUM
if (wc_Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0)
printf("des3 init cavium failed\n");
#ifdef WOLFSSL_ASYNC_CRYPT
if (wc_Des3AsyncInit(&enc, devId) != 0)
printf("des3 async init failed\n");
#endif
ret = wc_Des3_SetKey(&enc, key, iv, DES_ENCRYPTION);
if (ret != 0) {
@@ -833,8 +825,8 @@ void bench_des(void)
blockType, total, persec);
SHOW_INTEL_CYCLES
printf("\n");
#ifdef HAVE_CAVIUM
wc_Des3_FreeCavium(&enc);
#ifdef WOLFSSL_ASYNC_CRYPT
wc_Des3AsyncFree(&enc);
#endif
}
#endif
@@ -882,9 +874,9 @@ void bench_arc4(void)
double start, total, persec;
int i;
#ifdef HAVE_CAVIUM
if (wc_Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0)
printf("arc4 init cavium failed\n");
#ifdef WOLFSSL_ASYNC_CRYPT
if (wc_Arc4AsyncInit(&enc, devId) != 0)
printf("arc4 async init failed\n");
#endif
wc_Arc4SetKey(&enc, key, 16);
@@ -906,8 +898,8 @@ void bench_arc4(void)
blockType, total, persec);
SHOW_INTEL_CYCLES
printf("\n");
#ifdef HAVE_CAVIUM
wc_Arc4FreeCavium(&enc);
#ifdef WOLFSSL_ASYNC_CRYPT
wc_Arc4AsyncFree(&enc);
#endif
}
#endif
@@ -1395,7 +1387,7 @@ void bench_rsa(void)
word32 idx = 0;
const byte* tmp;
byte message[] = "Everyone gets Friday off.";
const byte message[] = "Everyone gets Friday off.";
byte enc[256]; /* for up to 2048 bit */
const int len = (int)strlen((char*)message);
double start, total, each, milliEach;
@@ -1414,32 +1406,33 @@ void bench_rsa(void)
#error "need a cert buffer size"
#endif /* USE_CERT_BUFFERS */
#ifdef HAVE_CAVIUM
if (wc_RsaInitCavium(&rsaKey, CAVIUM_DEV_ID) != 0)
printf("RSA init cavium failed\n");
#endif
ret = wc_InitRsaKey(&rsaKey, 0);
if (ret < 0) {
printf("InitRsaKey failed\n");
if ((ret = wc_InitRsaKey(&rsaKey, 0)) < 0) {
printf("InitRsaKey failed! %d\n", ret);
return;
}
/* decode the private key */
ret = wc_RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes);
start = current_time(1);
for (i = 0; i < ntimes; i++)
ret = wc_RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng);
for (i = 0; i < ntimes; i++) {
ret = wc_RsaPublicEncrypt(message, len, enc, sizeof(enc),
&rsaKey, &rng);
if (ret < 0) {
break;
}
} /* for ntimes */
total = current_time(0) - start;
each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */
printf("RSA %d encryption took %6.3f milliseconds, avg over %d"
printf("RSA %d public %6.3f milliseconds, avg over %d"
" iterations\n", rsaKeySz, milliEach, ntimes);
if (ret < 0) {
printf("Rsa Public Encrypt failed\n");
printf("Rsa Public Encrypt failed! %d\n", ret);
return;
}
@@ -1448,24 +1441,231 @@ void bench_rsa(void)
#endif
start = current_time(1);
/* capture resulting encrypt length */
idx = ret;
for (i = 0; i < ntimes; i++) {
byte out[256]; /* for up to 2048 bit */
wc_RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey);
ret = wc_RsaPrivateDecrypt(enc, idx, out, sizeof(out), &rsaKey);
if (ret < 0 && ret != WC_PENDING_E) {
break;
}
} /* for ntimes */
total = current_time(0) - start;
each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */
printf("RSA %d decryption took %6.3f milliseconds, avg over %d"
printf("RSA %d private %6.3f milliseconds, avg over %d"
" iterations\n", rsaKeySz, milliEach, ntimes);
wc_FreeRsaKey(&rsaKey);
#ifdef HAVE_CAVIUM
wc_RsaFreeCavium(&rsaKey);
#endif
}
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
void bench_rsa_async(void)
{
int i;
int ret;
size_t bytes;
word32 idx = 0;
const byte* tmp;
const byte message[] = "Everyone gets Friday off.";
byte enc[256]; /* for up to 2048 bit */
const int len = (int)strlen((char*)message);
double start, total, each, milliEach;
RsaKey rsaKey[WOLF_ASYNC_MAX_PENDING];
int rsaKeySz = 2048; /* used in printf */
WOLF_EVENT events[WOLF_ASYNC_MAX_PENDING];
WOLF_EVENT_QUEUE eventQueue;
int evtNum, asyncDone, asyncPend;
#ifdef USE_CERT_BUFFERS_1024
tmp = rsa_key_der_1024;
bytes = sizeof_rsa_key_der_1024;
rsaKeySz = 1024;
#elif defined(USE_CERT_BUFFERS_2048)
tmp = rsa_key_der_2048;
bytes = sizeof_rsa_key_der_2048;
#else
#error "need a cert buffer size"
#endif /* USE_CERT_BUFFERS */
/* init event queue */
ret = wolfEventQueue_Init(&eventQueue);
if (ret != 0) {
return;
}
/* clear for done cleanup */
XMEMSET(&events, 0, sizeof(events));
XMEMSET(&rsaKey, 0, sizeof(rsaKey));
/* init events and keys */
for (i = 0; i < WOLF_ASYNC_MAX_PENDING; i++) {
/* setup an async context for each key */
if ((ret = wc_InitRsaKey_ex(&rsaKey[i], 0, devId)) < 0) {
goto done;
}
#ifdef WC_RSA_BLINDING
wc_RsaSetRNG(&rsaKey[i], &rng);
#endif
if ((ret = wolfAsync_EventInit(&events[i],
WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT, &rsaKey[i].asyncDev)) != 0) {
goto done;
}
events[i].pending = 0; /* Reset pending flag */
/* decode the private key */
idx = 0;
if ((ret = wc_RsaPrivateKeyDecode(tmp, &idx, &rsaKey[i],
(word32)bytes)) != 0) {
printf("wc_RsaPrivateKeyDecode failed! %d\n", ret);
goto done;
}
}
/* begin public async RSA */
start = current_time(1);
asyncPend = 0;
for (i = 0; i < ntimes; ) {
/* while free pending slots in queue, submit RSA operations */
for (evtNum = 0; evtNum < WOLF_ASYNC_MAX_PENDING; evtNum++) {
if (events[evtNum].done || (events[evtNum].pending == 0 &&
(i + asyncPend) < ntimes))
{
/* check for event error */
if (events[evtNum].ret != WC_PENDING_E && events[evtNum].ret < 0) {
printf("wc_RsaPublicEncrypt: Async event error: %d\n", events[evtNum].ret);
goto done;
}
ret = wc_RsaPublicEncrypt(message, len, enc, sizeof(enc),
&rsaKey[evtNum], &rng);
if (ret == WC_PENDING_E) {
ret = wc_RsaAsyncHandle(&rsaKey[evtNum], &eventQueue,
&events[evtNum]);
if (ret != 0) goto done;
asyncPend++;
}
else if (ret >= 0) {
/* operation completed */
i++;
asyncPend--;
events[evtNum].done = 0;
}
else {
printf("wc_RsaPublicEncrypt failed: %d\n", ret);
goto done;
}
}
} /* for evtNum */
/* poll until there are events done */
if (asyncPend > 0) {
do {
ret = wolfAsync_EventQueuePoll(&eventQueue, NULL, NULL, 0,
WOLF_POLL_FLAG_CHECK_HW, &asyncDone);
if (ret != 0) goto done;
} while (asyncDone == 0);
}
} /* for ntimes */
total = current_time(0) - start;
each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */
printf("RSA %d public async %6.3f milliseconds, avg over %d"
" iterations\n", rsaKeySz, milliEach, ntimes);
if (ret < 0) {
goto done;
}
/* begin private async RSA */
start = current_time(1);
/* capture resulting encrypt length */
idx = sizeof(enc); /* fixed at 2048 bit */
asyncPend = 0;
for (i = 0; i < ntimes; ) {
byte out[256]; /* for up to 2048 bit */
/* while free pending slots in queue, submit RSA operations */
for (evtNum = 0; evtNum < WOLF_ASYNC_MAX_PENDING; evtNum++) {
if (events[evtNum].done || (events[evtNum].pending == 0 &&
(i + asyncPend) < ntimes))
{
/* check for event error */
if (events[evtNum].ret != WC_PENDING_E && events[evtNum].ret < 0) {
printf("wc_RsaPrivateDecrypt: Async event error: %d\n", events[evtNum].ret);
goto done;
}
ret = wc_RsaPrivateDecrypt(enc, idx, out, sizeof(out),
&rsaKey[evtNum]);
if (ret == WC_PENDING_E) {
ret = wc_RsaAsyncHandle(&rsaKey[evtNum], &eventQueue,
&events[evtNum]);
if (ret != 0) goto done;
asyncPend++;
}
else if (ret >= 0) {
/* operation completed */
i++;
asyncPend--;
events[evtNum].done = 0;
}
else {
printf("wc_RsaPrivateDecrypt failed: %d\n", ret);
goto done;
}
}
} /* for evtNum */
/* poll until there are events done */
if (asyncPend > 0) {
do {
ret = wolfAsync_EventQueuePoll(&eventQueue, NULL, NULL, 0,
WOLF_POLL_FLAG_CHECK_HW, &asyncDone);
if (ret != 0) goto done;
} while (asyncDone == 0);
}
} /* for ntimes */
total = current_time(0) - start;
each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */
printf("RSA %d private async %6.3f milliseconds, avg over %d"
" iterations\n", rsaKeySz, milliEach, ntimes);
done:
if (ret < 0) {
printf("bench_rsa_async failed: %d\n", ret);
}
/* cleanup */
for (i = 0; i < WOLF_ASYNC_MAX_PENDING; i++) {
wc_FreeRsaKey(&rsaKey[i]);
}
/* free event queue */
wolfEventQueue_Free(&eventQueue);
}
#endif /* WOLFSSL_ASYNC_CRYPT */
#endif /* !NO_RSA */
#ifndef NO_DH
wolfcrypt/src/aes.c
+23 -143
View File
@@ -164,16 +164,15 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
#endif /* HAVE_AES_DECRYPT */
#endif /* HAVE_AESCCM */
#ifdef HAVE_CAVIUM
int wc_AesInitCavium(Aes* aes, int i)
#ifdef WOLFSSL_ASYNC_CRYPT
int wc_AesAsyncInit(Aes* aes, int i)
{
return AesInitCavium(aes, i);
return AesAsyncInit(aes, i);
}
void wc_AesFreeCavium(Aes* aes)
void wc_AesAsyncFree(Aes* aes)
{
AesFreeCavium(aes);
AesAsyncFree(aes);
}
#endif
#else /* HAVE_FIPS */
@@ -332,22 +331,8 @@ void wc_AesFreeCavium(Aes* aes)
#define DEBUG_WOLFSSL
#include "wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h"
#elif defined(HAVE_CAVIUM)
#include <wolfssl/wolfcrypt/logging.h>
#include "cavium_common.h"
/* still leave SW crypto available */
#define NEED_AES_TABLES
static int wc_AesCaviumSetKey(Aes* aes, const byte* key, word32 length,
const byte* iv);
#ifdef HAVE_AES_CBC
static int wc_AesCaviumCbcEncrypt(Aes* aes, byte* out, const byte* in,
word32 length);
#ifdef HAVE_AES_DECRYPT
static int wc_AesCaviumCbcDecrypt(Aes* aes, byte* out, const byte* in,
word32 length);
#endif /* HAVE_AES_DECRYPT */
#endif /* HAVE_AES_CBC */
#elif defined(WOLFSSL_NRF51_AES)
/* Use built-in AES hardware - AES 128 ECB Encrypt Only */
#include "wolfssl/wolfcrypt/port/nrf51.h"
@@ -1870,9 +1855,10 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
}
#endif
#ifdef HAVE_CAVIUM
if (aes->magic == WOLFSSL_AES_CAVIUM_MAGIC)
return wc_AesCaviumSetKey(aes, userKey, keylen, iv);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES) {
return NitroxAesSetKey(aes, userKey, keylen, iv);
}
#endif
#ifdef WOLFSSL_AESNI
@@ -2490,9 +2476,9 @@ int wc_InitAes_h(Aes* aes, void* h)
{
word32 blocks = sz / AES_BLOCK_SIZE;
#ifdef HAVE_CAVIUM
if (aes->magic == WOLFSSL_AES_CAVIUM_MAGIC)
return wc_AesCaviumCbcEncrypt(aes, out, in, sz);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES)
return NitroxAesCbcEncrypt(aes, out, in, sz);
#endif
#ifdef WOLFSSL_AESNI
@@ -2554,9 +2540,10 @@ int wc_InitAes_h(Aes* aes, void* h)
{
word32 blocks = sz / AES_BLOCK_SIZE;
#ifdef HAVE_CAVIUM
if (aes->magic == WOLFSSL_AES_CAVIUM_MAGIC)
return wc_AesCaviumCbcDecrypt(aes, out, in, sz);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES) {
return NitroxAesCbcDecrypt(aes, out, in, sz);
}
#endif
#ifdef WOLFSSL_AESNI
@@ -3909,8 +3896,6 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
byte *ctr ;
byte scratch[AES_BLOCK_SIZE];
WOLFSSL_ENTER("AesGcmEncrypt");
#ifdef WOLFSSL_AESNI
if (haveAESNI) {
AES_GCM_encrypt((void*)in, out, (void*)authIn, (void*)iv, authTag,
@@ -3982,8 +3967,6 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
byte *ctr ;
byte scratch[AES_BLOCK_SIZE];
WOLFSSL_ENTER("AesGcmDecrypt");
#ifdef WOLFSSL_AESNI
if (haveAESNI) {
if (AES_GCM_decrypt(in, out, authIn, iv, authTag,
@@ -4323,131 +4306,28 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
#endif /* HAVE_AESCCM */
#ifdef HAVE_CAVIUM
#include <wolfssl/wolfcrypt/logging.h>
#include "cavium_common.h"
#ifdef WOLFSSL_ASYNC_CRYPT
/* Initialize Aes for use with Nitrox device */
int wc_AesInitCavium(Aes* aes, int devId)
int wc_AesAsyncInit(Aes* aes, int devId)
{
if (aes == NULL)
return -1;
return BAD_FUNC_ARG;
if (CspAllocContext(CONTEXT_SSL, &aes->contextHandle, devId) != 0)
return -1;
aes->devId = devId;
aes->magic = WOLFSSL_AES_CAVIUM_MAGIC;
return 0;
return wolfAsync_DevCtxInit(&aes->asyncDev, WOLFSSL_ASYNC_MARKER_AES, devId);
}
/* Free Aes from use with Nitrox device */
void wc_AesFreeCavium(Aes* aes)
void wc_AesAsyncFree(Aes* aes)
{
if (aes == NULL)
return;
if (aes->magic != WOLFSSL_AES_CAVIUM_MAGIC)
return;
CspFreeContext(CONTEXT_SSL, aes->contextHandle, aes->devId);
aes->magic = 0;
wolfAsync_DevCtxFree(&aes->asyncDev);
}
static int wc_AesCaviumSetKey(Aes* aes, const byte* key, word32 length,
const byte* iv)
{
if (aes == NULL)
return -1;
XMEMCPY(aes->key, key, length); /* key still holds key, iv still in reg */
if (length == 16)
aes->type = AES_128;
else if (length == 24)
aes->type = AES_192;
else if (length == 32)
aes->type = AES_256;
return wc_AesSetIV(aes, iv);
}
#ifdef HAVE_AES_CBC
static int wc_AesCaviumCbcEncrypt(Aes* aes, byte* out, const byte* in,
word32 length)
{
wolfssl_word offset = 0;
word32 requestId;
while (length > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
if (CspEncryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE,
aes->type, slen, (byte*)in + offset, out + offset,
(byte*)aes->reg, (byte*)aes->key, &requestId,
aes->devId) != 0) {
WOLFSSL_MSG("Bad Cavium Aes Encrypt");
return -1;
}
length -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
XMEMCPY(aes->reg, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
if (CspEncryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE,
aes->type, slen, (byte*)in + offset, out + offset,
(byte*)aes->reg, (byte*)aes->key, &requestId,
aes->devId) != 0) {
WOLFSSL_MSG("Bad Cavium Aes Encrypt");
return -1;
}
XMEMCPY(aes->reg, out + offset+length - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
}
return 0;
}
#ifdef HAVE_AES_DECRYPT
static int wc_AesCaviumCbcDecrypt(Aes* aes, byte* out, const byte* in,
word32 length)
{
word32 requestId;
wolfssl_word offset = 0;
while (length > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
XMEMCPY(aes->tmp, in + offset + slen - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
if (CspDecryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE,
aes->type, slen, (byte*)in + offset, out + offset,
(byte*)aes->reg, (byte*)aes->key, &requestId,
aes->devId) != 0) {
WOLFSSL_MSG("Bad Cavium Aes Decrypt");
return -1;
}
length -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
XMEMCPY(aes->tmp, in + offset + slen - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
if (CspDecryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE,
aes->type, slen, (byte*)in + offset, out + offset,
(byte*)aes->reg, (byte*)aes->key, &requestId,
aes->devId) != 0) {
WOLFSSL_MSG("Bad Cavium Aes Decrypt");
return -1;
}
XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
}
return 0;
}
#endif /* HAVE_AES_DECRYPT */
#endif /* HAVE_AES_CBC */
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_ASYNC_CRYPT */
#endif /* WOLFSSL_TI_CRYPT */
wolfcrypt/src/arc4.c
+16 -70
View File
@@ -28,23 +28,19 @@
#ifndef NO_RC4
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/arc4.h>
#ifdef HAVE_CAVIUM
static void wc_Arc4CaviumSetKey(Arc4* arc4, const byte* key, word32 length);
static void wc_Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in,
word32 length);
#endif
void wc_Arc4SetKey(Arc4* arc4, const byte* key, word32 length)
{
word32 i;
word32 keyIndex = 0, stateIndex = 0;
#ifdef HAVE_CAVIUM
if (arc4->magic == WOLFSSL_ARC4_CAVIUM_MAGIC)
return wc_Arc4CaviumSetKey(arc4, key, length);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM) && !defined(HAVE_CAVIUM_V)
if (arc4->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ARC4) {
return NitroxArc4SetKey(arc4, key, length);
}
#endif
arc4->x = 1;
@@ -85,9 +81,10 @@ void wc_Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length)
word32 x;
word32 y;
#ifdef HAVE_CAVIUM
if (arc4->magic == WOLFSSL_ARC4_CAVIUM_MAGIC)
return wc_Arc4CaviumProcess(arc4, out, in, length);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM) && !defined(HAVE_CAVIUM_V)
if (arc4->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ARC4) {
return NitroxArc4Process(arc4, out, in, length);
}
#endif
x = arc4->x;
@@ -101,79 +98,28 @@ void wc_Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length)
}
#ifdef HAVE_CAVIUM
#include <wolfssl/wolfcrypt/logging.h>
#include "cavium_common.h"
#ifdef WOLFSSL_ASYNC_CRYPT
/* Initialize Arc4 for use with Nitrox device */
int wc_Arc4InitCavium(Arc4* arc4, int devId)
int wc_Arc4AsyncInit(Arc4* arc4, int devId)
{
if (arc4 == NULL)
return -1;
return BAD_FUNC_ARG;
if (CspAllocContext(CONTEXT_SSL, &arc4->contextHandle, devId) != 0)
return -1;
arc4->devId = devId;
arc4->magic = WOLFSSL_ARC4_CAVIUM_MAGIC;
return 0;
return wolfAsync_DevCtxInit(&arc4->asyncDev, WOLFSSL_ASYNC_MARKER_ARC4, devId);
}
/* Free Arc4 from use with Nitrox device */
void wc_Arc4FreeCavium(Arc4* arc4)
void wc_Arc4AsyncFree(Arc4* arc4)
{
if (arc4 == NULL)
return;
if (arc4->magic != WOLFSSL_ARC4_CAVIUM_MAGIC)
return;
CspFreeContext(CONTEXT_SSL, arc4->contextHandle, arc4->devId);
arc4->magic = 0;
wolfAsync_DevCtxFree(&arc4->asyncDev);
}
static void wc_Arc4CaviumSetKey(Arc4* arc4, const byte* key, word32 length)
{
word32 requestId;
if (CspInitializeRc4(CAVIUM_BLOCKING, arc4->contextHandle, length,
(byte*)key, &requestId, arc4->devId) != 0) {
WOLFSSL_MSG("Bad Cavium Arc4 Init");
}
}
static void wc_Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in,
word32 length)
{
wolfssl_word offset = 0;
word32 requestId;
while (length > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_UPDATE,
slen, (byte*)in + offset, out + offset, &requestId,
arc4->devId) != 0) {
WOLFSSL_MSG("Bad Cavium Arc4 Encrypt");
}
length -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
}
if (length) {
word16 slen = (word16)length;
if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_UPDATE,
slen, (byte*)in + offset, out + offset, &requestId,
arc4->devId) != 0) {
WOLFSSL_MSG("Bad Cavium Arc4 Encrypt");
}
}
}
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_ASYNC_CRYPT */
#endif /* NO_RC4 */
wolfcrypt/src/asn.c
+86 -78
View File
@@ -646,7 +646,7 @@ static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version)
}
#endif /* !NO_ASN_TIME */
WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
word32 maxIdx)
{
word32 i = *inOutIdx;
@@ -676,6 +676,62 @@ WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
return 0;
}
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
static int GetIntRsa(RsaKey* key, mp_int* mpi, const byte* input,
word32* inOutIdx, word32 maxIdx)
{
word32 i = *inOutIdx;
byte b = input[i++];
int length;
(void)key;
if (b != ASN_INTEGER)
return ASN_PARSE_E;
if (GetLength(input, &i, &length, maxIdx) < 0)
return ASN_PARSE_E;
if ( (b = input[i++]) == 0x00)
length--;
else
i--;
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_RSA) {
XMEMSET(mpi, 0, sizeof(mp_int));
mpi->used = length;
#ifdef USE_FAST_MATH
if (length > (FP_SIZE * (int)sizeof(fp_digit))) {
return MEMORY_E;
}
mpi->dpraw = (byte*)mpi->dp;
#else
mpi->dpraw = (byte*)XMALLOC(length, key->heap, DYNAMIC_TYPE_ASYNC_RSA);
#endif
if (mpi->dpraw == NULL) {
return MEMORY_E;
}
XMEMCPY(mpi->dpraw, input + i, length);
}
else
#endif /* WOLFSSL_ASYNC_CRYPT && HAVE_CAVIUM */
{
if (mp_init(mpi) != MP_OKAY)
return MP_INIT_E;
if (mp_read_unsigned_bin(mpi, (byte*)input + i, length) != 0) {
mp_clear(mpi);
return ASN_GETINT_E;
}
}
*inOutIdx = i + length;
return 0;
}
#endif /* !NO_RSA && !HAVE_USER_RSA */
/* hashType */
static const byte hashMd2hOid[] = {42, 134, 72, 134, 247, 13, 2, 2};
@@ -1297,79 +1353,12 @@ WOLFSSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
#ifndef NO_RSA
#ifdef HAVE_CAVIUM
static int GetCaviumInt(byte** buff, word16* buffSz, const byte* input,
word32* inOutIdx, word32 maxIdx, void* heap)
{
word32 i = *inOutIdx;
byte b = input[i++];
int length;
if (b != ASN_INTEGER)
return ASN_PARSE_E;
if (GetLength(input, &i, &length, maxIdx) < 0)
return ASN_PARSE_E;
if ( (b = input[i++]) == 0x00)
length--;
else
i--;
*buffSz = (word16)length;
*buff = XMALLOC(*buffSz, heap, DYNAMIC_TYPE_CAVIUM_RSA);
if (*buff == NULL)
return MEMORY_E;
XMEMCPY(*buff, input + i, *buffSz);
*inOutIdx = i + length;
return 0;
}
static int CaviumRsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
RsaKey* key, word32 inSz)
{
int version, length;
void* h = key->heap;
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
return ASN_PARSE_E;
if (GetMyVersion(input, inOutIdx, &version) < 0)
return ASN_PARSE_E;
key->type = RSA_PRIVATE;
if (GetCaviumInt(&key->c_n, &key->c_nSz, input, inOutIdx, inSz, h) < 0 ||
GetCaviumInt(&key->c_e, &key->c_eSz, input, inOutIdx, inSz, h) < 0 ||
GetCaviumInt(&key->c_d, &key->c_dSz, input, inOutIdx, inSz, h) < 0 ||
GetCaviumInt(&key->c_p, &key->c_pSz, input, inOutIdx, inSz, h) < 0 ||
GetCaviumInt(&key->c_q, &key->c_qSz, input, inOutIdx, inSz, h) < 0 ||
GetCaviumInt(&key->c_dP, &key->c_dP_Sz, input, inOutIdx, inSz, h) < 0 ||
GetCaviumInt(&key->c_dQ, &key->c_dQ_Sz, input, inOutIdx, inSz, h) < 0 ||
GetCaviumInt(&key->c_u, &key->c_uSz, input, inOutIdx, inSz, h) < 0 )
return ASN_RSA_KEY_E;
return 0;
}
#endif /* HAVE_CAVIUM */
#ifndef HAVE_USER_RSA
int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
word32 inSz)
{
int version, length;
#ifdef HAVE_CAVIUM
if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
return CaviumRsaPrivateKeyDecode(input, inOutIdx, key, inSz);
#endif
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
return ASN_PARSE_E;
@@ -1378,14 +1367,14 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
key->type = RSA_PRIVATE;
if (GetInt(&key->n, input, inOutIdx, inSz) < 0 ||
GetInt(&key->e, input, inOutIdx, inSz) < 0 ||
GetInt(&key->d, input, inOutIdx, inSz) < 0 ||
GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
GetInt(&key->dP, input, inOutIdx, inSz) < 0 ||
GetInt(&key->dQ, input, inOutIdx, inSz) < 0 ||
GetInt(&key->u, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
if (GetIntRsa(key, &key->n, input, inOutIdx, inSz) < 0 ||
GetIntRsa(key, &key->e, input, inOutIdx, inSz) < 0 ||
GetIntRsa(key, &key->d, input, inOutIdx, inSz) < 0 ||
GetIntRsa(key, &key->p, input, inOutIdx, inSz) < 0 ||
GetIntRsa(key, &key->q, input, inOutIdx, inSz) < 0 ||
GetIntRsa(key, &key->dP, input, inOutIdx, inSz) < 0 ||
GetIntRsa(key, &key->dQ, input, inOutIdx, inSz) < 0 ||
GetIntRsa(key, &key->u, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
return 0;
}
@@ -3674,11 +3663,22 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
else {
XMEMCPY(plain, sig, sigSz);
if ((verifySz = wc_RsaSSL_VerifyInline(plain, sigSz, &out,
pubKey)) < 0) {
ret = 0;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, pubKey);
#endif
if (ret >= 0) {
ret = wc_RsaSSL_VerifyInline(plain, sigSz, &out,
pubKey);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
WOLFSSL_MSG("Rsa SSL verify error");
}
else {
verifySz = ret;
/* make sure we're right justified */
encodedSigSz =
wc_EncodeSignature(encodedSig, digest, digestSz, typeH);
@@ -7359,8 +7359,16 @@ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz,
if (rsaKey) {
/* signature */
encSigSz = wc_EncodeSignature(encSig, digest, digestSz, typeH);
ret = 0;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, rsaKey);
#endif
if (ret >= 0) {
ret = wc_RsaSSL_Sign(encSig, encSigSz, sig, sigSz, rsaKey, rng);
}
} while (ret == WC_PENDING_E);
}
#endif
#ifdef HAVE_ECC
wolfcrypt/src/des3.c
+26 -133
View File
@@ -31,13 +31,6 @@
#include <wolfssl/wolfcrypt/des3.h>
#ifdef HAVE_FIPS
#ifdef HAVE_CAVIUM
static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv);
static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
word32 length);
static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in,
word32 length);
#endif
int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
{
@@ -98,23 +91,24 @@ int wc_Des3_SetIV(Des3* des, const byte* iv)
}
#ifdef HAVE_CAVIUM
#ifdef WOLFSSL_ASYNC_CRYPT
/* Initialize Des3 for use with Nitrox device */
int wc_Des3_InitCavium(Des3* des3, int devId)
int wc_Des3AsyncInit(Des3* des3, int devId)
{
return Des3_InitCavium(des3, devId);
return Des3AsyncInit(des3, devId);
}
/* Free Des3 from use with Nitrox device */
void wc_Des3_FreeCavium(Des3* des3)
void wc_Des3AsyncFree(Des3* des3)
{
Des3_FreeCavium(des3);
Des3AsyncFree(des3);
}
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_ASYNC_CRYPT */
#else /* build without fips */
#if defined(WOLFSSL_TI_CRYPT)
@@ -132,17 +126,6 @@ void wc_Des3_FreeCavium(Des3* des3)
#endif
#ifdef HAVE_CAVIUM
static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv);
static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
word32 length);
static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in,
word32 length);
#endif
#ifdef STM32F2_CRYPTO
/*
* STM32F2 hardware DES/3DES support through the STM32F2 standard
@@ -1292,9 +1275,10 @@ int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
{
int ret;
#ifdef HAVE_CAVIUM
if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC)
return wc_Des3_CaviumSetKey(des, key, iv);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (des->asyncDev.marker == WOLFSSL_ASYNC_MARKER_3DES) {
return NitroxDes3SetKey(des, key, iv);
}
#endif
ret = DesSetKey(key + (dir == DES_ENCRYPTION ? 0:16), dir, des->key[0]);
@@ -1433,9 +1417,10 @@ int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
{
word32 blocks;
#ifdef HAVE_CAVIUM
if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC)
return wc_Des3_CaviumCbcEncrypt(des, out, in, sz);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (des->asyncDev.marker == WOLFSSL_ASYNC_MARKER_3DES) {
return NitroxDes3CbcEncrypt(des, out, in, sz);
}
#endif
blocks = sz / DES_BLOCK_SIZE;
@@ -1455,9 +1440,10 @@ int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
{
word32 blocks;
#ifdef HAVE_CAVIUM
if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC)
return wc_Des3_CaviumCbcDecrypt(des, out, in, sz);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (des->asyncDev.marker == WOLFSSL_ASYNC_MARKER_3DES) {
return NitroxDes3CbcDecrypt(des, out, in, sz);
}
#endif
blocks = sz / DES_BLOCK_SIZE;
@@ -1513,122 +1499,29 @@ int wc_Des3_SetIV(Des3* des, const byte* iv)
}
#ifdef HAVE_CAVIUM
#include "cavium_common.h"
#ifdef WOLFSSL_ASYNC_CRYPT
/* Initialize Des3 for use with Nitrox device */
int wc_Des3_InitCavium(Des3* des3, int devId)
int wc_Des3AsyncInit(Des3* des3, int devId)
{
if (des3 == NULL)
return -1;
return BAD_FUNC_ARG;
if (CspAllocContext(CONTEXT_SSL, &des3->contextHandle, devId) != 0)
return -1;
des3->devId = devId;
des3->magic = WOLFSSL_3DES_CAVIUM_MAGIC;
return 0;
return wolfAsync_DevCtxInit(&des3->asyncDev, WOLFSSL_ASYNC_MARKER_3DES, devId);
}
/* Free Des3 from use with Nitrox device */
void wc_Des3_FreeCavium(Des3* des3)
void wc_Des3AsyncFree(Des3* des3)
{
if (des3 == NULL)
return;
if (des3->magic != WOLFSSL_3DES_CAVIUM_MAGIC)
return;
CspFreeContext(CONTEXT_SSL, des3->contextHandle, des3->devId);
des3->magic = 0;
wolfAsync_DevCtxFree(&des3->asyncDev);
}
#endif /* WOLFSSL_ASYNC_CRYPT */
static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv)
{
if (des3 == NULL)
return -1;
/* key[0] holds key, iv in reg */
XMEMCPY(des3->key[0], key, DES_BLOCK_SIZE*3);
return wc_Des3_SetIV(des3, iv);
}
static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
word32 length)
{
wolfssl_word offset = 0;
word32 requestId;
while (length > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
if (CspEncrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
CAVIUM_NO_UPDATE, slen, (byte*)in + offset,
out + offset, (byte*)des3->reg, (byte*)des3->key[0],
&requestId, des3->devId) != 0) {
WOLFSSL_MSG("Bad Cavium 3DES Cbc Encrypt");
return -1;
}
length -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
XMEMCPY(des3->reg, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
if (CspEncrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
CAVIUM_NO_UPDATE, slen, (byte*)in + offset,
out + offset, (byte*)des3->reg, (byte*)des3->key[0],
&requestId, des3->devId) != 0) {
WOLFSSL_MSG("Bad Cavium 3DES Cbc Encrypt");
return -1;
}
XMEMCPY(des3->reg, out+offset+length - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
}
return 0;
}
static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in,
word32 length)
{
word32 requestId;
wolfssl_word offset = 0;
while (length > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
if (CspDecrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
CAVIUM_NO_UPDATE, slen, (byte*)in+offset, out+offset,
(byte*)des3->reg, (byte*)des3->key[0], &requestId,
des3->devId) != 0) {
WOLFSSL_MSG("Bad Cavium 3Des Decrypt");
return -1;
}
length -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE,DES_BLOCK_SIZE);
if (CspDecrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
CAVIUM_NO_UPDATE, slen, (byte*)in+offset, out+offset,
(byte*)des3->reg, (byte*)des3->key[0], &requestId,
des3->devId) != 0) {
WOLFSSL_MSG("Bad Cavium 3Des Decrypt");
return -1;
}
XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE);
}
return 0;
}
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_TI_CRYPT */
#endif /* HAVE_FIPS */
#endif /* NO_DES3 */
wolfcrypt/src/ecc.c
+172 -29
View File
@@ -2223,8 +2223,9 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
int err;
if (private_key == NULL || public_key == NULL || out == NULL ||
outlen == NULL)
outlen == NULL) {
return BAD_FUNC_ARG;
}
/* type valid? */
if (private_key->type != ECC_PRIVATEKEY) {
@@ -2242,6 +2243,24 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
return ECC_BAD_ARG_E;
}
#ifdef WOLFSSL_ASYNC_CRYPT
if (private_key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
#ifdef HAVE_CAVIUM
/* TODO: Not implemented */
#else
AsyncCryptTestDev* testDev = &private_key->asyncDev.dev;
if (testDev->type == ASYNC_TEST_NONE) {
testDev->type = ASYNC_TEST_ECC_SHARED_SEC;
testDev->eccSharedSec.private_key = private_key;
testDev->eccSharedSec.public_key = public_key;
testDev->eccSharedSec.out = out;
testDev->eccSharedSec.outLen = outlen;
return WC_PENDING_E;
}
#endif
}
#endif
/* make new point */
result = wc_ecc_new_point_h(private_key->heap);
if (result == NULL) {
@@ -2302,8 +2321,10 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
mp_int a;
int err;
if (private_key == NULL || point == NULL || out == NULL || outlen == NULL)
if (private_key == NULL || point == NULL || out == NULL ||
outlen == NULL) {
return BAD_FUNC_ARG;
}
/* type valid? */
if (private_key->type != ECC_PRIVATEKEY) {
@@ -2391,6 +2412,24 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id)
return err;
}
#ifdef WOLFSSL_ASYNC_CRYPT
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
#ifdef HAVE_CAVIUM
/* TODO: Not implemented */
#else
AsyncCryptTestDev* testDev = &key->asyncDev.dev;
if (testDev->type == ASYNC_TEST_NONE) {
testDev->type = ASYNC_TEST_ECC_MAKE;
testDev->eccMake.rng = rng;
testDev->eccMake.key = key;
testDev->eccMake.size = keysize;
testDev->eccMake.curve_id = curve_id;
return WC_PENDING_E;
}
#endif
}
#endif
#ifdef WOLFSSL_SMALL_STACK
buf = (byte*)XMALLOC(ECC_MAXSIZE_GEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL)
@@ -2567,13 +2606,18 @@ int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key)
return wc_ecc_make_key_ex(rng, keysize, key, ECC_CURVE_DEF);
}
/* Setup dynamic pointers is using normal math for proper freeing */
int wc_ecc_init(ecc_key* key)
/* Setup dynamic pointers if using normal math for proper freeing */
int wc_ecc_init_ex(ecc_key* key, void* heap, int devId)
{
int ret = 0;
if (key == NULL) {
return BAD_FUNC_ARG;
}
(void)devId;
#ifdef ECC_DUMP_OID
wc_ecc_dump_oids();
#endif
@@ -2590,8 +2634,9 @@ int wc_ecc_init(ecc_key* key)
#endif
#ifdef ALT_ECC_SIZE
if (mp_init(&key->k) != MP_OKAY)
if (mp_init(&key->k) != MP_OKAY) {
return MEMORY_E;
}
key->pubkey.x = (mp_int*)&key->pubkey.xyz[0];
key->pubkey.y = (mp_int*)&key->pubkey.xyz[1];
@@ -2604,26 +2649,26 @@ int wc_ecc_init(ecc_key* key)
#ifdef WOLFSSL_HEAP_TEST
key->heap = (void*)WOLFSSL_HEAP_TEST;
#else
key->heap = NULL;
key->heap = heap;
#endif
return MP_OKAY;
}
int wc_ecc_init_h(ecc_key* key, void* heap)
{
int ret;
if ((ret = wc_ecc_init(key)) != MP_OKAY) {
return ret;
#ifdef WOLFSSL_ASYNC_CRYPT
if (devId != INVALID_DEVID) {
/* handle as async */
ret = wolfAsync_DevCtxInit(&key->asyncDev, WOLFSSL_ASYNC_MARKER_ECC,
devId);
}
#endif
key->heap = heap;
return MP_OKAY;
return ret;
}
int wc_ecc_init(ecc_key* key)
{
return wc_ecc_init_ex(key, NULL, INVALID_DEVID);
}
#ifdef HAVE_ECC_SIGN
#ifndef NO_ASN
@@ -2644,16 +2689,40 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
int err;
if (in == NULL || out == NULL || outlen == NULL ||
key == NULL || rng == NULL)
key == NULL || rng == NULL) {
return ECC_BAD_ARG_E;
}
#ifdef WOLFSSL_ASYNC_CRYPT
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
#ifdef HAVE_CAVIUM
/* TODO: Not implemented */
#else
AsyncCryptTestDev* testDev = &key->asyncDev.dev;
if (testDev->type == ASYNC_TEST_NONE) {
testDev->type = ASYNC_TEST_ECC_SIGN;
testDev->eccSign.in = in;
testDev->eccSign.inSz = inlen;
testDev->eccSign.out = out;
testDev->eccSign.outSz = outlen;
testDev->eccSign.rng = rng;
testDev->eccSign.key = key;
return WC_PENDING_E;
}
#endif
}
#endif
if ((err = mp_init_multi(&r, &s, NULL, NULL, NULL, NULL)) != MP_OKAY) {
return err;
}
err = wc_ecc_sign_hash_ex(in, inlen, rng, key, &r, &s);
if (err == MP_OKAY)
if (err == MP_OKAY) {
/* encoded with DSA header */
err = StoreECC_DSA_Sig(out, outlen, &r, &s);
}
#ifndef USE_FAST_MATH
mp_clear(&r);
@@ -2780,8 +2849,15 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
*/
void wc_ecc_free(ecc_key* key)
{
if (key == NULL)
if (key == NULL) {
return;
}
#ifdef WOLFSSL_ASYNC_CRYPT
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_RSA) {
wolfAsync_DevCtxFree(&key->asyncDev);
}
#endif
mp_clear(key->pubkey.x);
mp_clear(key->pubkey.y);
@@ -3048,12 +3124,33 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
mp_int s;
int err;
if (sig == NULL || hash == NULL || stat == NULL || key == NULL)
if (sig == NULL || hash == NULL || stat == NULL || key == NULL) {
return ECC_BAD_ARG_E;
}
/* default to invalid signature */
*stat = 0;
#ifdef WOLFSSL_ASYNC_CRYPT
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
#ifdef HAVE_CAVIUM
/* TODO: Not implemented */
#else
AsyncCryptTestDev* testDev = &key->asyncDev.dev;
if (testDev->type == ASYNC_TEST_NONE) {
testDev->type = ASYNC_TEST_ECC_VERIFY;
testDev->eccVerify.in = sig;
testDev->eccVerify.inSz = siglen;
testDev->eccVerify.out = hash;
testDev->eccVerify.outSz = hashlen;
testDev->eccVerify.stat = stat;
testDev->eccVerify.key = key;
return WC_PENDING_E;
}
#endif
}
#endif
/* Note, DecodeECC_DSA_Sig() calls mp_init() on r and s.
* If either of those don't allocate correctly, none of
* the rest of this function will execute, and everything
@@ -5680,7 +5777,7 @@ int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt)
ctx->cliSt = ecCLI_SALT_SET;
else {
ctx->cliSt = ecCLI_BAD_STATE;
return BAD_ENC_STATE_E;
return BAD_STATE_E;
}
}
else {
@@ -5689,7 +5786,7 @@ int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt)
ctx->srvSt = ecSRV_SALT_SET;
else {
ctx->srvSt = ecSRV_BAD_STATE;
return BAD_ENC_STATE_E;
return BAD_STATE_E;
}
}
@@ -5871,13 +5968,13 @@ int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
keysLen *= 2;
if (ctx->srvSt != ecSRV_RECV_REQ)
return BAD_ENC_STATE_E;
return BAD_STATE_E;
ctx->srvSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */
}
else if (ctx->protocol == REQ_RESP_CLIENT) {
if (ctx->cliSt != ecCLI_SALT_SET)
return BAD_ENC_STATE_E;
return BAD_STATE_E;
ctx->cliSt = ecCLI_SENT_REQ; /* only do this once */
}
@@ -6023,13 +6120,13 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
keysLen *= 2;
if (ctx->cliSt != ecCLI_SENT_REQ)
return BAD_ENC_STATE_E;
return BAD_STATE_E;
ctx->cliSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */
}
else if (ctx->protocol == REQ_RESP_SERVER) {
if (ctx->srvSt != ecSRV_SALT_SET)
return BAD_ENC_STATE_E;
return BAD_STATE_E;
ctx->srvSt = ecSRV_RECV_REQ; /* only do this once */
}
@@ -6526,4 +6623,50 @@ int wc_ecc_set_custom_curve(ecc_key* key, const ecc_set_type* dp)
#endif /* WOLFSSL_CUSTOM_CURVES */
#ifdef WOLFSSL_ASYNC_CRYPT
int wc_ecc_async_handle(ecc_key* key, WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event)
{
int ret;
if (key == NULL || queue == NULL || event == NULL) {
return BAD_FUNC_ARG;
}
/* make sure this ECC context had "wc_EccAsyncInit" called on it */
if (key->asyncDev.marker != WOLFSSL_ASYNC_MARKER_ECC) {
return ASYNC_INIT_E;
}
/* setup the event and push to queue */
ret = wolfAsync_EventInit(event, WOLF_EVENT_TYPE_ASYNC_WOLFSSL, &key->asyncDev);
if (ret == 0) {
ret = wolfEventQueue_Push(queue, event);
}
/* check for error (helps with debugging) */
if (ret != 0) {
WOLFSSL_MSG("wc_EccAsyncHandle failed");
}
return ret;
}
int wc_ecc_async_wait(int ret, ecc_key* key)
{
if (ret == WC_PENDING_E) {
WOLF_EVENT event;
XMEMSET(&event, 0, sizeof(event));
ret = wolfAsync_EventInit(&event, WOLF_EVENT_TYPE_ASYNC_WOLFSSL, &key->asyncDev);
if (ret == 0) {
ret = wolfAsync_EventWait(&event);
if (ret == 0 && event.ret >= 0) {
ret = event.ret;
}
}
}
return ret;
}
#endif /* WOLFSSL_ASYNC_CRYPT */
#endif /* HAVE_ECC */
wolfcrypt/src/error.c
+13 -7
View File
@@ -62,6 +62,15 @@ const char* wc_GetErrorString(int error)
case BAD_MUTEX_E :
return "Bad mutex, operation failed";
case WC_TIMEOUT_E:
return "Timeout error";
case WC_PENDING_E:
return "wolfCrypt Operation Pending (would block / eagain) error";
case WC_NOT_PENDING_E:
return "wolfCrypt operation not pending error";
case MP_INIT_E :
return "mp_init error state";
@@ -227,8 +236,8 @@ const char* wc_GetErrorString(int error)
case AES_CCM_AUTH_E:
return "AES-CCM Authentication check fail";
case CAVIUM_INIT_E:
return "Cavium Init type error";
case ASYNC_INIT_E:
return "Async Init error";
case COMPRESS_INIT_E:
return "Compress Init error";
@@ -257,8 +266,8 @@ const char* wc_GetErrorString(int error)
case ASN_OCSP_CONFIRM_E :
return "ASN OCSP sig error, confirm failure";
case BAD_ENC_STATE_E:
return "Bad ecc encrypt state operation";
case BAD_STATE_E:
return "Bad state operation";
case BAD_PADDING_E:
return "Bad padding, message wrong length";
@@ -377,9 +386,6 @@ const char* wc_GetErrorString(int error)
case HASH_TYPE_E:
return "Hash type not enabled/available";
case WC_PENDING_E:
return "wolfCrypt Operation Pending (would block / eagain) error";
case WC_KEY_SIZE_E:
return "Key size error, either too small or large";
wolfcrypt/src/hash.c
+25 -13
View File
@@ -34,42 +34,54 @@
#include <wolfssl/wolfcrypt/hash.h>
#ifndef NO_ASN
#if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC)
#ifdef NO_ASN
enum Hash_Sum {
MD2h = 646,
MD5h = 649,
SHAh = 88,
SHA256h = 414,
SHA384h = 415,
SHA512h = 416
};
#endif
int wc_HashGetOID(enum wc_HashType hash_type)
{
int oid = HASH_TYPE_E; /* Default to hash type error */
switch(hash_type)
{
case WC_HASH_TYPE_MD2:
#ifdef WOLFSSL_MD2
#ifdef WOLFSSL_MD2
oid = MD2h;
#endif
#endif
break;
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_MD5:
#ifndef NO_MD5
#ifndef NO_MD5
oid = MD5h;
#endif
#endif
break;
case WC_HASH_TYPE_SHA:
#ifndef NO_SHA
#ifndef NO_SHA
oid = SHAh;
#endif
#endif
break;
case WC_HASH_TYPE_SHA256:
#ifndef NO_SHA256
#ifndef NO_SHA256
oid = SHA256h;
#endif
#endif
break;
case WC_HASH_TYPE_SHA384:
#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_SHA384)
#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_SHA384)
oid = SHA384h;
#endif
#endif
break;
case WC_HASH_TYPE_SHA512:
#ifdef WOLFSSL_SHA512
#ifdef WOLFSSL_SHA512
oid = SHA512h;
#endif
#endif
break;
/* Not Supported */
wolfcrypt/src/hmac.c
+83 -159
View File
@@ -50,16 +50,16 @@ int wc_HmacFinal(Hmac* hmac, byte* out)
}
#ifdef HAVE_CAVIUM
int wc_HmacInitCavium(Hmac* hmac, int i)
#ifdef WOLFSSL_ASYNC_CRYPT
int wc_HmacAsyncInit(Hmac* hmac, int i)
{
return HmacInitCavium(hmac, i);
return HmacAsyncInit(hmac, i);
}
void wc_HmacFreeCavium(Hmac* hmac)
void wc_HmacAsyncFree(Hmac* hmac)
{
HmacFreeCavium(hmac);
HmacAsyncFree(hmac);
}
#endif
@@ -105,12 +105,48 @@ int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef HAVE_CAVIUM
static int HmacCaviumFinal(Hmac* hmac, byte* hash);
static int HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length);
static int HmacCaviumSetKey(Hmac* hmac, int type, const byte* key,
word32 length);
#endif
int wc_HmacSizeByType(int type)
{
if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384
|| type == SHA512 || type == BLAKE2B_ID)) {
return BAD_FUNC_ARG;
}
switch (type) {
#ifndef NO_MD5
case MD5:
return MD5_DIGEST_SIZE;
#endif
#ifndef NO_SHA
case SHA:
return SHA_DIGEST_SIZE;
#endif
#ifndef NO_SHA256
case SHA256:
return SHA256_DIGEST_SIZE;
#endif
#ifdef WOLFSSL_SHA384
case SHA384:
return SHA384_DIGEST_SIZE;
#endif
#ifdef WOLFSSL_SHA512
case SHA512:
return SHA512_DIGEST_SIZE;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
return BLAKE2B_OUTBYTES;
#endif
default:
return BAD_FUNC_ARG;
}
}
static int InitHmac(Hmac* hmac, int type)
{
@@ -175,9 +211,10 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
word32 i, hmac_block_size = 0;
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == WOLFSSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumSetKey(hmac, type, key, length);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
return NitroxHmacSetKey(hmac, type, key, length);
}
#endif
ret = InitHmac(hmac, type);
@@ -391,9 +428,10 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
{
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == WOLFSSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumUpdate(hmac, msg, length);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
return NitroxHmacUpdate(hmac, msg, length);
}
#endif
if (!hmac->innerHashKeyed) {
@@ -459,9 +497,10 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
{
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == WOLFSSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumFinal(hmac, hash);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
return NitroxHmacFinal(hmac, hash);
}
#endif
if (!hmac->innerHashKeyed) {
@@ -606,129 +645,57 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
}
#ifdef HAVE_CAVIUM
#ifdef WOLFSSL_ASYNC_CRYPT
/* Initialize Hmac for use with Nitrox device */
int wc_HmacInitCavium(Hmac* hmac, int devId)
int wc_HmacAsyncInit(Hmac* hmac, int devId)
{
int ret = 0;
if (hmac == NULL)
return -1;
if (CspAllocContext(CONTEXT_SSL, &hmac->contextHandle, devId) != 0)
return -1;
ret = wolfAsync_DevCtxInit(&hmac->asyncDev, WOLFSSL_ASYNC_MARKER_HMAC, devId);
if (ret != 0) {
return ret;
}
#ifdef HAVE_CAVIUM
hmac->keyLen = 0;
hmac->dataLen = 0;
hmac->type = 0;
hmac->devId = devId;
hmac->magic = WOLFSSL_HMAC_CAVIUM_MAGIC;
hmac->data = NULL; /* buffered input data */
hmac->innerHashKeyed = 0;
#endif /* HAVE_CAVIUM */
/* default to NULL heap hint or test value */
#ifdef WOLFSSL_HEAP_TEST
hmac->heap = (void)WOLFSSL_HEAP_TEST;
#else
hmac->heap = NULL;
#endif
#endif /* WOLFSSL_HEAP_TEST */
return 0;
}
/* Free Hmac from use with Nitrox device */
void wc_HmacFreeCavium(Hmac* hmac)
void wc_HmacAsyncFree(Hmac* hmac)
{
if (hmac == NULL)
return;
CspFreeContext(CONTEXT_SSL, hmac->contextHandle, hmac->devId);
hmac->magic = 0;
XFREE(hmac->data, NULL, DYNAMIC_TYPE_CAVIUM_TMP);
wolfAsync_DevCtxFree(&hmac->asyncDev);
#ifdef HAVE_CAVIUM
XFREE(hmac->data, hmac->heap, DYNAMIC_TYPE_ASYNC_TMP);
hmac->data = NULL;
#endif
}
#endif /* WOLFSSL_ASYNC_CRYPT */
static int HmacCaviumFinal(Hmac* hmac, byte* hash)
{
word32 requestId;
if (CspHmac(CAVIUM_BLOCKING, hmac->type, NULL, hmac->keyLen,
(byte*)hmac->ipad, hmac->dataLen, hmac->data, hash, &requestId,
hmac->devId) != 0) {
WOLFSSL_MSG("Cavium Hmac failed");
return -1;
}
hmac->innerHashKeyed = 0; /* tell update to start over if used again */
return 0;
}
static int HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length)
{
word16 add = (word16)length;
word32 total;
byte* tmp;
if (length > WOLFSSL_MAX_16BIT) {
WOLFSSL_MSG("Too big msg for cavium hmac");
return -1;
}
if (hmac->innerHashKeyed == 0) { /* starting new */
hmac->dataLen = 0;
hmac->innerHashKeyed = 1;
}
total = add + hmac->dataLen;
if (total > WOLFSSL_MAX_16BIT) {
WOLFSSL_MSG("Too big msg for cavium hmac");
return -1;
}
tmp = XMALLOC(hmac->dataLen + add, hmac->heap ,DYNAMIC_TYPE_CAVIUM_TMP);
if (tmp == NULL) {
WOLFSSL_MSG("Out of memory for cavium update");
return -1;
}
if (hmac->dataLen)
XMEMCPY(tmp, hmac->data, hmac->dataLen);
XMEMCPY(tmp + hmac->dataLen, msg, add);
hmac->dataLen += add;
XFREE(hmac->data, hmac->heap, DYNAMIC_TYPE_CAVIUM_TMP);
hmac->data = tmp;
return 0;
}
static int HmacCaviumSetKey(Hmac* hmac, int type, const byte* key,
word32 length)
{
hmac->macType = (byte)type;
if (type == MD5)
hmac->type = MD5_TYPE;
else if (type == SHA)
hmac->type = SHA1_TYPE;
else if (type == SHA256)
hmac->type = SHA256_TYPE;
else {
WOLFSSL_MSG("unsupported cavium hmac type");
}
hmac->innerHashKeyed = 0; /* should we key Startup flag */
hmac->keyLen = (word16)length;
/* store key in ipad */
XMEMCPY(hmac->ipad, key, length);
return 0;
}
#endif /* HAVE_CAVIUM */
int wolfSSL_GetHmacMaxSize(void)
{
@@ -748,49 +715,6 @@ int wolfSSL_GetHmacMaxSize(void)
#endif /* WOLFSSL_HAVE_MIN */
static INLINE int GetHashSizeByType(int type)
{
if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384
|| type == SHA512 || type == BLAKE2B_ID))
return BAD_FUNC_ARG;
switch (type) {
#ifndef NO_MD5
case MD5:
return MD5_DIGEST_SIZE;
#endif
#ifndef NO_SHA
case SHA:
return SHA_DIGEST_SIZE;
#endif
#ifndef NO_SHA256
case SHA256:
return SHA256_DIGEST_SIZE;
#endif
#ifdef WOLFSSL_SHA384
case SHA384:
return SHA384_DIGEST_SIZE;
#endif
#ifdef WOLFSSL_SHA512
case SHA512:
return SHA512_DIGEST_SIZE;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
return BLAKE2B_OUTBYTES;
#endif
default:
return BAD_FUNC_ARG;
}
}
/* HMAC-KDF with hash type, optional salt and info, return 0 on success */
int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
const byte* salt, word32 saltSz,
@@ -806,7 +730,7 @@ int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
byte prk[MAX_DIGEST_SIZE];
#endif
const byte* localSalt; /* either points to user input or tmp */
int hashSz = GetHashSizeByType(type);
int hashSz = wc_HmacSizeByType(type);
word32 outIdx = 0;
byte n = 0x1;
int ret;
@@ -815,13 +739,13 @@ int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
return BAD_FUNC_ARG;
#ifdef WOLFSSL_SMALL_STACK
tmp = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmp = (byte*)XMALLOC(MAX_DIGEST_SIZE, hmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL)
return MEMORY_E;
prk = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
prk = (byte*)XMALLOC(MAX_DIGEST_SIZE, hmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (prk == NULL) {
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(tmp, hmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
@@ -873,8 +797,8 @@ int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(prk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(tmp, hmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(prk, hmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
wolfcrypt/src/include.am
+4
View File
@@ -46,4 +46,8 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
wolfcrypt/src/port/pic32/pic32mz-hash.c \
wolfcrypt/src/port/nrf51.c
if BUILD_CAVIUM
src_libwolfssl_la_SOURCES += wolfcrypt/src/port/cavium/cavium_nitrox.c
EXTRA_DIST += wolfcrypt/src/port/cavium/README.md
endif
wolfcrypt/src/port/cavium/README.md
+32
View File
@@ -0,0 +1,32 @@
# Cavium Nitrox V Support
## Directory Structure:
`/`
`/CNN55XX-SDK`
`/wolfssl`
## Cavium Driver
Tested again `CNN55XX-Driver-Linux-KVM-XEN-PF-SDK-0.2-04.tar`
From inside `CNN55XX-SDK`:
1. `make`
Note: To resolve warnings in `CNN55XX-SDK/include/vf_defs.h`:
a. Changed `vf_config_mode_str` to return `const char*` and modify `vf_mode_str` to be `const char*`.
b. In `vf_config_mode_to_num_vfs` above `default:` add `case PF:`.
2. `sudo make load`
## wolfSSL
Currently the AES and DES3 benchmark tests causes the kernel to crash, so they are disabled for now, even though the wolfCrypt tests pass for those.
From inside `wolfssl`:
1. `./configure --with-cavium-v=../CNN55XX-SDK --enable-asynccrypt --enable-aesni --enable-intelasm --disable-aes --disable-aesgcm --disable-des3`
2. `make`
## Usage
Note: Must run applications with sudo to access device.
`sudo ./wolfcrypt/benchmark/benchmark`
`sudo ./wolfcrypt/test/testwolfcrypt`
wolfcrypt/src/port/cavium/cavium_nitrox.c
+778
View File
@@ -0,0 +1,778 @@
/* cavium-nitrox.c
*
* Copyright (C) 2006-2016 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#ifdef HAVE_CAVIUM
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/internal.h>
#include <wolfssl/error-ssl.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifndef NO_RSA
#include <wolfssl/wolfcrypt/rsa.h>
#endif
#ifndef NO_AES
#include <wolfssl/wolfcrypt/aes.h>
#endif
#include <wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h>
#include <netinet/in.h> /* For ntohs */
static CspHandle mLastDevHandle = INVALID_DEVID;
int NitroxTranslateResponseCode(int ret)
{
switch (ret) {
case EAGAIN:
case ERR_REQ_PENDING:
ret = WC_PENDING_E;
break;
case ERR_REQ_TIMEOUT:
ret = WC_TIMEOUT_E;
break;
case 0:
/* leave as-is */
break;
default:
printf("NitroxTranslateResponseCode Unknown ret=%x\n", ret);
ret = ASYNC_INIT_E;
}
return ret;
}
CspHandle NitroxGetDeviceHandle(void)
{
return mLastDevHandle;
}
CspHandle NitroxOpenDevice(int dma_mode, int dev_id)
{
mLastDevHandle = INVALID_DEVID;
#ifdef HAVE_CAVIUM_V
(void)dma_mode;
if (CspInitialize(dev_id, &mLastDevHandle)) {
return -1;
}
#else
Csp1CoreAssignment core_assign;
Uint32 device;
if (CspInitialize(CAVIUM_DIRECT, CAVIUM_DEV_ID)) {
return -1;
}
if (Csp1GetDevType(&device)) {
return -1;
}
if (device != NPX_DEVICE) {
if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
(Uint32 *)&core_assign)!= 0) {
return -1;
}
}
CspShutdown(CAVIUM_DEV_ID);
mLastDevHandle = CspInitialize(dma_mode, dev_id);
if (mLastDevHandle == 0) {
mLastDevHandle = dev_id;
}
#endif /* HAVE_CAVIUM_V */
return mLastDevHandle;
}
int NitroxAllocContext(CaviumNitroxDev* nitrox, CspHandle devId,
ContextType type)
{
int ret;
if (nitrox == NULL) {
return -1;
}
/* If invalid handle provided, use last open one */
if (devId == INVALID_DEVID) {
devId = NitroxGetDeviceHandle();
}
#ifdef HAVE_CAVIUM_V
ret = CspAllocContext(devId, type, &nitrox->contextHandle);
#else
ret = CspAllocContext(type, &nitrox->contextHandle, devId);
#endif
if (ret != 0) {
return -1;
}
nitrox->type = type;
nitrox->devId = devId;
return 0;
}
void NitroxFreeContext(CaviumNitroxDev* nitrox)
{
if (nitrox == NULL) {
return;
}
#ifdef HAVE_CAVIUM_V
CspFreeContext(nitrox->devId, nitrox->type, nitrox->contextHandle);
#else
CspFreeContext(nitrox->type, nitrox->contextHandle, nitrox->devId);
#endif
}
void NitroxCloseDevice(CspHandle devId)
{
if (devId >= 0) {
CspShutdown(devId);
}
}
#if defined(WOLFSSL_ASYNC_CRYPT)
int NitroxCheckRequest(CspHandle devId, CavReqId reqId)
{
int ret = CspCheckForCompletion(devId, reqId);
return NitroxTranslateResponseCode(ret);
}
int NitroxCheckRequests(CspHandle devId, CspMultiRequestStatusBuffer* req_stat_buf)
{
int ret = CspGetAllResults(req_stat_buf, devId);
return NitroxTranslateResponseCode(ret);
}
#ifndef NO_RSA
int NitroxRsaExptMod(const byte* in, word32 inLen,
byte* exponent, word32 expLen,
byte* modulus, word32 modLen,
byte* out, word32* outLen, RsaKey* key)
{
int ret;
if (key == NULL || in == NULL || inLen == 0 || exponent == NULL ||
modulus == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
(void)outLen;
#ifdef HAVE_CAVIUM_V
ret = CspMe(key->asyncDev.dev.devId, CAVIUM_REQ_MODE, CAVIUM_SSL_GRP,
CAVIUM_DPORT, modLen, expLen, inLen,
modulus, exponent, (Uint8*)in, out,
&key->asyncDev.dev.reqId);
#if 0
/* TODO: Try MeCRT */
ret = CspMeCRT();
#endif
#else
/* Not implemented/supported */
ret = NOT_COMPILED_IN;
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
return ret;
}
int NitroxRsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
word32 ret;
if (key == NULL || in == NULL || out == NULL || outLen < (word32)key->n.used) {
return BAD_FUNC_ARG;
}
#ifdef HAVE_CAVIUM_V
ret = CspPkcs1v15Enc(key->asyncDev.dev.devId, CAVIUM_REQ_MODE, CAVIUM_SSL_GRP, CAVIUM_DPORT,
BT2, key->n.used, key->e.used,
(word16)inLen, key->n.dpraw, key->e.dpraw, (byte*)in, out,
&key->asyncDev.dev.reqId);
#else
ret = CspPkcs1v15Enc(CAVIUM_REQ_MODE, BT2, key->n.used, key->e.used,
(word16)inLen, key->n.dpraw, key->e.dpraw, (byte*)in, out,
&key->asyncDev.dev.reqId, key->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
return key->n.used;
}
static INLINE void ato16(const byte* c, word16* u16)
{
*u16 = (c[0] << 8) | (c[1]);
}
int NitroxRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
word32 ret;
word16 outSz = (word16)outLen;
if (key == NULL || in == NULL || out == NULL ||
inLen != (word32)key->n.used) {
return BAD_FUNC_ARG;
}
#ifdef HAVE_CAVIUM_V
ret = CspPkcs1v15CrtDec(key->asyncDev.dev.devId, CAVIUM_REQ_MODE, CAVIUM_SSL_GRP, CAVIUM_DPORT,
BT2, key->n.used, key->q.dpraw,
key->dQ.dpraw, key->p.dpraw, key->dP.dpraw, key->u.dpraw,
(byte*)in, &outSz, out, &key->asyncDev.dev.reqId);
#else
ret = CspPkcs1v15CrtDec(CAVIUM_REQ_MODE, BT2, key->n.used, key->q.dpraw,
key->dQ.dpraw, key->p.dpraw, key->dP.dpraw, key->u.dpraw,
(byte*)in, &outSz, out, &key->asyncDev.dev.reqId,
key->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
ato16((const byte*)&outSz, &outSz);
return outSz;
}
int NitroxRsaSSL_Sign(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
word32 ret;
if (key == NULL || in == NULL || out == NULL || inLen == 0 || outLen <
(word32)key->n.used) {
return BAD_FUNC_ARG;
}
#ifdef HAVE_CAVIUM_V
ret = CspPkcs1v15CrtEnc(key->asyncDev.dev.devId, CAVIUM_REQ_MODE, CAVIUM_SSL_GRP, CAVIUM_DPORT,
BT1, key->n.used, (word16)inLen,
key->q.dpraw, key->dQ.dpraw, key->p.dpraw, key->dP.dpraw, key->u.dpraw,
(byte*)in, out, &key->asyncDev.dev.reqId);
#else
ret = CspPkcs1v15CrtEnc(CAVIUM_REQ_MODE, BT1, key->n.used, (word16)inLen,
key->q.dpraw, key->dQ.dpraw, key->p.dpraw, key->dP.dpraw, key->u.dpraw,
(byte*)in, out, &key->asyncDev.dev.reqId, key->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
return key->n.used;
}
int NitroxRsaSSL_Verify(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
word32 ret;
word16 outSz = (word16)outLen;
if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->n.used) {
return BAD_FUNC_ARG;
}
#ifdef HAVE_CAVIUM_V
ret = CspPkcs1v15Dec(key->asyncDev.dev.devId, CAVIUM_REQ_MODE, CAVIUM_SSL_GRP, CAVIUM_DPORT,
BT1, key->n.used, key->e.used,
key->n.dpraw, key->e.dpraw, (byte*)in, &outSz, out,
&key->asyncDev.dev.reqId);
#else
ret = CspPkcs1v15Dec(CAVIUM_REQ_MODE, BT1, key->n.used, key->e.used,
key->n.dpraw, key->e.dpraw, (byte*)in, &outSz, out,
&key->asyncDev.dev.reqId, key->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
outSz = ntohs(outSz);
return outSz;
}
#endif /* !NO_RSA */
#ifndef NO_AES
int NitroxAesSetKey(Aes* aes, const byte* key, word32 length, const byte* iv)
{
if (aes == NULL)
return BAD_FUNC_ARG;
XMEMCPY(aes->key, key, length); /* key still holds key, iv still in reg */
if (length == 16)
aes->type = AES_128_BIT;
else if (length == 24)
aes->type = AES_192_BIT;
else if (length == 32)
aes->type = AES_256_BIT;
return wc_AesSetIV(aes, iv);
}
#ifdef HAVE_AES_CBC
int NitroxAesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 length)
{
int ret;
wolfssl_word offset = 0;
while (length > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
#ifdef HAVE_CAVIUM_V
ret = CspEncryptAes(aes->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, aes->asyncDev.dev.contextHandle,
FROM_DPTR, FROM_CTX, AES_CBC, aes->type, (byte*)aes->key,
(byte*)aes->reg, 0, NULL, slen, (byte*)in + offset,
out + offset, &aes->asyncDev.dev.reqId);
#else
ret = CspEncryptAes(CAVIUM_BLOCKING, aes->asyncDev.dev.contextHandle, CAVIUM_NO_UPDATE,
aes->type, slen, (byte*)in + offset, out + offset,
(byte*)aes->reg, (byte*)aes->key, &aes->asyncDev.dev.reqId,
aes->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
length -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
XMEMCPY(aes->reg, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
#ifdef HAVE_CAVIUM_V
ret = CspEncryptAes(aes->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, aes->asyncDev.dev.contextHandle,
FROM_DPTR, FROM_CTX, AES_CBC, aes->type, (byte*)aes->key,
(byte*)aes->reg, 0, NULL, slen, (byte*)in + offset,
out + offset, &aes->asyncDev.dev.reqId);
#else
ret = CspEncryptAes(CAVIUM_BLOCKING, aes->asyncDev.dev.contextHandle, CAVIUM_NO_UPDATE,
aes->type, slen, (byte*)in + offset, out + offset,
(byte*)aes->reg, (byte*)aes->key, &aes->asyncDev.dev.reqId,
aes->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
XMEMCPY(aes->reg, out + offset+length - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
}
return 0;
}
#ifdef HAVE_AES_DECRYPT
int NitroxAesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 length)
{
wolfssl_word offset = 0;
int ret;
while (length > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
XMEMCPY(aes->tmp, in + offset + slen - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
#ifdef HAVE_CAVIUM_V
ret = CspDecryptAes(aes->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, aes->asyncDev.dev.contextHandle,
FROM_DPTR, FROM_CTX, AES_CBC, aes->type, (byte*)aes->key, (byte*)aes->reg,
0, NULL, slen, (byte*)in + offset, out + offset, &aes->asyncDev.dev.reqId);
#else
ret = CspDecryptAes(CAVIUM_BLOCKING, aes->asyncDev.dev.contextHandle, CAVIUM_NO_UPDATE,
aes->type, slen, (byte*)in + offset, out + offset,
(byte*)aes->reg, (byte*)aes->key, &aes->asyncDev.dev.reqId,
aes->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
length -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
XMEMCPY(aes->tmp, in + offset + slen - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
#ifdef HAVE_CAVIUM_V
ret = CspDecryptAes(aes->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, aes->asyncDev.dev.contextHandle,
FROM_DPTR, FROM_CTX, AES_CBC, aes->type, (byte*)aes->key, (byte*)aes->reg,
0, NULL, slen, (byte*)in + offset, out + offset, &aes->asyncDev.dev.reqId);
#else
ret = CspDecryptAes(CAVIUM_BLOCKING, aes->asyncDev.dev.contextHandle, CAVIUM_NO_UPDATE,
aes->type, slen, (byte*)in + offset, out + offset,
(byte*)aes->reg, (byte*)aes->key, &aes->asyncDev.dev.reqId,
aes->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
}
return 0;
}
#endif /* HAVE_AES_DECRYPT */
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES */
#if !defined(NO_ARC4) && !defined(HAVE_CAVIUM_V)
void NitroxArc4SetKey(Arc4* arc4, const byte* key, word32 length)
{
if (CspInitializeRc4(CAVIUM_BLOCKING, arc4->asyncDev.dev.contextHandle, length,
(byte*)key, &arc4->asyncDev.dev.reqId, arc4->devId) != 0) {
WOLFSSL_MSG("Bad Cavium Arc4 Init");
}
}
void NitroxArc4Process(Arc4* arc4, byte* out, const byte* in, word32 length)
{
int ret;
wolfssl_word offset = 0;
while (length > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
ret = CspEncryptRc4(CAVIUM_BLOCKING, arc4->asyncDev.dev.contextHandle,
CAVIUM_UPDATE, slen, (byte*)in + offset, out + offset,
&arc4->asyncDev.dev.reqId, arc4->devId);
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
length -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
}
if (length) {
word16 slen = (word16)length;
ret = CspEncryptRc4(CAVIUM_BLOCKING, arc4->asyncDev.dev.contextHandle,
CAVIUM_UPDATE, slen, (byte*)in + offset, out + offset,
&arc4->asyncDev.dev.reqId, arc4->devId);
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
}
}
#endif /* !NO_ARC4 && !HAVE_CAVIUM_V */
#ifndef NO_DES3
int NitroxDes3SetKey(Des3* des3, const byte* key, const byte* iv)
{
if (des3 == NULL)
return BAD_FUNC_ARG;
/* key[0] holds key, iv in reg */
XMEMCPY(des3->key[0], key, DES_BLOCK_SIZE*3);
return wc_Des3_SetIV(des3, iv);
}
int NitroxDes3CbcEncrypt(Des3* des3, byte* out, const byte* in, word32 length)
{
wolfssl_word offset = 0;
int ret;
while (length > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
#ifdef HAVE_CAVIUM_V
ret = CspEncrypt3Des(des3->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, des3->asyncDev.dev.contextHandle,
FROM_DPTR, FROM_CTX, DES3_CBC, (byte*)des3->key[0],
(byte*)des3->reg, slen, (byte*)in + offset,
out + offset, &des3->asyncDev.dev.reqId);
#else
ret = CspEncrypt3Des(CAVIUM_BLOCKING, des3->asyncDev.dev.contextHandle,
CAVIUM_NO_UPDATE, slen, (byte*)in + offset,
out + offset, (byte*)des3->reg, (byte*)des3->key[0],
&des3->asyncDev.dev.reqId, des3->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
length -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
XMEMCPY(des3->reg, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
#ifdef HAVE_CAVIUM_V
ret = CspEncrypt3Des(des3->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, des3->asyncDev.dev.contextHandle,
FROM_DPTR, FROM_CTX, DES3_CBC, (byte*)des3->key[0], (byte*)des3->reg,
slen, (byte*)in + offset, out + offset,
&des3->asyncDev.dev.reqId);
#else
ret = CspEncrypt3Des(CAVIUM_BLOCKING, des3->asyncDev.dev.contextHandle,
CAVIUM_NO_UPDATE, slen, (byte*)in + offset,
out + offset, (byte*)des3->reg, (byte*)des3->key[0],
&des3->asyncDev.dev.reqId, des3->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
XMEMCPY(des3->reg, out+offset+length - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
}
return 0;
}
int NitroxDes3CbcDecrypt(Des3* des3, byte* out, const byte* in, word32 length)
{
wolfssl_word offset = 0;
int ret;
while (length > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
#ifdef HAVE_CAVIUM_V
ret = CspDecrypt3Des(des3->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, des3->asyncDev.dev.contextHandle,
FROM_DPTR, FROM_CTX, DES3_CBC, (byte*)des3->key[0], (byte*)des3->reg,
slen, (byte*)in + offset, out + offset,
&des3->asyncDev.dev.reqId);
#else
ret = CspDecrypt3Des(CAVIUM_BLOCKING, des3->asyncDev.dev.contextHandle,
CAVIUM_NO_UPDATE, slen, (byte*)in + offset, out + offset,
(byte*)des3->reg, (byte*)des3->key[0], &des3->asyncDev.dev.reqId,
des3->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
length -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE,DES_BLOCK_SIZE);
#ifdef HAVE_CAVIUM_V
ret = CspDecrypt3Des(des3->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, des3->asyncDev.dev.contextHandle,
FROM_DPTR, FROM_CTX, DES3_CBC, (byte*)des3->key[0], (byte*)des3->reg,
slen, (byte*)in + offset, out + offset,
&des3->asyncDev.dev.reqId);
#else
ret = CspDecrypt3Des(CAVIUM_BLOCKING, des3->asyncDev.dev.contextHandle,
CAVIUM_NO_UPDATE, slen, (byte*)in + offset, out + offset,
(byte*)des3->reg, (byte*)des3->key[0], &des3->asyncDev.dev.reqId,
des3->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE);
}
return 0;
}
#endif /* !NO_DES3 */
#ifndef NO_HMAC
int NitroxHmacFinal(Hmac* hmac, byte* hash)
{
int ret = -1;
#ifdef HAVE_CAVIUM_V
word16 hashLen = wc_HmacSizeByType(hmac->macType);
ret = CspHmac(hmac->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, hmac->type, hmac->keyLen,
(byte*)hmac->ipad, hmac->dataLen, hmac->data, hashLen,
hash, &hmac->asyncDev.dev.reqId);
#else
ret = CspHmac(CAVIUM_BLOCKING, hmac->type, NULL, hmac->keyLen,
(byte*)hmac->ipad, hmac->dataLen, hmac->data, hash,
&hmac->asyncDev.dev.reqId, hmac->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
hmac->innerHashKeyed = 0; /* tell update to start over if used again */
return 0;
}
int NitroxHmacUpdate(Hmac* hmac, const byte* msg, word32 length)
{
word16 add = (word16)length;
word32 total;
byte* tmp;
if (length > WOLFSSL_MAX_16BIT) {
WOLFSSL_MSG("Too big msg for cavium hmac");
return -1;
}
if (hmac->innerHashKeyed == 0) { /* starting new */
hmac->dataLen = 0;
hmac->innerHashKeyed = 1;
}
total = add + hmac->dataLen;
if (total > WOLFSSL_MAX_16BIT) {
WOLFSSL_MSG("Too big msg for cavium hmac");
return -1;
}
tmp = XMALLOC(hmac->dataLen + add, NULL, DYNAMIC_TYPE_ASYNC_TMP);
if (tmp == NULL) {
WOLFSSL_MSG("Out of memory for cavium update");
return -1;
}
if (hmac->dataLen)
XMEMCPY(tmp, hmac->data, hmac->dataLen);
XMEMCPY(tmp + hmac->dataLen, msg, add);
hmac->dataLen += add;
XFREE(hmac->data, NULL, DYNAMIC_TYPE_ASYNC_TMP);
hmac->data = tmp;
return 0;
}
int NitroxHmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
{
hmac->macType = (byte)type;
/* Determine Cavium HashType */
switch(type) {
#ifndef NO_MD5
case MD5:
hmac->type = MD5_TYPE;
break;
#endif
#ifndef NO_SHA
case SHA:
hmac->type = SHA1_TYPE;
break;
#endif
#ifndef NO_SHA256
case SHA256:
#ifdef HAVE_CAVIUM_V
hmac->type = SHA2_SHA256;
#else
hmac->type = SHA256_TYPE;
#endif
break;
#endif
#ifdef HAVE_CAVIUM_V
#ifndef WOLFSSL_SHA512
case SHA512:
hmac->type = SHA2_SHA512;
break;
#endif
#ifndef WOLFSSL_SHA384
case SHA384:
hmac->type = SHA2_SHA384;
break;
#endif
#endif /* HAVE_CAVIUM_V */
default:
WOLFSSL_MSG("unsupported cavium hmac type");
break;
}
hmac->innerHashKeyed = 0; /* should we key Startup flag */
hmac->keyLen = (word16)length;
/* store key in ipad */
XMEMCPY(hmac->ipad, key, length);
return 0;
}
#endif /* !NO_HMAC */
#if !defined(HAVE_HASHDRBG) && !defined(NO_RC4)
void NitroxRngGenerateBlock(WC_RNG* rng, byte* output, word32 sz)
{
wolfssl_word offset = 0;
word32 requestId;
while (sz > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
#ifdef HAVE_CAVIUM_V
ret = CspTrueRandom(rng->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, slen, output + offset, &requestId);
#else
ret = CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId,
rng->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
sz -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
}
if (sz) {
word16 slen = (word16)sz;
#ifdef HAVE_CAVIUM_V
ret = CspTrueRandom(rng->asyncDev.dev.devId, CAVIUM_BLOCKING, DMA_DIRECT_DIRECT,
CAVIUM_SSL_GRP, CAVIUM_DPORT, slen, output + offset, &requestId);
#else
ret = CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId,
rng->asyncDev.dev.devId);
#endif
ret = NitroxTranslateResponseCode(ret);
if (ret != 0) {
return ret;
}
}
}
#endif /* !defined(HAVE_HASHDRBG) && !defined(NO_RC4) */
#endif /* WOLFSSL_ASYNC_CRYPT */
#endif /* HAVE_CAVIUM */
wolfcrypt/src/random.c
+15 -63
View File
@@ -47,14 +47,6 @@ int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz)
return GenerateSeed(os, seed, sz);
}
#ifdef HAVE_CAVIUM
int wc_InitRngCavium(WC_RNG* rng, int i)
{
return InitRngCavium(rng, i);
}
#endif
int wc_InitRng(WC_RNG* rng)
{
return InitRng_fips(rng);
@@ -178,6 +170,7 @@ int wc_FreeRng(WC_RNG* rng)
#define IS_INTEL_RDSEED (cpuid_flags&CPUID_RDSEED)
#endif
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
/* Start NIST DRBG code */
@@ -811,12 +804,13 @@ int wc_InitRng(WC_RNG* rng)
#endif
#ifdef HAVE_INTEL_RDGEN
wc_InitRng_IntelRD() ;
if(IS_INTEL_RDRAND)return 0 ;
wc_InitRng_IntelRD();
if(IS_INTEL_RDRAND) return 0;
#endif
#ifdef HAVE_CAVIUM
if (rng->magic == WOLFSSL_RNG_CAVIUM_MAGIC)
return 0;
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
ret = wolfAsync_DevCtxInit(&rng->asyncDev, WOLFSSL_ASYNC_MARKER_RNG, INVALID_DEVID);
if (ret != 0) return -2007;
#endif
#ifdef WOLFSSL_SMALL_STACK
@@ -847,10 +841,6 @@ int wc_InitRng(WC_RNG* rng)
return ret;
}
#ifdef HAVE_CAVIUM
static void CaviumRNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz);
#endif
/* place a generated block in output */
int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
{
@@ -858,9 +848,10 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
if(IS_INTEL_RDRAND)
return wc_GenerateRand_IntelRD(NULL, output, sz) ;
#endif
#ifdef HAVE_CAVIUM
if (rng->magic == WOLFSSL_RNG_CAVIUM_MAGIC)
return CaviumRNG_GenerateBlock(rng, output, sz);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_RNG) {
return NitroxRngGenerateBlock(rng, output, sz);
}
#endif
XMEMSET(output, 0, sz);
wc_Arc4Process(&rng->cipher, output, output, sz);
@@ -878,53 +869,14 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
int wc_FreeRng(WC_RNG* rng)
{
(void)rng;
return 0;
}
#ifdef HAVE_CAVIUM
#include <wolfssl/ctaocrypt/logging.h>
#include "cavium_common.h"
/* Initialize RNG for use with Nitrox device */
int wc_InitRngCavium(WC_RNG* rng, int devId)
{
if (rng == NULL)
return -1;
rng->devId = devId;
rng->magic = WOLFSSL_RNG_CAVIUM_MAGIC;
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM)
wolfAsync_DevCtxFree(&rng->asyncDev);
#endif
return 0;
}
static void CaviumRNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
{
wolfssl_word offset = 0;
word32 requestId;
while (sz > WOLFSSL_MAX_16BIT) {
word16 slen = (word16)WOLFSSL_MAX_16BIT;
if (CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId,
rng->devId) != 0) {
WOLFSSL_MSG("Cavium RNG failed");
}
sz -= WOLFSSL_MAX_16BIT;
offset += WOLFSSL_MAX_16BIT;
}
if (sz) {
word16 slen = (word16)sz;
if (CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId,
rng->devId) != 0) {
WOLFSSL_MSG("Cavium RNG failed");
}
}
}
#endif /* HAVE_CAVIUM */
#endif /* HAVE_HASHDRBG || NO_RC4 */
@@ -1127,7 +1079,7 @@ static int wc_GenerateSeed_IntelRD(OS_Seed* os, byte* output, word32 sz)
return 0;
}
#else
#else /* HAVE_HASHDRBG || NO_RC4 */
/* return 0 on success */
static INLINE int IntelRDrand32(unsigned int *rnd)
wolfcrypt/src/rsa.c
+633 -576
View File
File diff suppressed because it is too large Load Diff
wolfcrypt/src/wolfevent.c
+274
View File
@@ -0,0 +1,274 @@
/* wolfevent.c
*
* Copyright (C) 2006-2016 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#ifdef HAVE_WOLF_EVENT
#include <wolfssl/internal.h>
#include <wolfssl/error-ssl.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/wolfevent.h>
int wolfEvent_Init(WOLF_EVENT* event, WOLF_EVENT_TYPE type, void* context)
{
if (event == NULL) {
return BAD_FUNC_ARG;
}
if (event->pending) {
WOLFSSL_MSG("event already pending!");
return BAD_COND_E;
}
XMEMSET(event, 0, sizeof(WOLF_EVENT));
event->type = type;
event->context = context;
return 0;
}
int wolfEvent_Poll(WOLF_EVENT* event, WOLF_EVENT_FLAG flags)
{
int ret = BAD_COND_E;
/* Check hardware */
#ifdef WOLFSSL_ASYNC_CRYPT
if (event->type >= WOLF_EVENT_TYPE_ASYNC_FIRST &&
event->type <= WOLF_EVENT_TYPE_ASYNC_LAST)
{
ret = wolfAsync_EventPoll(event, flags);
}
#endif /* WOLFSSL_ASYNC_CRYPT */
return ret;
}
int wolfEventQueue_Init(WOLF_EVENT_QUEUE* queue)
{
int ret = 0;
if (queue == NULL) {
return BAD_FUNC_ARG;
}
XMEMSET(queue, 0, sizeof(WOLF_EVENT_QUEUE));
#ifndef SINGLE_THREADED
ret = InitMutex(&queue->lock);
#endif
return ret;
}
int wolfEventQueue_Push(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event)
{
int ret;
if (queue == NULL || event == NULL) {
return BAD_FUNC_ARG;
}
#ifndef SINGLE_THREADED
if ((ret = LockMutex(&queue->lock)) != 0) {
return ret;
}
#endif
/* Setup event */
event->next = NULL;
event->pending = 1;
if (queue->tail == NULL) {
queue->head = event;
}
else {
queue->tail->next = event;
event->prev = queue->tail;
}
queue->tail = event; /* add to the end either way */
queue->count++;
ret = 0;
#ifndef SINGLE_THREADED
UnLockMutex(&queue->lock);
#endif
return ret;
}
int wolfEventQueue_Pop(WOLF_EVENT_QUEUE* queue, WOLF_EVENT** event)
{
int ret = 0;
if (queue == NULL || event == NULL) {
return BAD_FUNC_ARG;
}
#ifndef SINGLE_THREADED
/* In single threaded mode "event_queue.lock" doesn't exist */
if ((ret = LockMutex(&queue->lock)) != 0) {
return ret;
}
#endif
/* Pop first item off queue */
*event = queue->head;
ret = wolfEventQueue_Remove(queue, *event);
#ifndef SINGLE_THREADED
UnLockMutex(&queue->lock);
#endif
return ret;
}
/* assumes queue is locked by caller */
int wolfEventQueue_Remove(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event)
{
int ret = 0;
if (queue == NULL || event == NULL) {
return BAD_FUNC_ARG;
}
if (event == queue->head && event == queue->tail) {
queue->head = NULL;
queue->tail = NULL;
}
else if (event == queue->head) {
queue->head = event->next;
queue->head->prev = NULL;
}
else if (event == queue->tail) {
queue->tail = event->prev;
queue->tail->next = NULL;
}
else {
WOLF_EVENT* next = event->next;
WOLF_EVENT* prev = event->prev;
next->prev = prev;
prev->next = next;
}
queue->count--;
return ret;
}
int wolfEventQueue_Poll(WOLF_EVENT_QUEUE* queue, void* context_filter,
WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG flags, int* eventCount)
{
WOLF_EVENT* event;
int ret = 0, count = 0;
if (queue == NULL) {
return BAD_FUNC_ARG;
}
#ifndef SINGLE_THREADED
/* In single threaded mode "event_queue.lock" doesn't exist */
if ((ret = LockMutex(&queue->lock)) != 0) {
return ret;
}
#endif
/* itterate event queue */
for (event = queue->head; event != NULL; event = event->next)
{
/* optional filter based on context */
if (context_filter == NULL || event->context == context_filter) {
/* poll event */
ret = wolfEvent_Poll(event, flags);
if (ret < 0) break; /* exit for */
/* If event is done then process */
if (event->done) {
/* remove from queue */
ret = wolfEventQueue_Remove(queue, event);
if (ret < 0) break; /* exit for */
/* return pointer in 'events' arg */
if (events) {
events[count] = event; /* return pointer */
}
count++;
/* check to make sure our event list isn't full */
if (events && count >= maxEvents) {
break; /* exit for */
}
}
}
}
#ifndef SINGLE_THREADED
UnLockMutex(&queue->lock);
#endif
/* return number of properly populated events */
if (eventCount) {
*eventCount = count;
}
return ret;
}
int wolfEventQueue_Count(WOLF_EVENT_QUEUE* queue)
{
int ret;
if (queue == NULL) {
return BAD_FUNC_ARG;
}
#ifndef SINGLE_THREADED
/* In single threaded mode "event_queue.lock" doesn't exist */
if ((ret = LockMutex(&queue->lock)) != 0) {
return ret;
}
#endif
ret = queue->count;
#ifndef SINGLE_THREADED
UnLockMutex(&queue->lock);
#endif
return ret;
}
void wolfEventQueue_Free(WOLF_EVENT_QUEUE* queue)
{
if (queue) {
#ifndef SINGLE_THREADED
FreeMutex(&queue->lock);
#endif
}
}
#endif /* HAVE_WOLF_EVENT */
wolfcrypt/test/test.c
+266 -113
View File
@@ -107,6 +107,9 @@
#ifdef HAVE_FIPS
#include <wolfssl/wolfcrypt/fips_test.h>
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
#ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
@@ -133,11 +136,6 @@
#ifdef HAVE_NTRU
#include "libntruencrypt/ntru_crypto.h"
#endif
#ifdef HAVE_CAVIUM
#include "cavium_sysdep.h"
#include "cavium_common.h"
#include "cavium_ioctl.h"
#endif
#if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
#include <mqx.h>
@@ -165,6 +163,9 @@
#include "wolfssl/wolfcrypt/mem_track.h"
#endif
/* for async devices */
static int devId = INVALID_DEVID;
#ifdef HAVE_WNR
const char* wnrConfigFile = "wnr-example.conf";
#endif
@@ -251,6 +252,10 @@ int idea_test(void);
int memory_test(void);
#endif
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND) && !defined(OPENSSL_EXTRA)
int wolfSSL_Debugging_ON(void);
#endif
/* General big buffer size for many tests. */
#define FOURK_BUF 4096
@@ -295,10 +300,18 @@ int wolfcrypt_test(void* args)
((func_args*)args)->return_code = -1; /* error state */
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
wolfSSL_Debugging_ON();
#endif
#if defined(USE_WOLFSSL_MEMORY) && defined(WOLFSSL_TRACK_MEMORY)
InitMemoryTracker();
#endif
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
wolfSSL_Debugging_ON();
#endif
wolfCrypt_Init();
#ifdef HAVE_FIPS
@@ -316,6 +329,16 @@ int wolfcrypt_test(void* args)
#endif /* USE_FAST_MATH */
#endif /* !NO_BIG_INT */
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevOpen(&devId);
if (ret != 0) {
err_sys("Async device open failed", -1236);
return -1236;
}
#else
(void)devId;
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifndef NO_MD5
if ( (ret = md5_test()) != 0)
return err_sys("MD5 test failed!\n", ret);
@@ -661,45 +684,12 @@ int wolfcrypt_test(void* args)
#ifndef NO_MAIN_DRIVER
#ifdef HAVE_CAVIUM
static int OpenNitroxDevice(int dma_mode,int dev_id)
{
Csp1CoreAssignment core_assign;
Uint32 device;
if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
return -1;
if (Csp1GetDevType(&device))
return -1;
if (device != NPX_DEVICE) {
if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
(Uint32 *)&core_assign)!= 0)
return -1;
}
CspShutdown(CAVIUM_DEV_ID);
return CspInitialize(dma_mode, dev_id);
}
#endif /* HAVE_CAVIUM */
/* so overall tests can pull in test function */
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0) {
err_sys("Cavium OpenNitroxDevice failed", -1236);
return -1236;
}
#endif /* HAVE_CAVIUM */
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfigFile, NULL, 5000) != 0) {
err_sys("Whitewood netRandom global config failed", -1237);
@@ -712,10 +702,6 @@ static int OpenNitroxDevice(int dma_mode,int dev_id)
wolfcrypt_test(&args);
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context", -1238);
@@ -1337,14 +1323,18 @@ int hmac_md5_test(void)
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM)
if (i == 1)
#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM)
if (i == 1) {
continue; /* cavium can't handle short keys, fips not allowed */
#endif
#ifdef HAVE_CAVIUM
if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
}
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
if (wc_HmacAsyncInit(&hmac, devId) != 0) {
return -20009;
#endif
}
#endif
ret = wc_HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)XSTRLEN(keys[i]));
if (ret != 0)
return -4015;
@@ -1358,9 +1348,10 @@ int hmac_md5_test(void)
if (XMEMCMP(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
return -20 - i;
#ifdef HAVE_CAVIUM
wc_HmacFreeCavium(&hmac);
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
wc_HmacAsyncFree(&hmac);
#endif
}
return 0;
@@ -1418,8 +1409,8 @@ int hmac_sha_test(void)
if (i == 1)
continue; /* cavium can't handle short keys, fips not allowed */
#endif
#ifdef HAVE_CAVIUM
if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
#ifdef WOLFSSL_ASYNC_CRYPT
if (wc_HmacAsyncInit(&hmac, devId) != 0)
return -20010;
#endif
ret = wc_HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)XSTRLEN(keys[i]));
@@ -1435,8 +1426,8 @@ int hmac_sha_test(void)
if (XMEMCMP(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
return -20 - i;
#ifdef HAVE_CAVIUM
wc_HmacFreeCavium(&hmac);
#ifdef WOLFSSL_ASYNC_CRYPT
wc_HmacAsyncFree(&hmac);
#endif
}
@@ -1499,8 +1490,8 @@ int hmac_sha256_test(void)
if (i == 1)
continue; /* cavium can't handle short keys, fips not allowed */
#endif
#ifdef HAVE_CAVIUM
if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
#ifdef WOLFSSL_ASYNC_CRYPT
if (wc_HmacAsyncInit(&hmac, devId) != 0)
return -20011;
#endif
ret = wc_HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)XSTRLEN(keys[i]));
@@ -1516,8 +1507,8 @@ int hmac_sha256_test(void)
if (XMEMCMP(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
return -20 - i;
#ifdef HAVE_CAVIUM
wc_HmacFreeCavium(&hmac);
#ifdef WOLFSSL_ASYNC_CRYPT
wc_HmacAsyncFree(&hmac);
#endif
}
@@ -1580,8 +1571,12 @@ int hmac_blake2b_test(void)
if (i == 1)
continue; /* cavium can't handle short keys, fips not allowed */
#endif
#ifdef HAVE_CAVIUM
if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
#ifdef WOLFSSL_ASYNC_CRYPT
#ifdef HAVE_CAVIUM_V
/* Blake2 not supported on Cavium V, but SHA3 is */
return 0;
#endif
if (wc_HmacAsyncInit(&hmac, devId) != 0)
return -20011;
#endif
ret = wc_HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i],
@@ -1598,8 +1593,8 @@ int hmac_blake2b_test(void)
if (XMEMCMP(hash, test_hmac[i].output, BLAKE2B_256) != 0)
return -20 - i;
#ifdef HAVE_CAVIUM
wc_HmacFreeCavium(&hmac);
#ifdef WOLFSSL_ASYNC_CRYPT
wc_HmacAsyncFree(&hmac);
#endif
}
@@ -1816,12 +1811,12 @@ int arc4_test(void)
if (i == 3)
keylen = 4;
#ifdef HAVE_CAVIUM
if (wc_Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0)
#ifdef WOLFSSL_ASYNC_CRYPT
if (wc_Arc4AsyncInit(&enc, devId) != 0)
return -20001;
if (wc_Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0)
if (wc_Arc4AsyncInit(&dec, devId) != 0)
return -20002;
#endif
#endif
wc_Arc4SetKey(&enc, (byte*)keys[i], keylen);
wc_Arc4SetKey(&dec, (byte*)keys[i], keylen);
@@ -1836,10 +1831,10 @@ int arc4_test(void)
if (XMEMCMP(cipher, test_arc4[i].output, test_arc4[i].outLen))
return -20 - 5 - i;
#ifdef HAVE_CAVIUM
wc_Arc4FreeCavium(&enc);
wc_Arc4FreeCavium(&dec);
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
wc_Arc4AsyncFree(&enc);
wc_Arc4AsyncFree(&dec);
#endif
}
return 0;
@@ -2596,18 +2591,24 @@ int des_test(void)
if (ret != 0)
return -31;
wc_Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
ret = wc_Des_SetKey(&dec, key, iv, DES_DECRYPTION);
ret = wc_Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
if (ret != 0)
return -32;
wc_Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
if (XMEMCMP(plain, vector, sizeof(plain)))
ret = wc_Des_SetKey(&dec, key, iv, DES_DECRYPTION);
if (ret != 0)
return -33;
if (XMEMCMP(cipher, verify, sizeof(cipher)))
ret = wc_Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
if (ret != 0)
return -34;
if (XMEMCMP(plain, vector, sizeof(plain)))
return -35;
if (XMEMCMP(cipher, verify, sizeof(cipher)))
return -36;
return 0;
}
#endif /* NO_DES3 */
@@ -2652,10 +2653,10 @@ int des3_test(void)
int ret;
#ifdef HAVE_CAVIUM
if (wc_Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0)
#ifdef WOLFSSL_ASYNC_CRYPT
if (wc_Des3AsyncInit(&enc, devId) != 0)
return -20005;
if (wc_Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0)
if (wc_Des3AsyncInit(&dec, devId) != 0)
return -20006;
#endif
ret = wc_Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION);
@@ -2677,9 +2678,9 @@ int des3_test(void)
if (XMEMCMP(cipher, verify3, sizeof(cipher)))
return -36;
#ifdef HAVE_CAVIUM
wc_Des3_FreeCavium(&enc);
wc_Des3_FreeCavium(&dec);
#ifdef WOLFSSL_ASYNC_CRYPT
wc_Des3AsyncFree(&enc);
wc_Des3AsyncFree(&dec);
#endif
return 0;
}
@@ -2714,10 +2715,10 @@ int aes_test(void)
byte key[] = "0123456789abcdef "; /* align */
byte iv[] = "1234567890abcdef "; /* align */
#ifdef HAVE_CAVIUM
if (wc_AesInitCavium(&enc, CAVIUM_DEV_ID) != 0)
#ifdef WOLFSSL_ASYNC_CRYPT
if (wc_AesAsyncInit(&enc, devId) != 0)
return -20003;
if (wc_AesInitCavium(&dec, CAVIUM_DEV_ID) != 0)
if (wc_AesAsyncInit(&dec, devId) != 0)
return -20004;
#endif
ret = wc_AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
@@ -2829,10 +2830,11 @@ int aes_test(void)
}
#endif /* WOLFSSL_AESNI HAVE_AES_DECRYPT */
#ifdef HAVE_CAVIUM
wc_AesFreeCavium(&enc);
wc_AesFreeCavium(&dec);
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
wc_AesAsyncFree(&enc);
wc_AesAsyncFree(&dec);
#endif /* WOLFSSL_ASYNC_CRYPT */
#endif /* HAVE_AES_CBC */
#ifdef WOLFSSL_AES_COUNTER
@@ -3745,10 +3747,6 @@ static int random_rng_test(void)
byte block[32];
int ret, i;
#ifdef HAVE_CAVIUM
ret = wc_InitRngCavium(&rng, CAVIUM_DEV_ID);
if (ret != 0) return -2007;
#endif
ret = wc_InitRng(&rng);
if (ret != 0) return -39;
@@ -4263,6 +4261,7 @@ int certext_test(void)
}
#endif /* WOLFSSL_CERT_EXT && WOLFSSL_TEST_CERT */
int rsa_test(void)
{
byte* tmp;
@@ -4309,11 +4308,7 @@ int rsa_test(void)
fclose(file);
#endif /* USE_CERT_BUFFERS */
#ifdef HAVE_CAVIUM
wc_RsaInitCavium(&key, CAVIUM_DEV_ID);
#endif
ret = wc_InitRsaKey(&key, HEAP_HINT);
ret = wc_InitRsaKey_ex(&key, HEAP_HINT, devId);
if (ret != 0) {
TEST_XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return -39;
@@ -4328,11 +4323,20 @@ int rsa_test(void)
TEST_XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return -42;
}
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return -43;
}
#ifdef WC_RSA_BLINDING
{
int tmpret = ret;
@@ -4344,26 +4348,54 @@ int rsa_test(void)
ret = tmpret;
}
#endif
ret = wc_RsaPrivateDecrypt(out, ret, plain, sizeof(plain), &key);
idx = ret; /* save off encrypted length */
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPrivateDecrypt(out, idx, plain, sizeof(plain), &key);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return -44;
}
if (XMEMCMP(plain, in, inLen)) {
TEST_XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return -45;
}
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return -46;
}
idx = ret;
XMEMSET(plain, 0, sizeof(plain));
ret = wc_RsaSSL_Verify(out, ret, plain, sizeof(plain), &key);
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaSSL_Verify(out, idx, plain, sizeof(plain), &key);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return -47;
}
if (XMEMCMP(plain, in, ret)) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -48;
@@ -4375,18 +4407,36 @@ int rsa_test(void)
!defined(HAVE_FIPS)
#ifndef NO_SHA
XMEMSET(plain, 0, sizeof(plain));
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPublicEncrypt_ex(in, inLen, out, sizeof(out), &key, &rng,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA, WC_MGF1SHA1, NULL, 0);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -143;
}
ret = wc_RsaPrivateDecrypt_ex(out, ret, plain, sizeof(plain), &key,
idx = ret;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPrivateDecrypt_ex(out, idx, plain, sizeof(plain), &key,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA, WC_MGF1SHA1, NULL, 0);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -144;
}
if (XMEMCMP(plain, in, inLen)) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -145;
@@ -4395,18 +4445,35 @@ int rsa_test(void)
#ifndef NO_SHA256
XMEMSET(plain, 0, sizeof(plain));
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPublicEncrypt_ex(in, inLen, out, sizeof(out), &key, &rng,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -243;
}
ret = wc_RsaPrivateDecrypt_ex(out, ret, plain, sizeof(plain), &key,
idx = ret;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPrivateDecrypt_ex(out, idx, plain, sizeof(plain), &key,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -244;
}
if (XMEMCMP(plain, in, inLen)) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -245;
@@ -4414,33 +4481,67 @@ int rsa_test(void)
/* check fails if not using the same optional label */
XMEMSET(plain, 0, sizeof(plain));
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPublicEncrypt_ex(in, inLen, out, sizeof(out), &key, &rng,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -246;
}
ret = wc_RsaPrivateDecrypt_ex(out, ret, plain, sizeof(plain), &key,
idx = ret;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPrivateDecrypt_ex(out, idx, plain, sizeof(plain), &key,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, in, sizeof(in));
}
} while (ret == WC_PENDING_E);
if (ret > 0) { /* in this case decrypt should fail */
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -247;
}
ret = 0;
/* check using optional label with encrypt/decrypt */
XMEMSET(plain, 0, sizeof(plain));
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPublicEncrypt_ex(in, inLen, out, sizeof(out), &key, &rng,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, in, sizeof(in));
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -248;
}
ret = wc_RsaPrivateDecrypt_ex(out, ret, plain, sizeof(plain), &key,
idx = ret;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPrivateDecrypt_ex(out, idx, plain, sizeof(plain), &key,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, in, sizeof(in));
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -249;
}
if (XMEMCMP(plain, in, inLen)) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -250;
@@ -4449,18 +4550,35 @@ int rsa_test(void)
#ifndef NO_SHA
/* check fail using mismatch hash algorithms */
XMEMSET(plain, 0, sizeof(plain));
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPublicEncrypt_ex(in, inLen, out, sizeof(out), &key, &rng,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA, WC_MGF1SHA1, in, sizeof(in));
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -251;
}
ret = wc_RsaPrivateDecrypt_ex(out, ret, plain, sizeof(plain), &key,
idx = ret;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPrivateDecrypt_ex(out, idx, plain, sizeof(plain), &key,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, in, sizeof(in));
}
} while (ret == WC_PENDING_E);
if (ret > 0) { /* should fail */
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -252;
}
ret = 0;
#endif /* NO_SHA*/
#endif /* NO_SHA256 */
@@ -4471,18 +4589,35 @@ int rsa_test(void)
BAD_FUNC_ARG is returned when this case is not met */
if (wc_RsaEncryptSize(&key) > ((int)SHA512_DIGEST_SIZE * 2) + 2) {
XMEMSET(plain, 0, sizeof(plain));
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPublicEncrypt_ex(in, inLen, out, sizeof(out), &key, &rng,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA512, WC_MGF1SHA512, NULL, 0);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -343;
}
ret = wc_RsaPrivateDecrypt_ex(out, ret, plain, sizeof(plain), &key,
idx = ret;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPrivateDecrypt_ex(out, idx, plain, sizeof(plain), &key,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA512, WC_MGF1SHA512, NULL, 0);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -344;
}
if (XMEMCMP(plain, in, inLen)) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -345;
@@ -4492,18 +4627,35 @@ int rsa_test(void)
/* check using pkcsv15 padding with _ex API */
XMEMSET(plain, 0, sizeof(plain));
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPublicEncrypt_ex(in, inLen, out, sizeof(out), &key, &rng,
WC_RSA_PKCSV15_PAD, WC_HASH_TYPE_NONE, 0, NULL, 0);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -443;
}
ret = wc_RsaPrivateDecrypt_ex(out, ret, plain, sizeof(plain), &key,
idx = ret;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_RsaAsyncWait(ret, &key);
#endif
if (ret >= 0) {
ret = wc_RsaPrivateDecrypt_ex(out, idx, plain, sizeof(plain), &key,
WC_RSA_PKCSV15_PAD, WC_HASH_TYPE_NONE, 0, NULL, 0);
}
} while (ret == WC_PENDING_E);
if (ret < 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -444;
}
if (XMEMCMP(plain, in, inLen)) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -445;
@@ -4540,7 +4692,10 @@ int rsa_test(void)
InitDecodedCert(&cert, tmp, (word32)bytes, 0);
ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0) return -491;
if (ret != 0) {
free(tmp);
return -491;
}
FreeDecodedCert(&cert);
#else
@@ -4568,7 +4723,7 @@ int rsa_test(void)
fclose(file);
#endif /* USE_CERT_BUFFERS */
ret = wc_InitRsaKey(&keypub, 0);
ret = wc_InitRsaKey(&keypub, HEAP_HINT);
if (ret != 0) {
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -51;
@@ -5367,7 +5522,7 @@ int rsa_test(void)
bytes = fread(tmp, 1, FOURK_BUF, caFile);
fclose(caFile);
ret = wc_InitRsaKey(&caKey, 0);
ret = wc_InitRsaKey(&caKey, HEAP_HINT);
if (ret != 0) {
TEST_XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
TEST_XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -5652,9 +5807,7 @@ int rsa_test(void)
#ifdef WOLFSSL_CERT_EXT
wc_FreeRsaKey(&keypub);
#endif
#ifdef HAVE_CAVIUM
wc_RsaFreeCavium(&key);
#endif
TEST_XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeRng(&rng);
wolfcrypt/user-crypto/include/user_rsa.h
+1
View File
@@ -76,6 +76,7 @@ typedef struct RsaKey {
} RsaKey;
WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void*);
WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
wolfcrypt/user-crypto/src/rsa.c
+7 -1
View File
@@ -74,7 +74,7 @@ enum {
};
int wc_InitRsaKey(RsaKey* key, void* heap)
int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
{
USER_DEBUG(("Entering wc_InitRsaKey\n"));
@@ -87,10 +87,16 @@ int wc_InitRsaKey(RsaKey* key, void* heap)
USER_DEBUG(("\tExit wc_InitRsaKey\n"));
(void)devId;
(void)heap;
return 0;
}
int wc_InitRsaKey(RsaKey* key, void* heap)
{
return wc_InitRsaKey_ex(key, heap, INVALID_DEVID);
}
/* three functions needed for cert and key gen */
#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)
wolfssl-ntru.vcproj
+4
View File
@@ -322,6 +322,10 @@
RelativePath=".\wolfcrypt\src\wc_encrypt.c"
>
</File>
<File
RelativePath=".\wolfcrypt\src\wolfevent.c"
>
</File>
</Filter>
<Filter
Name="Header Files"
wolfssl.vcproj
+4
View File
@@ -315,6 +315,10 @@
RelativePath=".\wolfcrypt\src\wc_encrypt.c"
>
</File>
<File
RelativePath=".\wolfcrypt\src\wolfevent.c"
>
</File>
</Filter>
<Filter
Name="Header Files"
wolfssl.vcxproj
+1
View File
@@ -317,6 +317,7 @@
<ClCompile Include="wolfcrypt\src\signature.c" />
<ClCompile Include="wolfcrypt\src\wc_encrypt.c" />
<ClCompile Include="wolfcrypt\src\wc_port.c" />
<ClCompile Include="wolfcrypt\src\wolfevent.c" />
</ItemGroup>
<ItemGroup>
<CustomBuild Include="wolfcrypt\src\aes_asm.asm">
wolfssl/error-ssl.h
-1
View File
@@ -142,7 +142,6 @@ enum wolfSSL_ErrorCodes {
UNKNOWN_ALPN_PROTOCOL_NAME_E = -405, /* Unrecognized protocol name Error*/
BAD_CERTIFICATE_STATUS_ERROR = -406, /* Bad certificate status message */
OCSP_INVALID_STATUS = -407, /* Invalid OCSP Status */
ASYNC_NOT_PENDING = -408, /* Async operation not pending */
RSA_KEY_SIZE_E = -409, /* RSA key too small */
ECC_KEY_SIZE_E = -410, /* ECC key too small */
wolfssl/internal.h
+12 -30
View File
@@ -155,7 +155,7 @@
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/async.h>
#include <wolfssl/wolfcrypt/async.h>
#endif
#ifdef _MSC_VER
@@ -1059,8 +1059,6 @@ enum Misc {
HASH_SIG_SIZE = 2, /* default SHA1 RSA */
NO_CAVIUM_DEVICE = -2, /* invalid cavium device id */
NO_COPY = 0, /* should we copy static buffer for write */
COPY = 1 /* should we copy static buffer for write */
};
@@ -1899,20 +1897,6 @@ WOLFSSL_LOCAL int TLSX_ValidateQSHScheme(TLSX** extensions, word16 name);
#endif /* HAVE_QSH */
#ifdef HAVE_WOLF_EVENT
typedef struct {
WOLF_EVENT* head; /* head of queue */
WOLF_EVENT* tail; /* tail of queue */
#ifndef SINGLE_THREADED
wolfSSL_Mutex lock; /* queue lock */
#endif
} WOLF_EVENT_QUEUE;
WOLFSSL_LOCAL int wolfSSL_EventInit(WOLFSSL* ssl, WOLF_EVENT_TYPE type);
WOLFSSL_LOCAL int wolfSSL_CTX_EventPush(WOLFSSL_CTX* ctx, WOLF_EVENT* event);
#endif /* HAVE_WOLF_EVENT */
#ifdef WOLFSSL_STATIC_MEMORY
WOLFSSL_LOCAL int wolfSSL_init_memory_heap(WOLFSSL_HEAP* heap);
#endif
@@ -2002,9 +1986,7 @@ struct WOLFSSL_CTX {
#ifdef HAVE_OCSP
WOLFSSL_OCSP ocsp;
#endif
#ifdef HAVE_CAVIUM
int devId; /* cavium device id to use */
#endif
int devId; /* async device id to use */
#ifdef HAVE_TLS_EXTENSIONS
TLSX* extensions; /* RFC 6066 TLS Extensions data */
#ifndef NO_WOLFSSL_SERVER
@@ -2314,6 +2296,7 @@ enum AcceptState {
enum KeyShareState {
KEYSHARE_BEGIN = 0,
KEYSHARE_BUILD,
KEYSHARE_DO,
KEYSHARE_VERIFY,
KEYSHARE_FINALIZE,
KEYSHARE_END
@@ -2326,6 +2309,7 @@ typedef struct Buffers {
buffer domainName; /* for client check */
buffer clearOutputBuffer;
buffer sig; /* signature data */
buffer digest; /* digest data */
int prevSent; /* previous plain text bytes sent
when got WANT_WRITE */
int plainSz; /* plain text bytes in buffer to send
@@ -2683,7 +2667,8 @@ struct WOLFSSL {
void* hsDoneCtx; /* user handshake cb context */
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
AsyncCrypt async;
AsyncCryptSSLState async;
AsyncCryptDev asyncDev;
#endif
void* sigKey; /* RsaKey or ecc_key allocated from heap */
word32 sigType; /* Type of sigKey */
@@ -2782,9 +2767,7 @@ struct WOLFSSL {
#if defined(FORTRESS) || defined(HAVE_STUNNEL)
void* ex_data[MAX_EX_DATA]; /* external data, for Fortress */
#endif
#ifdef HAVE_CAVIUM
int devId; /* cavium device id to use */
#endif
int devId; /* async device id to use */
#ifdef HAVE_ONE_TIME_AUTH
OneTimeAuth auth;
#endif
@@ -2846,9 +2829,6 @@ struct WOLFSSL {
#ifdef HAVE_WOLF_EVENT
WOLF_EVENT event;
#endif /* HAVE_WOLF_EVENT */
#ifdef WOLFSSL_ASYNC_CRYPT_TEST
AsyncCryptTests asyncCryptTest;
#endif /* WOLFSSL_ASYNC_CRYPT_TEST */
};
@@ -3001,7 +2981,7 @@ WOLFSSL_LOCAL int VerifyClientSuite(WOLFSSL* ssl);
#ifndef NO_CERTS
#ifndef NO_RSA
WOLFSSL_LOCAL int VerifyRsaSign(WOLFSSL* ssl,
const byte* sig, word32 sigSz,
byte* verifySig, word32 sigSz,
const byte* plain, word32 plainSz,
RsaKey* key);
WOLFSSL_LOCAL int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
@@ -3010,6 +2990,8 @@ WOLFSSL_LOCAL int VerifyClientSuite(WOLFSSL* ssl);
byte** out, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx);
WOLFSSL_LOCAL int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out,
word32* outSz, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx);
WOLFSSL_LOCAL int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
word32* outSz, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx);
#endif /* !NO_RSA */
#ifdef HAVE_ECC
@@ -3017,7 +2999,7 @@ WOLFSSL_LOCAL int VerifyClientSuite(WOLFSSL* ssl);
byte* out, word32* outSz, ecc_key* key, byte* keyBuf, word32 keySz,
void* ctx);
WOLFSSL_LOCAL int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32 outSz, ecc_key* key, byte* keyBuf, word32 keySz,
const byte* out, word32 outSz, ecc_key* key, byte* keyBuf, word32 keySz,
void* ctx);
WOLFSSL_LOCAL int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key,
ecc_key* pub_key, byte* out, word32* outSz);
@@ -3132,7 +3114,7 @@ WOLFSSL_LOCAL int SetKeysSide(WOLFSSL*, enum encrypt_side);
#endif
#ifdef HAVE_ECC
WOLFSSL_LOCAL int EccMakeTempKey(WOLFSSL* ssl);
WOLFSSL_LOCAL int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer);
#endif
WOLFSSL_LOCAL int BuildMessage(WOLFSSL* ssl, byte* output, int outSz,
wolfssl/ssl.h
+12 -36
View File
@@ -31,6 +31,10 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/version.h>
#ifdef HAVE_WOLF_EVENT
#include <wolfssl/wolfcrypt/wolfevent.h>
#endif
#ifndef NO_FILESYSTEM
#if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
#if MQX_USE_IO_OLD
@@ -1416,9 +1420,9 @@ WOLFSSL_API void wolfSSL_KeepArrays(WOLFSSL*);
WOLFSSL_API void wolfSSL_FreeArrays(WOLFSSL*);
/* cavium additions */
WOLFSSL_API int wolfSSL_UseCavium(WOLFSSL*, int devId);
WOLFSSL_API int wolfSSL_CTX_UseCavium(WOLFSSL_CTX*, int devId);
/* async additions */
WOLFSSL_API int wolfSSL_UseAsync(WOLFSSL*, int devId);
WOLFSSL_API int wolfSSL_CTX_UseAsync(WOLFSSL_CTX*, int devId);
/* TLS Extensions */
@@ -1909,41 +1913,13 @@ WOLFSSL_API int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
WOLFSSL_API void* wolfSSL_get_jobject(WOLFSSL* ssl);
#endif /* WOLFSSL_JNI */
#ifdef HAVE_WOLF_EVENT
typedef enum WOLF_EVENT_TYPE {
WOLF_EVENT_TYPE_NONE,
#ifdef WOLFSSL_ASYNC_CRYPT
WOLF_EVENT_TYPE_ASYNC_ACCEPT,
WOLF_EVENT_TYPE_ASYNC_CONNECT,
WOLF_EVENT_TYPE_ASYNC_READ,
WOLF_EVENT_TYPE_ASYNC_WRITE,
WOLF_EVENT_TYPE_ASYNC_FIRST = WOLF_EVENT_TYPE_ASYNC_ACCEPT,
WOLF_EVENT_TYPE_ASYNC_LAST = WOLF_EVENT_TYPE_ASYNC_WRITE,
#endif
} WOLF_EVENT_TYPE;
typedef struct WOLF_EVENT WOLF_EVENT;
struct WOLF_EVENT {
WOLF_EVENT* next; /* To support event linked list */
WOLFSSL* ssl; /* Reference back to SSL object */
int ret; /* Async return code */
WOLF_EVENT_TYPE type;
unsigned short pending:1;
unsigned short done:1;
/* Future event flags can go here */
};
#ifdef WOLFSSL_ASYNC_CRYPT
WOLFSSL_API int wolfSSL_AsyncPoll(WOLFSSL* ssl, WOLF_EVENT_FLAG flags);
WOLFSSL_API int wolfSSL_CTX_AsyncPoll(WOLFSSL_CTX* ctx, WOLF_EVENT** events, int maxEvents,
WOLF_EVENT_FLAG flags, int* eventCount);
#endif /* WOLFSSL_ASYNC_CRYPT */
enum WOLF_POLL_FLAGS {
WOLF_POLL_FLAG_CHECK_HW = 0x01,
WOLF_POLL_FLAG_PEEK = 0x02,
};
WOLFSSL_API int wolfSSL_CTX_poll(WOLFSSL_CTX* ctx, WOLF_EVENT* events,
int maxEvents, unsigned char flags, int* eventCount);
WOLFSSL_API int wolfSSL_poll(WOLFSSL* ssl, WOLF_EVENT* events,
int maxEvents, unsigned char flags, int* eventCount);
#endif /* HAVE_WOLF_EVENT */
#ifdef __cplusplus
} /* extern "C" */
wolfssl/test.h
+4 -44
View File
@@ -107,10 +107,11 @@
#define SNPRINTF snprintf
#endif /* USE_WINDOWS_API */
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
#ifdef HAVE_CAVIUM
#include "cavium_sysdep.h"
#include "cavium_common.h"
#include "cavium_ioctl.h"
#include <wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h>
#endif
#ifdef _MSC_VER
@@ -1218,29 +1219,6 @@ static INLINE void CaCb(unsigned char* der, int sz, int type)
#endif /* !NO_CERTS */
#ifdef HAVE_CAVIUM
static INLINE int OpenNitroxDevice(int dma_mode,int dev_id)
{
Csp1CoreAssignment core_assign;
Uint32 device;
if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
return -1;
if (Csp1GetDevType(&device))
return -1;
if (device != NPX_DEVICE) {
if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
(Uint32 *)&core_assign)!= 0)
return -1;
}
CspShutdown(CAVIUM_DEV_ID);
return CspInitialize(dma_mode, dev_id);
}
#endif /* HAVE_CAVIUM */
/* Wolf Root Directory Helper */
/* KEIL-RL File System does not support relative directory */
@@ -1974,24 +1952,6 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
#endif /* HAVE_SESSION_TICKET && CHACHA20 && POLY1305 */
#ifdef WOLFSSL_ASYNC_CRYPT
static INLINE int AsyncCryptPoll(WOLFSSL* ssl)
{
int ret, eventCount = 0;
WOLF_EVENT events[1];
printf("Connect/Accept got WC_PENDING_E\n");
ret = wolfSSL_poll(ssl, events, sizeof(events)/sizeof(WOLF_EVENT),
WOLF_POLL_FLAG_CHECK_HW, &eventCount);
if (ret == 0 && eventCount > 0) {
ret = 1; /* Success */
}
return ret;
}
#endif
static INLINE word16 GetRandomPort(void)
{
word16 port = 0;
wolfssl/wolfcrypt/aes.h
+12 -13
View File
@@ -39,10 +39,6 @@
#endif
#ifndef HAVE_FIPS /* to avoid redefinition of macros */
#ifdef HAVE_CAVIUM
#include <wolfssl/wolfcrypt/logging.h>
#include "cavium_common.h"
#endif
#ifdef WOLFSSL_AESNI
@@ -74,7 +70,10 @@
#endif
#ifndef HAVE_FIPS /* to avoid redefinition of structures */
#define WOLFSSL_AES_CAVIUM_MAGIC 0xBEEF0002
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
enum {
AES_ENC_TYPE = 1, /* cipher unique type */
@@ -102,12 +101,12 @@ typedef struct Aes {
#ifdef WOLFSSL_AESNI
byte use_aesni;
#endif /* WOLFSSL_AESNI */
#ifdef HAVE_CAVIUM
#ifdef WOLFSSL_ASYNC_CRYPT
AsyncCryptDev asyncDev;
#ifdef HAVE_CAVIUM
AesType type; /* aes key type */
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
#endif
#endif
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLFSSL_AES_COUNTER
word32 left; /* unused bytes left from last call */
#endif
@@ -183,9 +182,9 @@ WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
#ifdef HAVE_CAVIUM
WOLFSSL_API int wc_AesInitCavium(Aes*, int);
WOLFSSL_API void wc_AesFreeCavium(Aes*);
#ifdef WOLFSSL_ASYNC_CRYPT
WOLFSSL_API int wc_AesAsyncInit(Aes*, int);
WOLFSSL_API void wc_AesAsyncFree(Aes*);
#endif
#ifdef __cplusplus
wolfssl/wolfcrypt/arc4.h
+8 -8
View File
@@ -30,7 +30,9 @@
extern "C" {
#endif
#define WOLFSSL_ARC4_CAVIUM_MAGIC 0xBEEF0001
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
enum {
ARC4_ENC_TYPE = 4, /* cipher unique type */
@@ -42,19 +44,17 @@ typedef struct Arc4 {
byte x;
byte y;
byte state[ARC4_STATE_SIZE];
#ifdef HAVE_CAVIUM
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
#ifdef WOLFSSL_ASYNC_CRYPT
AsyncCryptDev asyncDev;
#endif
} Arc4;
WOLFSSL_API void wc_Arc4Process(Arc4*, byte*, const byte*, word32);
WOLFSSL_API void wc_Arc4SetKey(Arc4*, const byte*, word32);
#ifdef HAVE_CAVIUM
WOLFSSL_API int wc_Arc4InitCavium(Arc4*, int);
WOLFSSL_API void wc_Arc4FreeCavium(Arc4*);
#ifdef WOLFSSL_ASYNC_CRYPT
WOLFSSL_API int wc_Arc4AsyncInit(Arc4*, int);
WOLFSSL_API void wc_Arc4AsyncFree(Arc4*);
#endif
#ifdef __cplusplus
wolfssl/wolfcrypt/des3.h
+9 -8
View File
@@ -37,7 +37,10 @@
#endif
#ifndef HAVE_FIPS /* to avoid redefinition of macros */
#define WOLFSSL_3DES_CAVIUM_MAGIC 0xBEEF0003
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
enum {
DES_ENC_TYPE = 2, /* cipher unique type */
@@ -76,10 +79,8 @@ typedef struct Des3 {
word32 key[3][DES_KS_SIZE];
word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */
#ifdef HAVE_CAVIUM
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
#ifdef WOLFSSL_ASYNC_CRYPT
AsyncCryptDev asyncDev;
#endif
} Des3;
#endif /* HAVE_FIPS */
@@ -102,9 +103,9 @@ WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out,
WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out,
const byte* in,word32 sz);
#ifdef HAVE_CAVIUM
WOLFSSL_API int wc_Des3_InitCavium(Des3*, int);
WOLFSSL_API void wc_Des3_FreeCavium(Des3*);
#ifdef WOLFSSL_ASYNC_CRYPT
WOLFSSL_API int wc_Des3AsyncInit(Des3*, int);
WOLFSSL_API void wc_Des3AsyncFree(Des3*);
#endif
#ifdef __cplusplus
wolfssl/wolfcrypt/ecc.h
+15 -1
View File
@@ -30,6 +30,10 @@
#include <wolfssl/wolfcrypt/integer.h>
#include <wolfssl/wolfcrypt/random.h>
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
@@ -230,6 +234,10 @@ typedef struct {
ecc_point pubkey; /* public key */
mp_int k; /* private key */
void* heap; /* heap hint */
#ifdef WOLFSSL_ASYNC_CRYPT
AsyncCryptDev asyncDev;
#endif
} ecc_key;
@@ -275,7 +283,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
WOLFSSL_API
int wc_ecc_init(ecc_key* key);
WOLFSSL_API
int wc_ecc_init_h(ecc_key* key, void* heap);
int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
WOLFSSL_API
void wc_ecc_free(ecc_key* key);
WOLFSSL_API
@@ -421,6 +429,12 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
#endif /* HAVE_ECC_ENCRYPT */
#ifdef WOLFSSL_ASYNC_CRYPT
WOLFSSL_API int wc_ecc_async_handle(ecc_key* key,
WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
WOLFSSL_API int wc_ecc_async_wait(int ret, ecc_key* key);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
wolfssl/wolfcrypt/error-crypt.h
+5 -4
View File
@@ -44,6 +44,9 @@ enum {
CRYPTGEN_E = -104, /* windows crypt generation error */
RAN_BLOCK_E = -105, /* reading random device would block */
BAD_MUTEX_E = -106, /* Bad mutex operation */
WC_TIMEOUT_E = -107, /* timeout error */
WC_PENDING_E = -108, /* wolfCrypt operation pending (would block) */
WC_NOT_PENDING_E = -109, /* wolfCrypt operation not pending */
MP_INIT_E = -110, /* mp_init error state */
MP_READ_E = -111, /* mp_read error state */
@@ -61,7 +64,6 @@ enum {
MEMORY_E = -125, /* out of memory error */
VAR_STATE_CHANGE_E = -126, /* var state modified by different thread */
RSA_WRONG_TYPE_E = -130, /* RSA wrong block type for RSA function */
RSA_BUFFER_E = -131, /* RSA buffer error, output too small or
input too large */
@@ -108,7 +110,7 @@ enum {
AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */
AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */
CAVIUM_INIT_E = -182, /* Cavium Init type error */
ASYNC_INIT_E = -182, /* Async Init type error */
COMPRESS_INIT_E = -183, /* Compress init error */
COMPRESS_E = -184, /* Compress error */
@@ -121,7 +123,7 @@ enum {
ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */
ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */
BAD_ENC_STATE_E = -192, /* Bad ecc enc state operation */
BAD_STATE_E = -192, /* Bad state operation */
BAD_PADDING_E = -193, /* Bad padding, msg not correct length */
REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */
@@ -169,7 +171,6 @@ enum {
BAD_COND_E = -230, /* Bad condition variable operation */
SIG_TYPE_E = -231, /* Signature Type not enabled/available */
HASH_TYPE_E = -232, /* Hash Type not enabled/available */
WC_PENDING_E = -233, /* wolfCrypt operation pending (would block) */
WC_KEY_SIZE_E = -234, /* Key size error, either too small or large */
ASN_COUNTRY_SIZE_E = -235, /* ASN Cert Gen, invalid country code size */
wolfssl/wolfcrypt/hash.h
+1 -1
View File
@@ -58,7 +58,7 @@ enum wc_HashType {
#define WC_MAX_DIGEST_SIZE 64 /* default to max size of 64 */
#endif
#ifndef NO_ASN
#if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC)
WOLFSSL_API int wc_HashGetOID(enum wc_HashType hash_type);
#endif
wolfssl/wolfcrypt/hmac.h
+20 -20
View File
@@ -53,17 +53,15 @@
#include <cyassl/ctaocrypt/hmac.h>
#endif
#ifdef HAVE_CAVIUM
#include <wolfssl/wolfcrypt/logging.h>
#include "cavium_common.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifndef HAVE_FIPS
#define WOLFSSL_HMAC_CAVIUM_MAGIC 0xBEEF0005
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
enum {
HMAC_FIPS_MIN_KEY = 14, /* 112 bit key length minimum */
@@ -144,18 +142,18 @@ typedef struct Hmac {
word32 ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 opad[HMAC_BLOCK_SIZE / sizeof(word32)];
word32 innerHash[MAX_DIGEST_SIZE / sizeof(word32)];
#ifdef HAVE_CAVIUM
word64 contextHandle; /* nitrox context memory handle */
HashType type; /* hmac key type */
word32 magic; /* using cavium magic */
int devId; /* nitrox device id */
void* heap /* heap hint , currently only used with cavium */
byte* data; /* buffered input data for one call */
word16 keyLen; /* hmac key length */
word16 dataLen;
#endif
void* heap; /* heap hint */
byte macType; /* md5 sha or sha256 */
byte innerHashKeyed; /* keyed flag */
#ifdef WOLFSSL_ASYNC_CRYPT
AsyncCryptDev asyncDev;
#ifdef HAVE_CAVIUM
word16 keyLen; /* hmac key length */
word16 dataLen;
HashType type; /* hmac key type */
byte* data; /* buffered input data for one call */
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_ASYNC_CRYPT */
} Hmac;
#endif /* HAVE_FIPS */
@@ -164,12 +162,14 @@ typedef struct Hmac {
WOLFSSL_API int wc_HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
WOLFSSL_API int wc_HmacUpdate(Hmac*, const byte*, word32);
WOLFSSL_API int wc_HmacFinal(Hmac*, byte*);
#ifdef HAVE_CAVIUM
WOLFSSL_API int wc_HmacInitCavium(Hmac*, int);
WOLFSSL_API void wc_HmacFreeCavium(Hmac*);
WOLFSSL_API int wc_HmacSizeByType(int type);
#ifdef WOLFSSL_ASYNC_CRYPT
WOLFSSL_API int wc_HmacAsyncInit(Hmac*, int);
WOLFSSL_API void wc_HmacAsyncFree(Hmac*);
#endif
WOLFSSL_API int wolfSSL_GetHmacMaxSize(void);
wolfssl/wolfcrypt/include.am
+6 -1
View File
@@ -56,10 +56,15 @@ nobase_include_HEADERS+= \
wolfssl/wolfcrypt/memory.h \
wolfssl/wolfcrypt/mpi_class.h \
wolfssl/wolfcrypt/mpi_superclass.h \
wolfssl/wolfcrypt/mem_track.h
wolfssl/wolfcrypt/mem_track.h \
wolfssl/wolfcrypt/wolfevent.h
noinst_HEADERS+= \
wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h \
wolfssl/wolfcrypt/port/ti/ti-hash.h \
wolfssl/wolfcrypt/port/ti/ti-ccm.h \
wolfssl/wolfcrypt/port/nrf51.h
if BUILD_CAVIUM
noinst_HEADERS+= wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
endif
wolfssl/wolfcrypt/integer.h
+3
View File
@@ -181,6 +181,9 @@ typedef int mp_err;
typedef struct {
int used, alloc, sign;
mp_digit *dp;
#ifdef WOLFSSL_ASYNC_CRYPT
byte* dpraw; /* Used for hardware crypto */
#endif
} mp_int;
/* callback for mp_prime_random, should fill dst with random bytes and return
wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
+165
View File
@@ -0,0 +1,165 @@
/* cavium-nitrox.h
*
* Copyright (C) 2006-2016 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef _CAVIUM_NITROX_H_
#define _CAVIUM_NITROX_H_
#ifdef HAVE_CAVIUM
#include <wolfssl/wolfcrypt/logging.h>
#ifndef HAVE_CAVIUM_V
#include "cavium_sysdep.h"
#endif
#include "cavium_common.h"
#ifndef HAVE_CAVIUM_V
#include "cavium_ioctl.h"
#else
#include "cavium_sym_crypto.h"
#include "cavium_asym_crypto.h"
#endif
#include <errno.h>
#define CAVIUM_SSL_GRP 0
#define CAVIUM_DPORT 256
/* Compatibility with older Cavium SDK's */
#ifndef HAVE_CAVIUM_V
typedef int CspHandle;
typedef word32 CavReqId;
#define AES_128 AES_128_BIT
#define AES_192 AES_192_BIT
#define AES_256 AES_256_BIT
#else
#define CAVIUM_DEV_ID 0
#define CAVIUM_BLOCKING BLOCKING
#define CAVIUM_NON_BLOCKING NON_BLOCKING
#define CAVIUM_DIRECT DMA_DIRECT_DIRECT
typedef Uint64 CavReqId;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#define CAVIUM_REQ_MODE CAVIUM_NON_BLOCKING
#else
#define CAVIUM_REQ_MODE CAVIUM_BLOCKING
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#define CAVIUM_MAX_PENDING 90
#define CAVIUM_MAX_POLL MAX_TO_POLL
#endif
typedef struct CaviumNitroxDev {
CspHandle devId; /* nitrox device id */
ContextType type; /* Typically CONTEXT_SSL, but also ECC types */
Uint64 contextHandle; /* nitrox context memory handle */
CavReqId reqId; /* Current requestId */
} CaviumNitroxDev;
struct WOLF_EVENT;
/* Wrapper API's */
WOLFSSL_LOCAL int NitroxTranslateResponseCode(int ret);
WOLFSSL_LOCAL CspHandle NitroxGetDeviceHandle(void);
WOLFSSL_LOCAL CspHandle NitroxOpenDevice(int dma_mode, int dev_id);
WOLFSSL_LOCAL int NitroxAllocContext(CaviumNitroxDev* nitrox, CspHandle devId,
ContextType type);
WOLFSSL_LOCAL void NitroxFreeContext(CaviumNitroxDev* nitrox);
WOLFSSL_LOCAL void NitroxCloseDevice(CspHandle devId);
#if defined(WOLFSSL_ASYNC_CRYPT)
WOLFSSL_LOCAL int NitroxCheckRequest(CspHandle devId, CavReqId reqId);
WOLFSSL_LOCAL int NitroxCheckRequests(CspHandle devId,
CspMultiRequestStatusBuffer* req_stat_buf);
#endif /* WOLFSSL_ASYNC_CRYPT */
/* Crypto wrappers */
#ifndef NO_RSA
struct RsaKey;
WOLFSSL_LOCAL int NitroxRsaExptMod(
const byte* in, word32 inLen,
byte* exponent, word32 expLen,
byte* modulus, word32 modLen,
byte* out, word32* outLen, struct RsaKey* key);
WOLFSSL_LOCAL int NitroxRsaPublicEncrypt(const byte* in, word32 inLen,
byte* out, word32 outLen, struct RsaKey* key);
WOLFSSL_LOCAL int NitroxRsaPrivateDecrypt(const byte* in, word32 inLen,
byte* out, word32 outLen, struct RsaKey* key);
WOLFSSL_LOCAL int NitroxRsaSSL_Sign(const byte* in, word32 inLen,
byte* out, word32 outLen, struct RsaKey* key);
WOLFSSL_LOCAL int NitroxRsaSSL_Verify(const byte* in, word32 inLen,
byte* out, word32 outLen, struct RsaKey* key);
#endif /* !NO_RSA */
#ifndef NO_AES
struct Aes;
WOLFSSL_LOCAL int NitroxAesSetKey(struct Aes* aes, const byte* key,
word32 length, const byte* iv);
#ifdef HAVE_AES_CBC
WOLFSSL_LOCAL int NitroxAesCbcEncrypt(struct Aes* aes, byte* out,
const byte* in, word32 length);
#ifdef HAVE_AES_DECRYPT
WOLFSSL_LOCAL int NitroxAesCbcDecrypt(struct Aes* aes, byte* out,
const byte* in, word32 length);
#endif /* HAVE_AES_DECRYPT */
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES */
#ifndef NO_RC4
struct Arc4;
WOLFSSL_LOCAL void NitroxArc4SetKey(struct Arc4* arc4, const byte* key,
word32 length);
WOLFSSL_LOCAL void NitroxArc4Process(struct Arc4* arc4, byte* out,
const byte* in, word32 length);
#endif /* !NO_RC4 */
#ifndef NO_DES3
struct Des3;
WOLFSSL_LOCAL int NitroxDes3SetKey(struct Des3* des3, const byte* key,
const byte* iv);
WOLFSSL_LOCAL int NitroxDes3CbcEncrypt(struct Des3* des3, byte* out,
const byte* in, word32 length);
WOLFSSL_LOCAL int NitroxDes3CbcDecrypt(struct Des3* des3, byte* out,
const byte* in, word32 length);
#endif /* !NO_DES3 */
#ifndef NO_HMAC
struct Hmac;
WOLFSSL_LOCAL int NitroxHmacFinal(struct Hmac* hmac, byte* hash);
WOLFSSL_LOCAL int NitroxHmacUpdate(struct Hmac* hmac, const byte* msg,
word32 length);
WOLFSSL_LOCAL int NitroxHmacSetKey(struct Hmac* hmac, int type,
const byte* key, word32 length);
#endif /* NO_HMAC */
#if !defined(HAVE_HASHDRBG) && !defined(NO_RC4)
WOLFSSL_API void NitroxRngGenerateBlock(WC_RNG* rng, byte* output, word32 sz);
#endif
#endif /* HAVE_CAVIUM */
#endif /* _CAVIUM_NITROX_H_ */
wolfssl/wolfcrypt/random.h
+5 -11
View File
@@ -101,7 +101,9 @@ struct WC_RNG {
#else /* (HAVE_HASHDRBG || NO_RC4) && !CUSTOM_RAND_GENERATE_BLOCK */
#define WOLFSSL_RNG_CAVIUM_MAGIC 0xBEEF0004
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
/* secure Random Number Generator */
@@ -111,9 +113,8 @@ struct WC_RNG {
#ifndef NO_RC4
Arc4 cipher;
#endif
#ifdef HAVE_CAVIUM
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
#ifdef WOLFSSL_ASYNC_CRYPT
AsyncCryptDev asyncDev;
#endif
};
@@ -131,13 +132,6 @@ struct WC_RNG {
WOLFSSL_LOCAL
int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#ifdef HAVE_CAVIUM
WOLFSSL_API int wc_InitRngCavium(WC_RNG*, int);
#endif
#endif /* HAVE_HASH_DRBG || NO_RC4 */
#ifdef HAVE_WNR
/* Whitewood netRandom client library */
wolfssl/wolfcrypt/rsa.h
+35 -20
View File
@@ -52,42 +52,54 @@
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS)
#define WOLFSSL_RSA_CAVIUM_MAGIC 0xBEEF0006
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
enum {
RSA_PUBLIC = 0,
RSA_PRIVATE = 1,
};
RSA_TYPE_UNKNOWN = -1,
RSA_PUBLIC_ENCRYPT = 0,
RSA_PUBLIC_DECRYPT = 1,
RSA_PRIVATE_ENCRYPT = 2,
RSA_PRIVATE_DECRYPT = 3,
RSA_BLOCK_TYPE_1 = 1,
RSA_BLOCK_TYPE_2 = 2,
RSA_MIN_SIZE = 512,
RSA_MAX_SIZE = 4096,
RSA_MIN_PAD_SZ = 11 /* separator + 0 + pad value + 8 pads */
};
/* RSA */
typedef struct RsaKey {
mp_int n, e, d, p, q, dP, dQ, u;
int type; /* public or private */
void* heap; /* for user memory overrides */
int state;
byte* tmp;
word32 tmpLen;
#ifdef WC_RSA_BLINDING
WC_RNG* rng; /* for PrivateDecrypt blinding */
#endif
#ifdef HAVE_CAVIUM
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
byte* c_n; /* cavium byte buffers for key parts */
byte* c_e;
byte* c_d;
byte* c_p;
byte* c_q;
byte* c_dP;
byte* c_dQ;
byte* c_u; /* sizes in bytes */
word16 c_nSz, c_eSz, c_dSz, c_pSz, c_qSz, c_dP_Sz, c_dQ_Sz, c_uSz;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
AsyncCryptDev asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
} RsaKey;
#endif /*HAVE_FIPS */
WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void*);
WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap);
WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
WOLFSSL_LOCAL int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng);
WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, WC_RNG* rng);
WOLFSSL_API int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
@@ -120,6 +132,7 @@ WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
*/
/* Mask Generation Function Identifiers */
#define WC_MGF1NONE 0
#define WC_MGF1SHA1 26
#define WC_MGF1SHA256 1
#define WC_MGF1SHA384 2
@@ -147,11 +160,13 @@ WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
#endif
#ifdef HAVE_CAVIUM
WOLFSSL_API int wc_RsaInitCavium(RsaKey*, int);
WOLFSSL_API void wc_RsaFreeCavium(RsaKey*);
#ifdef WOLFSSL_ASYNC_CRYPT
WOLFSSL_API int wc_RsaAsyncHandle(RsaKey* key, WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
WOLFSSL_API int wc_RsaAsyncWait(int ret, RsaKey* key);
#endif
#endif /* HAVE_USER_RSA */
#ifdef __cplusplus
} /* extern "C" */
#endif
wolfssl/wolfcrypt/settings.h
+4 -3
View File
@@ -1235,9 +1235,10 @@ static char *fgets(char *buff, int sz, FILE *fp)
/* Make sure wolf events are enabled */
#undef HAVE_WOLF_EVENT
#define HAVE_WOLF_EVENT
#else
#ifdef WOLFSSL_ASYNC_CRYPT_TEST
#error Must have WOLFSSL_ASYNC_CRYPT enabled with WOLFSSL_ASYNC_CRYPT_TEST
#if !defined(HAVE_CAVIUM) && !defined(HAVE_INTEL_QA) && \
!defined(WOLFSSL_ASYNC_CRYPT_TEST)
#error No async hardware defined with WOLFSSL_ASYNC_CRYPT!
#endif
#endif /* WOLFSSL_ASYNC_CRYPT */
wolfssl/wolfcrypt/tfm.h
+3
View File
@@ -289,6 +289,9 @@ typedef struct {
int size;
#endif
fp_digit dp[FP_SIZE];
#ifdef WOLFSSL_ASYNC_CRYPT
byte *dpraw; /* Used for hardware crypto */
#endif
} fp_int;
/* externally define this symbol to ignore the default settings, useful for changing the build from the make process */
wolfssl/wolfcrypt/types.h
+5 -2
View File
@@ -312,8 +312,8 @@
DYNAMIC_TYPE_ECC = 37,
DYNAMIC_TYPE_TMP_BUFFER = 38,
DYNAMIC_TYPE_DTLS_MSG = 39,
DYNAMIC_TYPE_CAVIUM_TMP = 40,
DYNAMIC_TYPE_CAVIUM_RSA = 41,
DYNAMIC_TYPE_ASYNC_TMP = 40,
DYNAMIC_TYPE_ASYNC_RSA = 41,
DYNAMIC_TYPE_X509 = 42,
DYNAMIC_TYPE_TLSX = 43,
DYNAMIC_TYPE_OCSP = 44,
@@ -376,6 +376,9 @@
return 1 if a match otherwise 0 */
#define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings())
/* invalid device id */
#define INVALID_DEVID -2
#ifdef __cplusplus
} /* extern "C" */
wolfssl/wolfcrypt/wolfevent.h
+103
View File
@@ -0,0 +1,103 @@
/* wolfevent.h
*
* Copyright (C) 2006-2016 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _WOLF_EVENT_H_
#define _WOLF_EVENT_H_
#ifdef __cplusplus
extern "C" {
#endif
#ifndef SINGLE_THREADED
#include <wolfssl/wolfcrypt/wc_port.h>
#endif
typedef struct WOLFSSL WOLFSSL;
typedef struct WOLF_EVENT WOLF_EVENT;
typedef struct WOLFSSL_CTX WOLFSSL_CTX;
typedef unsigned short WOLF_EVENT_FLAG;
typedef enum WOLF_EVENT_TYPE {
WOLF_EVENT_TYPE_NONE,
#ifdef WOLFSSL_ASYNC_CRYPT
WOLF_EVENT_TYPE_ASYNC_ANY,
WOLF_EVENT_TYPE_ASYNC_WOLFSSL,
WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT,
WOLF_EVENT_TYPE_ASYNC_FIRST = WOLF_EVENT_TYPE_ASYNC_WOLFSSL,
WOLF_EVENT_TYPE_ASYNC_LAST = WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT,
#endif
} WOLF_EVENT_TYPE;
struct WOLF_EVENT {
/* double linked list */
WOLF_EVENT* next;
WOLF_EVENT* prev;
void* context;
#ifdef HAVE_CAVIUM
word64 reqId;
#endif
int ret; /* Async return code */
WOLF_EVENT_TYPE type;
WOLF_EVENT_FLAG pending:1;
WOLF_EVENT_FLAG done:1;
/* Future event flags can go here */
};
enum WOLF_POLL_FLAGS {
WOLF_POLL_FLAG_CHECK_HW = 0x01,
};
typedef struct {
WOLF_EVENT* head; /* head of queue */
WOLF_EVENT* tail; /* tail of queue */
#ifndef SINGLE_THREADED
wolfSSL_Mutex lock; /* queue lock */
#endif
int count;
} WOLF_EVENT_QUEUE;
#ifdef HAVE_WOLF_EVENT
/* Event */
WOLFSSL_API int wolfEvent_Init(WOLF_EVENT* event, WOLF_EVENT_TYPE type, void* context);
WOLFSSL_API int wolfEvent_Poll(WOLF_EVENT* event, WOLF_EVENT_FLAG flags);
/* Event Queue */
WOLFSSL_API int wolfEventQueue_Init(WOLF_EVENT_QUEUE* queue);
WOLFSSL_API int wolfEventQueue_Push(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
WOLFSSL_API int wolfEventQueue_Pop(WOLF_EVENT_QUEUE* queue, WOLF_EVENT** event);
WOLFSSL_API int wolfEventQueue_Remove(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
WOLFSSL_API int wolfEventQueue_Poll(WOLF_EVENT_QUEUE* queue, void* context_filter,
WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG flags, int* eventCount);
WOLFSSL_API int wolfEventQueue_Count(WOLF_EVENT_QUEUE* queue);
WOLFSSL_API void wolfEventQueue_Free(WOLF_EVENT_QUEUE* queue);
#endif /* HAVE_WOLF_EVENT */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* _WOLF_EVENT_H_ */