diff --git a/examples/client/client.c b/examples/client/client.c index e78ad363e..3e79517d8 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -24,11 +24,11 @@ */ #ifdef HAVE_CONFIG_H - #include + #include #endif #ifndef WOLFSSL_USER_SETTINGS - #include + #include #endif #include @@ -42,10 +42,10 @@ static const char *wolfsentry_config_path = NULL; #endif /* WOLFSSL_WOLFSENTRY_HOOKS */ #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) - #include - #include - #include "rl_fs.h" - #include "rl_net.h" + #include + #include + #include "rl_fs.h" + #include "rl_net.h" #endif #include diff --git a/src/ssl.c b/src/ssl.c index 723c43069..86b57d30c 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -39208,6 +39208,8 @@ int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key) #else WC_RNG tmpRNG[1]; #endif + int ret; + ecc_key* ecKey; WOLFSSL_ENTER("wolfSSL_EC_KEY_generate_key"); @@ -39250,9 +39252,15 @@ int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key) /* NIDToEccEnum returns -1 for invalid NID so if key->group->curve_nid * is 0 then pass ECC_CURVE_DEF as arg */ + ecKey = (ecc_key*)key->internal; eccEnum = key->group->curve_nid ? NIDToEccEnum(key->group->curve_nid) : ECC_CURVE_DEF; - if (wc_ecc_make_key_ex(rng, 0, (ecc_key*)key->internal, eccEnum) != MP_OKAY) { + ret = wc_ecc_make_key_ex(rng, 0, ecKey, eccEnum); +#if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &ecKey->asyncDev, WC_ASYNC_FLAG_NONE); +#endif + + if (ret != 0) { WOLFSSL_MSG("wolfSSL_EC_KEY_generate_key wc_ecc_make_key failed"); #ifdef WOLFSSL_SMALL_STACK XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); diff --git a/tests/api.c b/tests/api.c index a0e09adf6..2e4d8a8a7 100644 --- a/tests/api.c +++ b/tests/api.c @@ -23933,6 +23933,9 @@ static int test_wc_ecc_make_key (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY14, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif /* Pass in bad args. */ if (ret == 0) { @@ -24016,6 +24019,9 @@ static int test_wc_ecc_check_key (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY14, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } @@ -24114,6 +24120,9 @@ static int test_wc_ecc_size (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY14, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } @@ -24198,6 +24207,9 @@ static int test_wc_ecc_signVerify_hash (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY14, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } @@ -24353,9 +24365,15 @@ static int test_wc_ecc_shared_secret (void) #else if (ret == 0) { ret = wc_ecc_make_key(&rng, keySz, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } if (ret == 0) { ret = wc_ecc_make_key(&rng, keySz, &pubKey); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &pubKey.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } #endif @@ -24445,6 +24463,9 @@ static int test_wc_ecc_export_x963 (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY20, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } printf(testingFmt, "wc_ecc_export_x963()"); @@ -24516,6 +24537,9 @@ static int test_wc_ecc_export_x963_ex (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY64, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } @@ -24622,6 +24646,9 @@ static int test_wc_ecc_import_x963 (void) } if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY24, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } if (ret == 0) { PRIVATE_KEY_UNLOCK(); @@ -24699,6 +24726,9 @@ static int ecc_import_private_key (void) } if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY48, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } if (ret == 0) { PRIVATE_KEY_UNLOCK(); @@ -24772,6 +24802,9 @@ static int test_wc_ecc_export_private_only (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY32, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } printf(testingFmt, "wc_ecc_export_private_only()"); @@ -25070,6 +25103,9 @@ static int test_wc_ecc_sig_size (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, keySz, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } @@ -25353,12 +25389,18 @@ static int test_wc_ecc_encryptDecrypt (void) ret = wc_ecc_init(&cliKey); if (ret == 0) { ret = wc_ecc_make_key(&rng, keySz, &cliKey); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &cliKey.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } if (ret == 0) { ret = wc_ecc_init(&srvKey); } if (ret == 0) { ret = wc_ecc_make_key(&rng, keySz, &srvKey); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &srvKey.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } if (ret == 0) { ret = wc_ecc_init(&tmpKey); @@ -25528,6 +25570,9 @@ static int test_wc_ecc_pointFns (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, keySz, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } @@ -25728,6 +25773,9 @@ static int test_wc_ecc_shared_secret_ssh (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, keySz, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } if (wc_FreeRng(&rng) && ret == 0) { ret = WOLFSSL_FATAL_ERROR; @@ -25740,6 +25788,9 @@ static int test_wc_ecc_shared_secret_ssh (void) } if (ret == 0) { ret = wc_ecc_make_key(&rng, key2Sz, &key2); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key2.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } @@ -25834,6 +25885,9 @@ static int test_wc_ecc_verify_hash_ex (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, keySz, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } if (ret == 0) { @@ -25953,6 +26007,9 @@ static int test_wc_ecc_mulmod (void) } if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY32, &key1); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key1.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } wc_FreeRng(&rng); } @@ -26031,6 +26088,9 @@ static int test_wc_ecc_is_valid_idx (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, 32, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } } @@ -26124,6 +26184,9 @@ static int test_wc_ecc_sig_size_calc (void) ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_ecc_make_key(&rng, 16, &key); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } sz = key.dp->size; } @@ -26210,6 +26273,9 @@ static int test_wc_EccPrivateKeyToDer (void) ret = wc_ecc_init(&eccKey); if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY14, &eccKey); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } inLen = (word32)sizeof(output); /* Bad Cases */ @@ -26666,6 +26732,9 @@ static int test_wc_SetSubjectKeyIdFromPublicKey_ex (void) ret = wc_ecc_init(&eccKey); if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY14, &eccKey); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } if (ret == 0) { ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey); @@ -26755,6 +26824,9 @@ static int test_wc_SetAuthKeyIdFromPublicKey_ex (void) ret = wc_ecc_init(&eccKey); if (ret == 0) { ret = wc_ecc_make_key(&rng, KEY14, &eccKey); + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE); + #endif } if (ret == 0) { ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey); @@ -38935,11 +39007,11 @@ static void test_wolfSSL_BIO_connect(void) } -static void test_wolfSSL_BIO_Qt_usecase(void) +static void test_wolfSSL_BIO_tls(void) { #if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT) - printf(testingFmt, "test_wolfSSL_BIO_Qt_usecase()"); + printf(testingFmt, "test_wolfSSL_BIO_tls()"); SSL_CTX* ctx; SSL *ssl; @@ -38958,8 +39030,18 @@ static void test_wolfSSL_BIO_Qt_usecase(void) * then writes the read data into read-bio. */ SSL_set_bio(ssl, readBio, writeBio); - AssertIntEQ(ret = SSL_connect(ssl), WOLFSSL_FATAL_ERROR); - err = SSL_get_error(ssl, ret); + + do { + #ifdef WOLFSSL_ASYNC_CRYPT + if (err == WC_PENDING_E) { + ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); + if (ret < 0) { break; } else if (ret == 0) { continue; } + } + #endif + ret = SSL_connect(ssl); + err = SSL_get_error(ssl, 0); + } while (err == WC_PENDING_E); + AssertIntEQ(ret, WOLFSSL_FATAL_ERROR); /* in this use case, should return WANT READ * so that Qt will read the data from plain packet for next state. */ @@ -47875,16 +47957,34 @@ static int test_tls13_apis(void) #ifdef HAVE_ECC AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER - AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1), - WOLFSSL_SUCCESS); + do { + ret = wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1); + #ifdef WOLFSSL_ASYNC_CRYPT + if (ret == WC_PENDING_E) + wolfSSL_AsyncPoll(serverSsl, WOLF_POLL_FLAG_CHECK_HW); + #endif + } while (ret == WC_PENDING_E); + AssertIntEQ(ret, WOLFSSL_SUCCESS); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 - AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1), - WOLFSSL_SUCCESS); + do { + ret = wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1); + #ifdef WOLFSSL_ASYNC_CRYPT + if (ret == WC_PENDING_E) + wolfSSL_AsyncPoll(clientTls12Ssl, WOLF_POLL_FLAG_CHECK_HW); + #endif + } while (ret == WC_PENDING_E); + AssertIntEQ(ret, WOLFSSL_SUCCESS); #endif - AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1), - WOLFSSL_SUCCESS); + do { + ret = wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1); + #ifdef WOLFSSL_ASYNC_CRYPT + if (ret == WC_PENDING_E) + wolfSSL_AsyncPoll(clientSsl, WOLF_POLL_FLAG_CHECK_HW); + #endif + } while (ret == WC_PENDING_E); + AssertIntEQ(ret, WOLFSSL_SUCCESS); #endif #elif defined(HAVE_CURVE25519) AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG); @@ -53360,7 +53460,7 @@ void ApiTest(void) test_wolfSSL_BIO_printf(); test_wolfSSL_BIO_f_md(); test_wolfSSL_BIO_up_ref(); - test_wolfSSL_BIO_Qt_usecase(); + test_wolfSSL_BIO_tls(); #endif test_wolfSSL_cert_cb(); test_wolfSSL_SESSION(); diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 897fff058..6e3e3baeb 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -210,6 +210,13 @@ ECC Curve Sizes: #define GEN_MEM_ERR MP_MEM #endif +#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \ + !defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC) && \ + !defined(WOLFSSL_CRYPTOCELL) && !defined(NO_ECC_MAKE_PUB) + #undef HAVE_ECC_MAKE_PUB + #define HAVE_ECC_MAKE_PUB +#endif + /* forward declarations */ static int wc_ecc_new_point_ex(ecc_point** point, void* heap); static void wc_ecc_del_point_ex(ecc_point* p, void* heap); @@ -4571,7 +4578,7 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point, SAVE_VECTOR_REGISTERS(return _svr_ret;); - switch(private_key->state) { + switch (private_key->state) { case ECC_STATE_NONE: case ECC_STATE_SHARED_SEC_GEN: private_key->state = ECC_STATE_SHARED_SEC_GEN; @@ -4780,6 +4787,8 @@ static WC_INLINE void wc_ecc_reset(ecc_key* key) * Note this function is local to the file because of the argument type * ecc_curve_spec. Having this argument allows for not having to load the * curve type multiple times when generating a key with wc_ecc_make_key(). + * For async the results are placed directly into pubOut, so this function + * does not need called again * * returns MP_OKAY on success */ @@ -4787,17 +4796,14 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn, ecc_point* pubOut, WC_RNG* rng) { int err = MP_OKAY; -#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) \ - && !defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC) -#if !defined(WOLFSSL_SP_MATH) +#ifdef HAVE_ECC_MAKE_PUB +#if !defined(WOLFSSL_SP_MATH) && !(defined(WOLFSSL_ASYNC_CRYPT) && \ + defined(WC_ASYNC_ENABLE_ECC) && defined(HAVE_INTEL_QA)) ecc_point* base = NULL; - #ifdef WOLFSSL_NO_MALLOC - ecc_point lcl_base; - #endif #endif ecc_point* pub; DECLARE_CURVE_SPECS(ECC_CURVE_FIELD_COUNT); -#endif /* !WOLFSSL_ATECC508A */ +#endif /* HAVE_ECC_MAKE_PUB */ (void)rng; @@ -4807,10 +4813,7 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn, SAVE_VECTOR_REGISTERS(return _svr_ret;); -#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) \ - && !defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC) && \ - !defined(WOLFSSL_CRYPTOCELL) - +#ifdef HAVE_ECC_MAKE_PUB /* if ecc_point passed in then use it as output for public key point */ if (pubOut != NULL) { pub = pubOut; @@ -4855,10 +4858,26 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn, #endif } +#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \ + defined(HAVE_INTEL_QA) + if (err == MP_OKAY) { + word32 keySz = key->dp->size; + /* sync private key to raw */ + err = wc_mp_to_bigint_sz(&key->k, &key->k.raw, keySz); + if (err == MP_OKAY) { + err = IntelQaEccPointMul(&key->asyncDev, + &key->k.raw, pub->x, pub->y, pub->z, + &curve->Gx->raw, &curve->Gy->raw, + &curve->Af->raw, &curve->Bf->raw, &curve->prime->raw, + key->dp->cofactor); + } + } +#else + +#ifdef WOLFSSL_HAVE_SP_ECC if (err != MP_OKAY) { } else -#ifdef WOLFSSL_HAVE_SP_ECC #ifndef WOLFSSL_SP_NO_256 if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) { err = sp_ecc_mulmod_base_256(&key->k, pub, 1, key->heap); @@ -4877,13 +4896,15 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn, } else #endif -#endif +#endif /* WOLFSSL_HAVE_SP_ECC */ + #if defined(WOLFSSL_SP_MATH) err = WC_KEY_SIZE_E; #else - { + if (err == MP_OKAY) { mp_digit mp = 0; #ifdef WOLFSSL_NO_MALLOC + ecc_point lcl_base; base = &lcl_base; #endif err = wc_ecc_new_point_ex(&base, key->heap); @@ -4914,9 +4935,14 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn, wc_ecc_del_point_ex(base, key->heap); } -#endif +#endif /* WOLFSSL_SP_MATH */ +#endif /* HAVE_INTEL_QA */ - if (err != MP_OKAY) { + if (err != MP_OKAY +#ifdef WOLFSSL_ASYNC_CRYPT + && err != WC_PENDING_E +#endif + ) { /* clean up if failed */ #ifndef ALT_ECC_SIZE mp_clear(pub->x); @@ -4932,9 +4958,10 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn, } #else + /* Using hardware crypto, that does not support ecc_make_pub_ex */ (void)curveIn; err = NOT_COMPILED_IN; -#endif /* WOLFSSL_ATECC508A || WOLFSSL_SILABS_SE_ACCEL */ +#endif /* HAVE_ECC_MAKE_PUB */ /* change key state if public part is cached */ if (key->type == ECC_PRIVATEKEY_ONLY && pubOut == NULL) { @@ -4983,15 +5010,11 @@ int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng) static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id, int flags) { - - int err; -#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \ - !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_KCAPI_ECC) && \ - !defined(WOLFSSL_SE050) -#if !defined(WOLFSSL_SP_MATH) + int err = 0; +#if defined(HAVE_ECC_MAKE_PUB) && !defined(WOLFSSL_SP_MATH) DECLARE_CURVE_SPECS(ECC_CURVE_FIELD_COUNT); #endif -#endif /* !WOLFSSL_ATECC508A */ + #if defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_ATECC508A) && \ !defined(WOLFSSL_ATECC608A) const CRYS_ECPKI_Domain_t* pDomain; @@ -5028,7 +5051,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, #ifdef HAVE_CAVIUM /* TODO: Not implemented */ #elif defined(HAVE_INTEL_QA) - /* TODO: Not implemented */ + /* Implemented in ecc_make_pub_ex for the pub calc */ #else if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_ECC_MAKE)) { WC_ASYNC_TEST* testDev = &key->asyncDev.test; @@ -5173,19 +5196,24 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, } /* generate k */ - if (err == MP_OKAY) + if (err == MP_OKAY) { err = wc_ecc_gen_k(rng, key->dp->size, &key->k, curve->order); + } /* generate public key from k */ - if (err == MP_OKAY) + if (err == MP_OKAY) { err = ecc_make_pub_ex(key, curve, NULL, rng); + } - if (err == MP_OKAY) + if (err == MP_OKAY + #ifdef WOLFSSL_ASYNC_CRYPT + || err == WC_PENDING_E + #endif + ) { key->type = ECC_PRIVATEKEY; - - /* cleanup these on failure case only */ - if (err != MP_OKAY) { - /* clean up */ + } + else { + /* cleanup these on failure case only */ mp_forcezero(&key->k); } @@ -5206,7 +5234,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, err = wc_mp_to_bigint(key->pubkey.z, &key->pubkey.z->raw); #endif -#endif /* WOLFSSL_ATECC508A */ +#endif /* HAVE_ECC_MAKE_PUB */ return err; } @@ -5654,7 +5682,7 @@ static int wc_ecc_sign_hash_async(const byte* in, word32 inlen, byte* out, r = key->r; s = key->s; - switch(key->state) { + switch (key->state) { case ECC_STATE_NONE: case ECC_STATE_SIGN_DO: key->state = ECC_STATE_SIGN_DO; @@ -5957,6 +5985,10 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng, err = _ecc_make_key_ex(rng, key->dp->size, pubkey, key->dp->id, WC_ECC_FLAG_NONE); } + #ifdef WOLFSSL_ASYNC_CRYPT + /* for async do blocking wait here */ + err = wc_AsyncWait(err, &pubkey->asyncDev, WC_ASYNC_FLAG_NONE); + #endif if (err != MP_OKAY) break; /* find r = x1 mod n */ @@ -7297,6 +7329,9 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, !defined(WOLFSSL_SMALL_STACK) mp_int r_lcl, s_lcl; #endif +#ifdef WOLFSSL_ASYNC_CRYPT + int isPrivateKeyOnly = 0; +#endif if (sig == NULL || hash == NULL || res == NULL || key == NULL) { return ECC_BAD_ARG_E; @@ -7356,7 +7391,11 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, case ECC_STATE_VERIFY_DO: key->state = ECC_STATE_VERIFY_DO; - + #ifdef WOLFSSL_ASYNC_CRYPT + if (key->type == ECC_PRIVATEKEY_ONLY) { + isPrivateKeyOnly = 1; + } + #endif err = wc_ecc_verify_hash_ex(r, s, hash, hashlen, res, key); #ifndef WOLFSSL_ASYNC_CRYPT @@ -7385,11 +7424,14 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, err = BAD_STATE_E; } +#ifdef WOLFSSL_ASYNC_CRYPT /* if async pending then return and skip done cleanup below */ if (err == WC_PENDING_E) { - key->state++; + if (!isPrivateKeyOnly) /* do not advance state if doing make pub key */ + key->state++; return err; } +#endif /* cleanup */ #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) @@ -7401,7 +7443,8 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, s = NULL; #endif - key->state = ECC_STATE_NONE; + /* make sure required variables are reset */ + wc_ecc_reset(key); return err; } diff --git a/wolfcrypt/src/wolfmath.c b/wolfcrypt/src/wolfmath.c index 4b0b88840..149b6a810 100644 --- a/wolfcrypt/src/wolfmath.c +++ b/wolfcrypt/src/wolfmath.c @@ -344,7 +344,7 @@ void wc_bigint_free(WC_BIGINT* a) /* sz: make sure the buffer is at least that size and zero padded. * A `sz == 0` will use the size of `src`. - * The calulcates sz is stored into dst->len in `wc_bigint_alloc`. + * The calculates sz is stored into dst->len in `wc_bigint_alloc`. */ int wc_mp_to_bigint_sz(mp_int* src, WC_BIGINT* dst, word32 sz) { diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 568a06c9a..789d0891c 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -21356,6 +21356,9 @@ static int ecc_test_make_pub(WC_RNG* rng) } #if !defined(WOLFSSL_CRYPTOCELL) ret = wc_ecc_make_pub(key, pubPoint); +#if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE); +#endif if (ret != 0) { ERROR_OUT(-9859, done); } @@ -23412,6 +23415,9 @@ static int ecc_test_allocator(WC_RNG* rng) #ifndef WC_NO_RNG ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, key); +#if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE); +#endif if (ret != 0) { ERROR_OUT(-10151, exit); }