From c23489e6ed40b417dc340d4b87a83bd526d8d088 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 10 Dec 2018 16:51:54 -0800 Subject: [PATCH] Added support for QAT RSA Key Generation. --- configure.ac | 2 +- wolfcrypt/benchmark/benchmark.c | 5 +-- wolfcrypt/src/rsa.c | 62 ++++++++++++++------------------- wolfcrypt/test/test.c | 2 +- 4 files changed, 30 insertions(+), 41 deletions(-) diff --git a/configure.ac b/configure.ac index 5dc354df1..ceeaffab8 100644 --- a/configure.ac +++ b/configure.ac @@ -1681,7 +1681,7 @@ if test "$ENABLED_STACKSIZE" = "yes" then AC_CHECK_FUNC([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)]) AC_CHECK_FUNC([pthread_attr_setstack], [], AC_CHECK_LIB([pthread],[pthread_attr_setstack])) - AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE -DWOLFSSL_LOW_MEMORY" + AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE" fi diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 06f1263f4..a2162568b 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -1452,16 +1452,13 @@ static void* benchmarks_do(void* args) bench_rsaKeyGen(0); } #endif - #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) - /* async supported in simulator only */ - #ifdef WOLFSSL_ASYNC_CRYPT_TEST + #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA_KEYGEN) if (bench_asym_algs & BENCH_RSA_SZ) { bench_rsaKeyGen_size(1, bench_size); } else { bench_rsaKeyGen(1); } - #endif #endif } #endif diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index c5c50c7e3..f297890e1 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -3057,7 +3057,7 @@ static int _CheckProbablePrime(mp_int* p, mp_int* q, mp_int* e, int nlen, if (ret != MP_EQ) goto exit; /* e divides p-1 */ /* 4.5.1,5.6.1 - Check primality of p with 8 rounds of M-R. - * mp_prime_is_prime_ex() performs test divisons against the first 256 + * mp_prime_is_prime_ex() performs test divisions against the first 256 * prime numbers. After that it performs 8 rounds of M-R using random * bases between 2 and n-2. * mp_prime_is_prime() performs the same test divisions and then does @@ -3162,12 +3162,13 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) } #endif -#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) +#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) && \ + defined(WC_ASYNC_ENABLE_RSA_KEYGEN) if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_RSA) { #ifdef HAVE_CAVIUM /* TODO: Not implemented */ #elif defined(HAVE_INTEL_QA) - /* TODO: Not implemented */ + return IntelQaRsaKeyGen(&key->asyncDev, key, size, e, rng); #else if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_RSA_MAKE)) { WC_ASYNC_TEST* testDev = &key->asyncDev.test; @@ -3210,7 +3211,6 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) #endif /* generate value */ err = wc_RNG_GenerateBlock(rng, buf, primeSz); - if (err == 0) { /* prime lower bound has the MSB set, set it in candidate */ buf[0] |= 0x80; @@ -3246,7 +3246,6 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) #endif /* generate value */ err = wc_RNG_GenerateBlock(rng, buf, primeSz); - if (err == 0) { /* prime lower bound has the MSB set, set it in candidate */ buf[0] |= 0x80; @@ -3276,50 +3275,40 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) XFREE(buf, key->heap, DYNAMIC_TYPE_RSA); } + + /* Setup RsaKey buffers */ if (err == MP_OKAY) err = mp_init_multi(&key->n, &key->e, &key->d, &key->p, &key->q, NULL); - if (err == MP_OKAY) err = mp_init_multi(&key->dP, &key->dQ, &key->u, NULL, NULL, NULL); - if (err == MP_OKAY) - err = mp_sub_d(&p, 1, &tmp1); /* tmp1 = p-1 */ - - if (err == MP_OKAY) - err = mp_sub_d(&q, 1, &tmp2); /* tmp2 = q-1 */ - - if (err == MP_OKAY) - err = mp_lcm(&tmp1, &tmp2, &tmp3); /* tmp3 = lcm(p-1, q-1),last loop */ - + /* Software Key Calculation */ + if (err == MP_OKAY) /* tmp1 = p-1 */ + err = mp_sub_d(&p, 1, &tmp1); + if (err == MP_OKAY) /* tmp2 = q-1 */ + err = mp_sub_d(&q, 1, &tmp2); + if (err == MP_OKAY) /* tmp3 = lcm(p-1, q-1), last loop */ + err = mp_lcm(&tmp1, &tmp2, &tmp3); /* make key */ - if (err == MP_OKAY) - err = mp_set_int(&key->e, (mp_digit)e); /* key->e = e */ - + if (err == MP_OKAY) /* key->e = e */ + err = mp_set_int(&key->e, (mp_digit)e); if (err == MP_OKAY) /* key->d = 1/e mod lcm(p-1, q-1) */ err = mp_invmod(&key->e, &tmp3, &key->d); - - if (err == MP_OKAY) - err = mp_mul(&p, &q, &key->n); /* key->n = pq */ - - if (err == MP_OKAY) - err = mp_mod(&key->d, &tmp1, &key->dP); /* key->dP = d mod(p-1) */ - - if (err == MP_OKAY) - err = mp_mod(&key->d, &tmp2, &key->dQ); /* key->dQ = d mod(q-1) */ - - if (err == MP_OKAY) - err = mp_invmod(&q, &p, &key->u); /* key->u = 1/q mod p */ - + if (err == MP_OKAY) /* key->n = pq */ + err = mp_mul(&p, &q, &key->n); + if (err == MP_OKAY) /* key->dP = d mod(p-1) */ + err = mp_mod(&key->d, &tmp1, &key->dP); + if (err == MP_OKAY) /* key->dQ = d mod(q-1) */ + err = mp_mod(&key->d, &tmp2, &key->dQ); + if (err == MP_OKAY) /* key->u = 1/q mod p */ + err = mp_invmod(&q, &p, &key->u); if (err == MP_OKAY) err = mp_copy(&p, &key->p); - if (err == MP_OKAY) err = mp_copy(&q, &key->q); - if (err == MP_OKAY) - key->type = RSA_PRIVATE; - #ifdef HAVE_WOLF_BIGINT + /* make sure raw unsigned bin version is available */ if (err == MP_OKAY) err = wc_mp_to_bigint(&key->n, &key->n.raw); if (err == MP_OKAY) @@ -3338,6 +3327,9 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) err = wc_mp_to_bigint(&key->u, &key->u.raw); #endif + if (err == MP_OKAY) + key->type = RSA_PRIVATE; + mp_clear(&tmp1); mp_clear(&tmp2); mp_clear(&tmp3); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 4f3be7c45..46ec6bb9d 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -10713,7 +10713,7 @@ static int rsa_keygen_test(WC_RNG* rng) keySz = 2048; #endif /* HAVE_FIPS */ - ret = wc_InitRsaKey(&genKey, HEAP_HINT); + ret = wc_InitRsaKey_ex(&genKey, HEAP_HINT, devId); if (ret != 0) { ERROR_OUT(-6962, exit_rsa); }