feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #2012 from dgarske/cryptocb_sym

Browse Source 
Added CryptoDev callback support for AES CBC, SHA1/SHA256 and RNG
This commit is contained in:
toddouska
2019-01-16 10:41:49 -08:00
committed by GitHub
parent 5d262e9123 ebc9533bc7
commit 32ed53a991
13 changed files with 446 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
wolfcrypt/src/aes.c
View File

@@ -2210,6 +2210,11 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
XMEMCPY(aes->asyncIv, iv, AES_BLOCK_SIZE); XMEMCPY(aes->asyncIv, iv, AES_BLOCK_SIZE);
} }
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLF_CRYPTO_DEV
if (aes->devId != INVALID_DEVID) {
XMEMCPY(aes->devKey, userKey, keylen);
}
#endif
#ifdef WOLFSSL_AESNI #ifdef WOLFSSL_AESNI
if (checkAESNI == 0) { if (checkAESNI == 0) {
@@ -2904,6 +2909,13 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#ifdef WOLF_CRYPTO_DEV
if (aes->devId != INVALID_DEVID) {
int ret = wc_CryptoDev_AesCbcEncrypt(aes, out, in, sz);
if (ret != NOT_COMPILED_IN)
return ret;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
/* if async and byte count above threshold */ /* if async and byte count above threshold */
if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES && if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
@@ -2995,6 +3007,13 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#ifdef WOLF_CRYPTO_DEV
if (aes->devId != INVALID_DEVID) {
int ret = wc_CryptoDev_AesCbcDecrypt(aes, out, in, sz);
if (ret != NOT_COMPILED_IN)
return ret;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
/* if async and byte count above threshold */ /* if async and byte count above threshold */
if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES && if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
@@ -8495,7 +8514,6 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
authTag, authTagSz, authIn, authInSz); authTag, authTagSz, authIn, authInSz);
if (ret != NOT_COMPILED_IN) if (ret != NOT_COMPILED_IN)
return ret; return ret;
ret = 0; /* reset error code and try using software */
} }
#endif #endif

6
wolfcrypt/src/asn.c
View File

@@ -9155,7 +9155,7 @@ int wc_KeyPemToDer(const unsigned char* pem, int pemSz,
XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO);
#endif #endif
if (ret < 0) { if (ret < 0 || der == NULL) {
WOLFSSL_MSG("Bad Pem To Der"); WOLFSSL_MSG("Bad Pem To Der");
} }
else { else {
@@ -9196,7 +9196,7 @@ int wc_CertPemToDer(const unsigned char* pem, int pemSz,
ret = PemToDer(pem, pemSz, type, &der, NULL, NULL, &eccKey); ret = PemToDer(pem, pemSz, type, &der, NULL, NULL, &eccKey);
if (ret < 0) { if (ret < 0 || der == NULL) {
WOLFSSL_MSG("Bad Pem To Der"); WOLFSSL_MSG("Bad Pem To Der");
} }
else { else {
@@ -9235,7 +9235,7 @@ int wc_PubKeyPemToDer(const unsigned char* pem, int pemSz,
} }
ret = PemToDer(pem, pemSz, PUBLICKEY_TYPE, &der, NULL, NULL, NULL); ret = PemToDer(pem, pemSz, PUBLICKEY_TYPE, &der, NULL, NULL, NULL);
if (ret < 0) { if (ret < 0 || der == NULL) {
WOLFSSL_MSG("Bad Pem To Der"); WOLFSSL_MSG("Bad Pem To Der");
} }
else { else {

149
wolfcrypt/src/cryptodev.c
View File

@@ -59,8 +59,9 @@ static CryptoDev* wc_CryptoDev_FindDevice(int devId)
void wc_CryptoDev_Init(void) void wc_CryptoDev_Init(void)
{ {
int i; int i;
for (i=0; i<MAX_CRYPTO_DEVICES; i++) for (i=0; i<MAX_CRYPTO_DEVICES; i++) {
gCryptoDev[i].devId = INVALID_DEVID; gCryptoDev[i].devId = INVALID_DEVID;
}
} }
int wc_CryptoDev_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx) int wc_CryptoDev_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx)
@@ -256,7 +257,8 @@ int wc_CryptoDev_EccVerify(const byte* sig, word32 siglen,
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
#if !defined(NO_AES) && defined(HAVE_AESGCM) #ifndef NO_AES
#ifdef HAVE_AESGCM
int wc_CryptoDev_AesGcmEncrypt(Aes* aes, byte* out, int wc_CryptoDev_AesGcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz, const byte* in, word32 sz,
const byte* iv, word32 ivSz, const byte* iv, word32 ivSz,
@@ -328,15 +330,144 @@ int wc_CryptoDev_AesGcmDecrypt(Aes* aes, byte* out,
return ret; return ret;
} }
#endif /* !NO_AES && HAVE_AESGCM */ #endif /* HAVE_AESGCM */
/* call to support callback for entire buffer hash */ #ifdef HAVE_AES_CBC
int wc_CryptoDev_Sha256Hash(const byte* data, word32 len, byte* hash) int wc_CryptoDev_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz)
{ {
(void)data; int ret = NOT_COMPILED_IN;
(void)len; CryptoDev* dev;
(void)hash;
return NOT_COMPILED_IN; /* locate registered callback */
dev = wc_CryptoDev_FindDevice(aes->devId);
if (dev) {
if (dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER;
cryptoInfo.cipher.type = WC_CIPHER_AES_CBC;
cryptoInfo.cipher.enc = 1;
cryptoInfo.cipher.aescbc.aes = aes;
cryptoInfo.cipher.aescbc.out = out;
cryptoInfo.cipher.aescbc.in = in;
cryptoInfo.cipher.aescbc.sz = sz;
ret = dev->cb(aes->devId, &cryptoInfo, dev->ctx);
}
}
return ret;
} }
int wc_CryptoDev_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz)
{
int ret = NOT_COMPILED_IN;
CryptoDev* dev;
/* locate registered callback */
dev = wc_CryptoDev_FindDevice(aes->devId);
if (dev) {
if (dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER;
cryptoInfo.cipher.type = WC_CIPHER_AES_CBC;
cryptoInfo.cipher.enc = 0;
cryptoInfo.cipher.aescbc.aes = aes;
cryptoInfo.cipher.aescbc.out = out;
cryptoInfo.cipher.aescbc.in = in;
cryptoInfo.cipher.aescbc.sz = sz;
ret = dev->cb(aes->devId, &cryptoInfo, dev->ctx);
}
}
return ret;
}
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES */
#ifndef NO_SHA
int wc_CryptoDev_ShaHash(wc_Sha* sha, const byte* in,
word32 inSz, byte* digest)
{
int ret = NOT_COMPILED_IN;
CryptoDev* dev;
/* locate registered callback */
dev = wc_CryptoDev_FindDevice(sha->devId);
if (dev) {
if (dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_HASH;
cryptoInfo.hash.type = WC_HASH_TYPE_SHA;
cryptoInfo.hash.sha1 = sha;
cryptoInfo.hash.in = in;
cryptoInfo.hash.inSz = inSz;
cryptoInfo.hash.digest = digest;
ret = dev->cb(sha->devId, &cryptoInfo, dev->ctx);
}
}
return ret;
}
#endif /* !NO_SHA */
#ifndef NO_SHA256
int wc_CryptoDev_Sha256Hash(wc_Sha256* sha256, const byte* in,
word32 inSz, byte* digest)
{
int ret = NOT_COMPILED_IN;
CryptoDev* dev;
/* locate registered callback */
dev = wc_CryptoDev_FindDevice(sha256->devId);
if (dev) {
if (dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_HASH;
cryptoInfo.hash.type = WC_HASH_TYPE_SHA256;
cryptoInfo.hash.sha256 = sha256;
cryptoInfo.hash.in = in;
cryptoInfo.hash.inSz = inSz;
cryptoInfo.hash.digest = digest;
ret = dev->cb(sha256->devId, &cryptoInfo, dev->ctx);
}
}
return ret;
}
#endif /* !NO_SHA256 */
#ifndef WC_NO_RNG
int wc_CryptoDev_RandomBlock(WC_RNG* rng, byte* out, word32 sz)
{
int ret = NOT_COMPILED_IN;
CryptoDev* dev;
/* locate registered callback */
dev = wc_CryptoDev_FindDevice(rng->devId);
if (dev) {
if (dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_RNG;
cryptoInfo.rng.rng = rng;
cryptoInfo.rng.out = out;
cryptoInfo.rng.sz = sz;
ret = dev->cb(rng->devId, &cryptoInfo, dev->ctx);
}
}
return ret;
}
#endif /* !WC_NO_RNG */
#endif /* WOLF_CRYPTO_DEV */ #endif /* WOLF_CRYPTO_DEV */

26
wolfcrypt/src/random.c
View File

@@ -104,6 +104,10 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
#include <wolfssl/wolfcrypt/sha256.h> #include <wolfssl/wolfcrypt/sha256.h>
#ifdef WOLF_CRYPTO_DEV
#include <wolfssl/wolfcrypt/cryptodev.h>
#endif
#ifdef NO_INLINE #ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h> #include <wolfssl/wolfcrypt/misc.h>
#else #else
@@ -272,7 +276,7 @@ typedef struct DRBG {
word32 lastBlock; word32 lastBlock;
byte V[DRBG_SEED_LEN]; byte V[DRBG_SEED_LEN];
byte C[DRBG_SEED_LEN]; byte C[DRBG_SEED_LEN];
#ifdef WOLFSSL_ASYNC_CRYPT #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
void* heap; void* heap;
int devId; int devId;
#endif #endif
@@ -321,7 +325,7 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
for (i = 0, ctr = 1; i < len; i++, ctr++) { for (i = 0, ctr = 1; i < len; i++, ctr++) {
#ifndef WOLFSSL_SMALL_STACK_CACHE #ifndef WOLFSSL_SMALL_STACK_CACHE
#ifdef WOLFSSL_ASYNC_CRYPT #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId); ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId);
#else #else
ret = wc_InitSha256(sha); ret = wc_InitSha256(sha);
@@ -449,7 +453,7 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
XMEMCPY(data, V, sizeof(data)); XMEMCPY(data, V, sizeof(data));
for (i = 0; i < len; i++) { for (i = 0; i < len; i++) {
#ifndef WOLFSSL_SMALL_STACK_CACHE #ifndef WOLFSSL_SMALL_STACK_CACHE
#ifdef WOLFSSL_ASYNC_CRYPT #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId); ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId);
#else #else
ret = wc_InitSha256(sha); ret = wc_InitSha256(sha);
@@ -552,7 +556,7 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
ret = Hash_gen(drbg, out, outSz, drbg->V); ret = Hash_gen(drbg, out, outSz, drbg->V);
if (ret == DRBG_SUCCESS) { if (ret == DRBG_SUCCESS) {
#ifndef WOLFSSL_SMALL_STACK_CACHE #ifndef WOLFSSL_SMALL_STACK_CACHE
#ifdef WOLFSSL_ASYNC_CRYPT #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId); ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId);
#else #else
ret = wc_InitSha256(sha); ret = wc_InitSha256(sha);
@@ -598,7 +602,7 @@ static int Hash_DRBG_Instantiate(DRBG* drbg, const byte* seed, word32 seedSz,
int ret = DRBG_FAILURE; int ret = DRBG_FAILURE;
XMEMSET(drbg, 0, sizeof(DRBG)); XMEMSET(drbg, 0, sizeof(DRBG));
#ifdef WOLFSSL_ASYNC_CRYPT #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
drbg->heap = heap; drbg->heap = heap;
drbg->devId = devId; drbg->devId = devId;
#else #else
@@ -607,7 +611,7 @@ static int Hash_DRBG_Instantiate(DRBG* drbg, const byte* seed, word32 seedSz,
#endif #endif
#ifdef WOLFSSL_SMALL_STACK_CACHE #ifdef WOLFSSL_SMALL_STACK_CACHE
#ifdef WOLFSSL_ASYNC_CRYPT #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
ret = wc_InitSha256_ex(&drbg->sha256, drbg->heap, drbg->devId); ret = wc_InitSha256_ex(&drbg->sha256, drbg->heap, drbg->devId);
#else #else
ret = wc_InitSha256(&drbg->sha256); ret = wc_InitSha256(&drbg->sha256);
@@ -697,7 +701,7 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
#else #else
rng->heap = heap; rng->heap = heap;
#endif #endif
#ifdef WOLFSSL_ASYNC_CRYPT #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
rng->devId = devId; rng->devId = devId;
#else #else
(void)devId; (void)devId;
@@ -827,6 +831,14 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
if (rng == NULL || output == NULL) if (rng == NULL || output == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
#ifdef WOLF_CRYPTO_DEV
if (rng->devId != INVALID_DEVID) {
ret = wc_CryptoDev_RandomBlock(rng, output, sz);
if (ret != NOT_COMPILED_IN)
return ret;
}
#endif
#ifdef HAVE_INTEL_RDRAND #ifdef HAVE_INTEL_RDRAND
if (IS_INTEL_RDRAND(intel_flags)) if (IS_INTEL_RDRAND(intel_flags))
return wc_GenerateRand_IntelRD(NULL, output, sz); return wc_GenerateRand_IntelRD(NULL, output, sz);

22
wolfcrypt/src/sha.c
View File

@@ -43,6 +43,10 @@
#include <wolfssl/wolfcrypt/sha.h> #include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/error-crypt.h> #include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef WOLF_CRYPTO_DEV
#include <wolfssl/wolfcrypt/cryptodev.h>
#endif
/* fips wrapper calls, user can call direct */ /* fips wrapper calls, user can call direct */
#if defined(HAVE_FIPS) && \ #if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
@@ -430,6 +434,10 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
sha->heap = heap; sha->heap = heap;
#ifdef WOLF_CRYPTO_DEV
sha->devId = devId;
#endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ #if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
sha->ctx.mode = ESP32_SHA_INIT; sha->ctx.mode = ESP32_SHA_INIT;
@@ -460,6 +468,13 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
/* do block size increments */ /* do block size increments */
local = (byte*)sha->buffer; local = (byte*)sha->buffer;
#ifdef WOLF_CRYPTO_DEV
if (sha->devId != INVALID_DEVID) {
int ret = wc_CryptoDev_ShaHash(sha, data, len, NULL);
if (ret != NOT_COMPILED_IN)
return ret;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) { if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) {
#if defined(HAVE_INTEL_QA) #if defined(HAVE_INTEL_QA)
@@ -535,6 +550,13 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
local = (byte*)sha->buffer; local = (byte*)sha->buffer;
#ifdef WOLF_CRYPTO_DEV
if (sha->devId != INVALID_DEVID) {
int ret = wc_CryptoDev_ShaHash(sha, NULL, 0, hash);
if (ret != NOT_COMPILED_IN)
return ret;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) { if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) {
#if defined(HAVE_INTEL_QA) #if defined(HAVE_INTEL_QA)

50
wolfcrypt/src/sha256.c
View File

@@ -46,6 +46,10 @@
#include <wolfssl/wolfcrypt/error-crypt.h> #include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/cpuid.h> #include <wolfssl/wolfcrypt/cpuid.h>
#ifdef WOLF_CRYPTO_DEV
#include <wolfssl/wolfcrypt/cryptodev.h>
#endif
/* fips wrapper calls, user can call direct */ /* fips wrapper calls, user can call direct */
#if defined(HAVE_FIPS) && \ #if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
@@ -308,6 +312,9 @@ static int InitSha256(wc_Sha256* sha256)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
sha256->heap = heap; sha256->heap = heap;
#ifdef WOLF_CRYPTO_DEV
sha256->devId = devId;
#endif
ret = InitSha256(sha256); ret = InitSha256(sha256);
if (ret != 0) if (ret != 0)
@@ -520,6 +527,9 @@ static int InitSha256(wc_Sha256* sha256)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
sha256->heap = heap; sha256->heap = heap;
#ifdef WOLF_CRYPTO_DEV
sha256->devId = devId;
#endif
ret = InitSha256(sha256); ret = InitSha256(sha256);
if (ret != 0) if (ret != 0)
@@ -675,14 +685,6 @@ static int InitSha256(wc_Sha256* sha256)
return 0; return 0;
} }
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
if (sha256->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA256) {
#if defined(HAVE_INTEL_QA)
return IntelQaSymSha256(&sha256->asyncDev, NULL, data, len);
#endif
}
#endif /* WOLFSSL_ASYNC_CRYPT */
/* do block size increments */ /* do block size increments */
local = (byte*)sha256->buffer; local = (byte*)sha256->buffer;
@@ -807,6 +809,30 @@ static int InitSha256(wc_Sha256* sha256)
int wc_Sha256Update(wc_Sha256* sha256, const byte* data, word32 len) int wc_Sha256Update(wc_Sha256* sha256, const byte* data, word32 len)
{ {
if (sha256 == NULL || (data == NULL && len > 0)) {
return BAD_FUNC_ARG;
}
if (data == NULL && len == 0) {
/* valid, but do nothing */
return 0;
}
#ifdef WOLF_CRYPTO_DEV
if (sha256->devId != INVALID_DEVID) {
int ret = wc_CryptoDev_Sha256Hash(sha256, data, len, NULL);
if (ret != NOT_COMPILED_IN)
return ret;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
if (sha256->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA256) {
#if defined(HAVE_INTEL_QA)
return IntelQaSymSha256(&sha256->asyncDev, NULL, data, len);
#endif
}
#endif /* WOLFSSL_ASYNC_CRYPT */
return Sha256Update(sha256, data, len); return Sha256Update(sha256, data, len);
} }
@@ -939,6 +965,14 @@ static int InitSha256(wc_Sha256* sha256)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#ifdef WOLF_CRYPTO_DEV
if (sha256->devId != INVALID_DEVID) {
ret = wc_CryptoDev_Sha256Hash(sha256, NULL, 0, hash);
if (ret != NOT_COMPILED_IN)
return ret;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
if (sha256->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA256) { if (sha256->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA256) {
#if defined(HAVE_INTEL_QA) #if defined(HAVE_INTEL_QA)

120
wolfcrypt/test/test.c
View File

@@ -22825,7 +22825,19 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
if (info == NULL) if (info == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if (info->algo_type == WC_ALGO_TYPE_PK) { if (info->algo_type == WC_ALGO_TYPE_RNG) {
#ifndef WC_NO_RNG
/* set devId to invalid, so software is used */
info->rng.rng->devId = INVALID_DEVID;
ret = wc_RNG_GenerateBlock(info->rng.rng,
info->rng.out, info->rng.sz);
/* reset devId */
info->rng.rng->devId = devIdArg;
#endif
}
else if (info->algo_type == WC_ALGO_TYPE_PK) {
#ifdef DEBUG_WOLFSSL #ifdef DEBUG_WOLFSSL
printf("CryptoDevCb: Pk Type %d\n", info->pk.type); printf("CryptoDevCb: Pk Type %d\n", info->pk.type);
#endif #endif
@@ -22918,9 +22930,9 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
} }
else if (info->algo_type == WC_ALGO_TYPE_CIPHER) { else if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
#if !defined(NO_AES) && defined(HAVE_AESGCM) #ifndef NO_AES
#ifdef HAVE_AESGCM
if (info->cipher.type == WC_CIPHER_AES_GCM) { if (info->cipher.type == WC_CIPHER_AES_GCM) {
if (info->cipher.enc) { if (info->cipher.enc) {
/* set devId to invalid, so software is used */ /* set devId to invalid, so software is used */
info->cipher.aesgcm_enc.aes->devId = INVALID_DEVID; info->cipher.aesgcm_enc.aes->devId = INVALID_DEVID;
@@ -22960,8 +22972,86 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->cipher.aesgcm_dec.aes->devId = devIdArg; info->cipher.aesgcm_dec.aes->devId = devIdArg;
} }
} }
#endif /* !NO_AES && HAVE_AESGCM */ #endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
if (info->cipher.type == WC_CIPHER_AES_CBC) {
if (info->cipher.enc) {
/* set devId to invalid, so software is used */
info->cipher.aescbc.aes->devId = INVALID_DEVID;
ret = wc_AesCbcEncrypt(
info->cipher.aescbc.aes,
info->cipher.aescbc.out,
info->cipher.aescbc.in,
info->cipher.aescbc.sz);
/* reset devId */
info->cipher.aescbc.aes->devId = devIdArg;
}
else {
/* set devId to invalid, so software is used */
info->cipher.aescbc.aes->devId = INVALID_DEVID;
ret = wc_AesCbcDecrypt(
info->cipher.aescbc.aes,
info->cipher.aescbc.out,
info->cipher.aescbc.in,
info->cipher.aescbc.sz);
/* reset devId */
info->cipher.aescbc.aes->devId = devIdArg;
}
}
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES */
} }
#if !defined(NO_SHA) || !defined(NO_SHA256)
else if (info->algo_type == WC_ALGO_TYPE_HASH) {
#if !defined(NO_SHA)
if (info->hash.type == WC_HASH_TYPE_SHA) {
/* set devId to invalid, so software is used */
info->hash.sha1->devId = INVALID_DEVID;
if (info->hash.in != NULL) {
ret = wc_ShaUpdate(
info->hash.sha1,
info->hash.in,
info->hash.inSz);
}
else if (info->hash.digest != NULL) {
ret = wc_ShaFinal(
info->hash.sha1,
info->hash.digest);
}
/* reset devId */
info->hash.sha1->devId = devIdArg;
}
else
#endif
#if !defined(NO_SHA256)
if (info->hash.type == WC_HASH_TYPE_SHA256) {
/* set devId to invalid, so software is used */
info->hash.sha256->devId = INVALID_DEVID;
if (info->hash.in != NULL) {
ret = wc_Sha256Update(
info->hash.sha256,
info->hash.in,
info->hash.inSz);
}
else if (info->hash.digest != NULL) {
ret = wc_Sha256Final(
info->hash.sha256,
info->hash.digest);
}
/* reset devId */
info->hash.sha256->devId = devIdArg;
}
#endif
}
#endif /* !NO_SHA || !NO_SHA256 */
(void)devIdArg; (void)devIdArg;
(void)myCtx; (void)myCtx;
@@ -22981,6 +23071,10 @@ int cryptodev_test(void)
devId = 1; devId = 1;
ret = wc_CryptoDev_RegisterDevice(devId, myCryptoDevCb, &myCtx); ret = wc_CryptoDev_RegisterDevice(devId, myCryptoDevCb, &myCtx);
#ifndef WC_NO_RNG
if (ret == 0)
ret = random_test();
#endif /* WC_NO_RNG */
#ifndef NO_RSA #ifndef NO_RSA
if (ret == 0) if (ret == 0)
ret = rsa_test(); ret = rsa_test();
@@ -22989,9 +23083,25 @@ int cryptodev_test(void)
if (ret == 0) if (ret == 0)
ret = ecc_test(); ret = ecc_test();
#endif #endif
#if !defined(NO_AES) && defined(HAVE_AESGCM) #ifndef NO_AES
#ifdef HAVE_AESGCM
if (ret == 0) if (ret == 0)
ret = aesgcm_test(); ret = aesgcm_test();
#endif
#ifdef HAVE_AES_CBC
if (ret == 0)
ret = aes_cbc_test();
#endif
#endif /* !NO_AES */
#if !defined(NO_SHA) || !defined(NO_SHA256)
#ifndef NO_SHA
if (ret == 0)
ret = sha_test();
#endif
#ifndef NO_SHA256
if (ret == 0)
ret = sha256_test();
#endif
#endif #endif
/* reset devId */ /* reset devId */

3
wolfssl/wolfcrypt/aes.h
View File

@@ -151,7 +151,8 @@ typedef struct Aes {
byte use_aesni; byte use_aesni;
#endif /* WOLFSSL_AESNI */ #endif /* WOLFSSL_AESNI */
#ifdef WOLF_CRYPTO_DEV #ifdef WOLF_CRYPTO_DEV
int devId; int devId;
word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
#endif #endif
#ifdef HAVE_PKCS11 #ifdef HAVE_PKCS11
byte id[AES_MAX_ID_LEN]; byte id[AES_MAX_ID_LEN];

75
wolfssl/wolfcrypt/cryptodev.h
View File

@@ -38,6 +38,15 @@
#ifndef NO_AES #ifndef NO_AES
#include <wolfssl/wolfcrypt/aes.h> #include <wolfssl/wolfcrypt/aes.h>
#endif #endif
#ifndef NO_SHA
#include <wolfssl/wolfcrypt/sha.h>
#endif
#ifndef NO_SHA256
#include <wolfssl/wolfcrypt/sha256.h>
#endif
#ifndef WC_NO_RNG
#include <wolfssl/wolfcrypt/random.h>
#endif
/* Crypto Information Structure for callbacks */ /* Crypto Information Structure for callbacks */
typedef struct wc_CryptoInfo { typedef struct wc_CryptoInfo {
@@ -96,11 +105,12 @@ typedef struct wc_CryptoInfo {
#endif #endif
}; };
} pk; } pk;
#ifndef NO_AES
struct { struct {
int type; /* enum wc_CipherType */ int type; /* enum wc_CipherType */
int enc; int enc;
union { union {
#if !defined(NO_AES) && defined(HAVE_AESGCM) #ifdef HAVE_AESGCM
struct { struct {
Aes* aes; Aes* aes;
byte* out; byte* out;
@@ -125,19 +135,52 @@ typedef struct wc_CryptoInfo {
const byte* authIn; const byte* authIn;
word32 authInSz; word32 authInSz;
} aesgcm_dec; } aesgcm_dec;
#endif #endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
} aescbc;
#endif /* HAVE_AES_CBC */
}; };
} cipher; } cipher;
#endif
#if !defined(NO_SHA) || !defined(NO_SHA256)
struct {
int type; /* enum wc_HashType */
const byte* in;
word32 inSz;
byte* digest;
union {
#ifndef NO_SHA
wc_Sha* sha1;
#endif
#ifndef NO_SHA256
wc_Sha256* sha256;
#endif
};
} hash;
#endif /* !NO_SHA || !NO_SHA256 */
#ifndef WC_NO_RNG
struct {
WC_RNG* rng;
byte* out;
word32 sz;
} rng;
#endif
} wc_CryptoInfo; } wc_CryptoInfo;
typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx); typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
WOLFSSL_LOCAL void wc_CryptoDev_Init(void); WOLFSSL_LOCAL void wc_CryptoDev_Init(void);
WOLFSSL_API int wc_CryptoDev_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx); WOLFSSL_API int wc_CryptoDev_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx);
WOLFSSL_API void wc_CryptoDev_UnRegisterDevice(int devId); WOLFSSL_API void wc_CryptoDev_UnRegisterDevice(int devId);
#ifndef NO_RSA #ifndef NO_RSA
WOLFSSL_LOCAL int wc_CryptoDev_Rsa(const byte* in, word32 inLen, byte* out, WOLFSSL_LOCAL int wc_CryptoDev_Rsa(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng); word32* outLen, int type, RsaKey* key, WC_RNG* rng);
@@ -162,8 +205,8 @@ WOLFSSL_LOCAL int wc_CryptoDev_EccVerify(const byte* sig, word32 siglen,
const byte* hash, word32 hashlen, int* res, ecc_key* key); const byte* hash, word32 hashlen, int* res, ecc_key* key);
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
#if !defined(NO_AES) && defined(HAVE_AESGCM) #ifndef NO_AES
#ifdef HAVE_AESGCM
WOLFSSL_LOCAL int wc_CryptoDev_AesGcmEncrypt(Aes* aes, byte* out, WOLFSSL_LOCAL int wc_CryptoDev_AesGcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz, const byte* iv, word32 ivSz, const byte* in, word32 sz, const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz); byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz);
@@ -172,10 +215,28 @@ WOLFSSL_LOCAL int wc_CryptoDev_AesGcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz, const byte* iv, word32 ivSz, const byte* in, word32 sz, const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz, const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz); const byte* authIn, word32 authInSz);
#endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
WOLFSSL_LOCAL int wc_CryptoDev_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_LOCAL int wc_CryptoDev_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES */
#endif /* !NO_AES && HAVE_AESGCM */ #ifndef NO_SHA
WOLFSSL_LOCAL int wc_CryptoDev_ShaHash(wc_Sha* sha, const byte* in,
word32 inSz, byte* digest);
#endif /* !NO_SHA */
WOLFSSL_LOCAL int wc_CryptoDev_Sha256Hash(const byte* data, word32 len, byte* hash); #ifndef NO_SHA256
WOLFSSL_LOCAL int wc_CryptoDev_Sha256Hash(wc_Sha256* sha256, const byte* in,
word32 inSz, byte* digest);
#endif /* !NO_SHA256 */
#ifndef WC_NO_RNG
WOLFSSL_LOCAL int wc_CryptoDev_RandomBlock(WC_RNG* rng, byte* out, word32 sz);
#endif
#endif /* WOLF_CRYPTO_DEV */ #endif /* WOLF_CRYPTO_DEV */

2
wolfssl/wolfcrypt/random.h
View File

@@ -157,6 +157,8 @@ struct WC_RNG {
#endif #endif
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev; WC_ASYNC_DEV asyncDev;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
int devId; int devId;
#endif #endif
}; };

4
wolfssl/wolfcrypt/sha.h
View File

@@ -123,6 +123,10 @@ typedef struct wc_Sha {
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev; WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLF_CRYPTO_DEV
int devId;
void* devCtx; /* generic crypto callback context */
#endif
#endif #endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ #if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)

4
wolfssl/wolfcrypt/sha256.h
View File

@@ -158,6 +158,10 @@ typedef struct wc_Sha256 {
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
WC_ESP32SHA ctx; WC_ESP32SHA ctx;
#endif #endif
#ifdef WOLF_CRYPTO_DEV
int devId;
void* devCtx; /* generic crypto callback context */
#endif
#endif #endif
} wc_Sha256; } wc_Sha256;

3
wolfssl/wolfcrypt/types.h
View File

@@ -522,8 +522,9 @@
WC_ALGO_TYPE_HASH = 1, WC_ALGO_TYPE_HASH = 1,
WC_ALGO_TYPE_CIPHER = 2, WC_ALGO_TYPE_CIPHER = 2,
WC_ALGO_TYPE_PK = 3, WC_ALGO_TYPE_PK = 3,
WC_ALGO_TYPE_RNG = 4,
WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_PK WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_RNG
}; };
/* hash types */ /* hash types */