feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #2514 from dgarske/fix_async_next_iv

Browse Source 
Various fixes for asynchronous mode
This commit is contained in:
toddouska
2019-10-16 13:52:47 -07:00
committed by GitHub
parent 928eb36b5e 5c07391f1b
commit 78e1336598
6 changed files with 64 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/ssl.c
View File

@ -17039,6 +17039,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_DES_key_schedule* ks3,
WOLFSSL_DES_cblock* ivec, int enc)
{
int ret;
Des3 des;
byte key[24];/* EDE uses 24 size key */
byte lastblock[DES_BLOCK_SIZE];
@ -17059,19 +17060,35 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (enc) {
wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_ENCRYPTION);
wc_Des3_CbcEncrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
ret = wc_Des3_CbcEncrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
(void)ret; /* ignore return codes for processing */
if(lb_sz){
XMEMSET(lastblock, 0, DES_BLOCK_SIZE);
XMEMCPY(lastblock, input+sz-lb_sz, lb_sz);
wc_Des3_CbcEncrypt(&des, output+blk*DES_BLOCK_SIZE,
ret = wc_Des3_CbcEncrypt(&des, output+blk*DES_BLOCK_SIZE,
lastblock, (word32)DES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
(void)ret; /* ignore return codes for processing */
}
}
else {
wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_DECRYPTION);
wc_Des3_CbcDecrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
ret = wc_Des3_CbcDecrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
(void)ret; /* ignore return codes for processing */
if(lb_sz){
wc_Des3_CbcDecrypt(&des, lastblock, input+sz-lb_sz, (word32)DES_BLOCK_SIZE);
ret = wc_Des3_CbcDecrypt(&des, lastblock, input+sz-lb_sz, (word32)DES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
(void)ret; /* ignore return codes for processing */
XMEMCPY(output+sz-lb_sz, lastblock, lb_sz);
}
}

41
wolfcrypt/src/aes.c
View File

@ -2292,15 +2292,13 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
aes->keylen = keylen;
aes->rounds = keylen/4 + 6;
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES) {
XMEMCPY(aes->asyncKey, userKey, keylen);
if (iv)
XMEMCPY(aes->asyncIv, iv, AES_BLOCK_SIZE);
}
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLF_CRYPTO_CB
if (aes->devId != INVALID_DEVID) {
#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
(defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES))
#ifdef WOLF_CRYPTO_CB
if (aes->devId != INVALID_DEVID)
#endif
{
XMEMCPY(aes->devKey, userKey, keylen);
}
#endif
@ -2333,7 +2331,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
#if defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
aes->ctx.cfd = -1;
XMEMCPY(aes->devKey, userKey, keylen);
#endif
#ifdef WOLFSSL_IMX6_CAAM_BLOB
ForceZero(local, sizeof(local));
@ -3036,8 +3033,8 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return NitroxAesCbcEncrypt(aes, out, in, sz);
#elif defined(HAVE_INTEL_QA)
return IntelQaSymAesCbcEncrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->asyncKey, aes->keylen,
(const byte*)aes->asyncIv, AES_BLOCK_SIZE);
(const byte*)aes->devKey, aes->keylen,
(byte*)aes->reg, AES_BLOCK_SIZE);
#else /* WOLFSSL_ASYNC_CRYPT_TEST */
if (wc_AsyncTestInit(&aes->asyncDev, ASYNC_TEST_AES_CBC_ENCRYPT)) {
WC_ASYNC_TEST* testDev = &aes->asyncDev.test;
@ -3135,8 +3132,8 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return NitroxAesCbcDecrypt(aes, out, in, sz);
#elif defined(HAVE_INTEL_QA)
return IntelQaSymAesCbcDecrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->asyncKey, aes->keylen,
(const byte*)aes->asyncIv, AES_BLOCK_SIZE);
(const byte*)aes->devKey, aes->keylen,
(byte*)aes->reg, AES_BLOCK_SIZE);
#else /* WOLFSSL_ASYNC_CRYPT_TEST */
if (wc_AsyncTestInit(&aes->asyncDev, ASYNC_TEST_AES_CBC_DECRYPT)) {
WC_ASYNC_TEST* testDev = &aes->asyncDev.test;
@ -3185,6 +3182,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
XMEMCPY(aes->tmp, in, AES_BLOCK_SIZE);
wc_AesDecrypt(aes, (byte*)aes->tmp, out);
xorbuf(out, (byte*)aes->reg, AES_BLOCK_SIZE);
/* store iv for next call */
XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
out += AES_BLOCK_SIZE;
@ -5687,13 +5685,13 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
#ifdef HAVE_CAVIUM_V
if (authInSz == 20) { /* Nitrox V GCM is only working with 20 byte AAD */
return NitroxAesGcmEncrypt(aes, out, in, sz,
(const byte*)aes->asyncKey, aes->keylen, iv, ivSz,
(const byte*)aes->devKey, aes->keylen, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
}
#endif
#elif defined(HAVE_INTEL_QA)
return IntelQaSymAesGcmEncrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->asyncKey, aes->keylen, iv, ivSz,
(const byte*)aes->devKey, aes->keylen, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
#else /* WOLFSSL_ASYNC_CRYPT_TEST */
if (wc_AsyncTestInit(&aes->asyncDev, ASYNC_TEST_AES_GCM_ENCRYPT)) {
@ -6123,13 +6121,13 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
#ifdef HAVE_CAVIUM_V
if (authInSz == 20) { /* Nitrox V GCM is only working with 20 byte AAD */
return NitroxAesGcmDecrypt(aes, out, in, sz,
(const byte*)aes->asyncKey, aes->keylen, iv, ivSz,
(const byte*)aes->devKey, aes->keylen, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
}
#endif
#elif defined(HAVE_INTEL_QA)
return IntelQaSymAesGcmDecrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->asyncKey, aes->keylen, iv, ivSz,
(const byte*)aes->devKey, aes->keylen, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
#else /* WOLFSSL_ASYNC_CRYPT_TEST */
if (wc_AsyncTestInit(&aes->asyncDev, ASYNC_TEST_AES_GCM_DECRYPT)) {
@ -6871,7 +6869,8 @@ void wc_AesFree(Aes* aes)
wc_DevCryptoFree(&aes->ctx);
#endif
#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)))
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
defined(WOLFSSL_ASYNC_CRYPT)
ForceZero((byte*)aes->devKey, AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE);
#endif
}
@ -6979,8 +6978,6 @@ int wc_AesCfbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
byte* tmp = NULL;
byte* reg = NULL;
WOLFSSL_ENTER("wc_AesCfbEncrypt");
if (aes == NULL || out == NULL || in == NULL) {
return BAD_FUNC_ARG;
}
@ -7040,8 +7037,6 @@ int wc_AesCfbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
byte* tmp;
WOLFSSL_ENTER("wc_AesCfbDecrypt");
if (aes == NULL || out == NULL || in == NULL) {
return BAD_FUNC_ARG;
}

26
wolfcrypt/src/des3.c
View File

@ -1447,18 +1447,12 @@
return BAD_FUNC_ARG;
}
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)
if (des->asyncDev.marker == WOLFSSL_ASYNC_MARKER_3DES) {
/* key_raw holds orignal key copy */
des->key_raw = key;
des->iv_raw = iv;
/* continue on to set normal key for smaller DES operations */
}
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLF_CRYPTO_CB
if (des->devId != INVALID_DEVID) {
#if defined(WOLF_CRYPTO_CB) || \
(defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES))
#ifdef WOLF_CRYPTO_CB
if (des->devId != INVALID_DEVID)
#endif
{
XMEMCPY(des->devKey, key, DES3_KEYLEN);
}
#endif
@ -1613,7 +1607,7 @@
return NitroxDes3CbcEncrypt(des, out, in, sz);
#elif defined(HAVE_INTEL_QA)
return IntelQaSymDes3CbcEncrypt(&des->asyncDev, out, in, sz,
des->key_raw, DES3_KEYLEN, (byte*)des->iv_raw, DES3_IVLEN);
(const byte*)des->devKey, DES3_KEYLEN, (byte*)des->reg, DES3_IVLEN);
#else /* WOLFSSL_ASYNC_CRYPT_TEST */
if (wc_AsyncTestInit(&des->asyncDev, ASYNC_TEST_DES3_CBC_ENCRYPT)) {
WC_ASYNC_TEST* testDev = &des->asyncDev.test;
@ -1664,7 +1658,7 @@
return NitroxDes3CbcDecrypt(des, out, in, sz);
#elif defined(HAVE_INTEL_QA)
return IntelQaSymDes3CbcDecrypt(&des->asyncDev, out, in, sz,
des->key_raw, DES3_KEYLEN, (byte*)des->iv_raw, DES3_IVLEN);
(const byte*)des->devKey, DES3_KEYLEN, (byte*)des->reg, DES3_IVLEN);
#else /* WOLFSSL_ASYNC_CRYPT_TEST */
if (wc_AsyncTestInit(&des->asyncDev, ASYNC_TEST_DES3_CBC_DECRYPT)) {
WC_ASYNC_TEST* testDev = &des->asyncDev.test;
@ -1786,6 +1780,10 @@ void wc_Des3Free(Des3* des3)
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)
wolfAsync_DevCtxFree(&des3->asyncDev, WOLFSSL_ASYNC_MARKER_3DES);
#endif /* WOLFSSL_ASYNC_CRYPT */
#if defined(WOLF_CRYPTO_CB) || \
(defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES))
ForceZero(des3->devKey, sizeof(des3->devKey));
#endif
}
#endif /* WOLFSSL_TI_CRYPT */

9
wolfcrypt/test/test.c
View File

@ -2642,7 +2642,7 @@ static int sha3_256_test(void)
"\xdc\x90\xc0\xb1\x25\xdb\x2c\x34\x81\xa3\xff\xbc\x1e\x2e\x87\xeb"
"\x6d\x70\x85\x61\xe0\xe9\x63\x61\xff\xe5\x84\x4b\x1f\x68\x05\x15";
#ifdef WOLFSSL_HASH_FLAGS
#if defined(WOLFSSL_HASH_FLAGS) && !defined(WOLFSSL_ASYNC_CRYPT)
/* test vector with hash of empty string */
const char* Keccak256EmptyOut =
"\xc5\xd2\x46\x01\x86\xf7\x23\x3c\x92\x7e\x7d\xb2\xdc\xc7\x03\xc0"
@ -2714,7 +2714,8 @@ static int sha3_256_test(void)
ERROR_OUT(-2608, exit);
} /* END LARGE HASH TEST */
#ifdef WOLFSSL_HASH_FLAGS
/* this is a software only variant of SHA3 not supported by external hardware devices */
#if defined(WOLFSSL_HASH_FLAGS) && !defined(WOLFSSL_ASYNC_CRYPT)
/* Test for Keccak256 */
ret = wc_Sha3_SetFlags(&sha, WC_HASH_SHA3_KECCAK256);
if (ret != 0) {
@ -2731,7 +2732,7 @@ static int sha3_256_test(void)
if (XMEMCMP(hash, Keccak256EmptyOut, WC_SHA3_256_DIGEST_SIZE) != 0) {
ERROR_OUT(-2612, exit);
}
#endif
#endif /* WOLFSSL_HASH_FLAGS && !WOLFSSL_ASYNC_CRYPT */
exit:
wc_Sha3_256_Free(&sha);
@ -6530,7 +6531,7 @@ int aes_test(void)
}
}
}
#endif /* WOLFSSL_AESNI HAVE_AES_DECRYPT */
#endif /* WOLFSSL_AESNI && HAVE_AES_DECRYPT */
/* Test of AES IV state with encrypt/decrypt */
#ifdef WOLFSSL_AES_128

7
wolfssl/wolfcrypt/aes.h
View File

@ -171,9 +171,7 @@ struct Aes {
byte id[AES_MAX_ID_LEN];
int idLen;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
word32 asyncKey[AES_MAX_KEY_SIZE/8/sizeof(word32)]; /* raw key */
word32 asyncIv[AES_BLOCK_SIZE/sizeof(word32)]; /* raw IV */
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB)
@ -196,7 +194,8 @@ struct Aes {
#endif
#endif
#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)))
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
(defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES))
word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
#endif
#if defined(WOLFSSL_DEVCRYPTO) && \

9
wolfssl/wolfcrypt/des3.h
View File

@ -99,13 +99,14 @@ struct Des3 {
word32 key[3][DES_KS_SIZE];
word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */
#ifdef WOLFSSL_ASYNC_CRYPT
const byte* key_raw;
const byte* iv_raw;
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)
WC_ASYNC_DEV asyncDev;
#endif
#ifdef WOLF_CRYPTO_CB
#if defined(WOLF_CRYPTO_CB) || \
(defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES))
word32 devKey[DES3_KEYLEN/sizeof(word32)]; /* raw key */
#endif
#ifdef WOLF_CRYPTO_CB
int devId;
void* devCtx;
#endif