feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Support for Intel QuickAssist ECC KeyGen acceleration.

Browse Source
This commit is contained in:
David Garske
2022-03-29 16:36:14 -07:00
parent 0989a14395
commit c905c613e9
6 changed files with 214 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
examples/client/client.c
View File

@ -24,11 +24,11 @@
*/ */
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
#include <config.h> #include <config.h>
#endif #endif
#ifndef WOLFSSL_USER_SETTINGS #ifndef WOLFSSL_USER_SETTINGS
#include <wolfssl/options.h> #include <wolfssl/options.h>
#endif #endif
#include <wolfssl/wolfcrypt/settings.h> #include <wolfssl/wolfcrypt/settings.h>
@ -42,10 +42,10 @@ static const char *wolfsentry_config_path = NULL;
#endif /* WOLFSSL_WOLFSENTRY_HOOKS */ #endif /* WOLFSSL_WOLFSENTRY_HOOKS */
#if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include "rl_fs.h" #include "rl_fs.h"
#include "rl_net.h" #include "rl_net.h"
#endif #endif
#include <wolfssl/test.h> #include <wolfssl/test.h>

10
src/ssl.c
View File

@ -39208,6 +39208,8 @@ int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key)
#else #else
WC_RNG tmpRNG[1]; WC_RNG tmpRNG[1];
#endif #endif
int ret;
ecc_key* ecKey;
WOLFSSL_ENTER("wolfSSL_EC_KEY_generate_key"); WOLFSSL_ENTER("wolfSSL_EC_KEY_generate_key");
@ -39250,9 +39252,15 @@ int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key)
/* NIDToEccEnum returns -1 for invalid NID so if key->group->curve_nid /* NIDToEccEnum returns -1 for invalid NID so if key->group->curve_nid
* is 0 then pass ECC_CURVE_DEF as arg */ * is 0 then pass ECC_CURVE_DEF as arg */
ecKey = (ecc_key*)key->internal;
eccEnum = key->group->curve_nid ? eccEnum = key->group->curve_nid ?
NIDToEccEnum(key->group->curve_nid) : ECC_CURVE_DEF; NIDToEccEnum(key->group->curve_nid) : ECC_CURVE_DEF;
if (wc_ecc_make_key_ex(rng, 0, (ecc_key*)key->internal, eccEnum) != MP_OKAY) { ret = wc_ecc_make_key_ex(rng, 0, ecKey, eccEnum);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &ecKey->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
WOLFSSL_MSG("wolfSSL_EC_KEY_generate_key wc_ecc_make_key failed"); WOLFSSL_MSG("wolfSSL_EC_KEY_generate_key wc_ecc_make_key failed");
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG);

122
tests/api.c
View File

@ -23933,6 +23933,9 @@ static int test_wc_ecc_make_key (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &key); ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
/* Pass in bad args. */ /* Pass in bad args. */
if (ret == 0) { if (ret == 0) {
@ -24016,6 +24019,9 @@ static int test_wc_ecc_check_key (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &key); ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
@ -24114,6 +24120,9 @@ static int test_wc_ecc_size (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &key); ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
@ -24198,6 +24207,9 @@ static int test_wc_ecc_signVerify_hash (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &key); ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
@ -24353,9 +24365,15 @@ static int test_wc_ecc_shared_secret (void)
#else #else
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &key); ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &pubKey); ret = wc_ecc_make_key(&rng, keySz, &pubKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &pubKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
#endif #endif
@ -24445,6 +24463,9 @@ static int test_wc_ecc_export_x963 (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY20, &key); ret = wc_ecc_make_key(&rng, KEY20, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
printf(testingFmt, "wc_ecc_export_x963()"); printf(testingFmt, "wc_ecc_export_x963()");
@ -24516,6 +24537,9 @@ static int test_wc_ecc_export_x963_ex (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY64, &key); ret = wc_ecc_make_key(&rng, KEY64, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
@ -24622,6 +24646,9 @@ static int test_wc_ecc_import_x963 (void)
} }
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY24, &key); ret = wc_ecc_make_key(&rng, KEY24, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
if (ret == 0) { if (ret == 0) {
PRIVATE_KEY_UNLOCK(); PRIVATE_KEY_UNLOCK();
@ -24699,6 +24726,9 @@ static int ecc_import_private_key (void)
} }
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY48, &key); ret = wc_ecc_make_key(&rng, KEY48, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
if (ret == 0) { if (ret == 0) {
PRIVATE_KEY_UNLOCK(); PRIVATE_KEY_UNLOCK();
@ -24772,6 +24802,9 @@ static int test_wc_ecc_export_private_only (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY32, &key); ret = wc_ecc_make_key(&rng, KEY32, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
printf(testingFmt, "wc_ecc_export_private_only()"); printf(testingFmt, "wc_ecc_export_private_only()");
@ -25070,6 +25103,9 @@ static int test_wc_ecc_sig_size (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &key); ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
@ -25353,12 +25389,18 @@ static int test_wc_ecc_encryptDecrypt (void)
ret = wc_ecc_init(&cliKey); ret = wc_ecc_init(&cliKey);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &cliKey); ret = wc_ecc_make_key(&rng, keySz, &cliKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &cliKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_init(&srvKey); ret = wc_ecc_init(&srvKey);
} }
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &srvKey); ret = wc_ecc_make_key(&rng, keySz, &srvKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &srvKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_init(&tmpKey); ret = wc_ecc_init(&tmpKey);
@ -25528,6 +25570,9 @@ static int test_wc_ecc_pointFns (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &key); ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
@ -25728,6 +25773,9 @@ static int test_wc_ecc_shared_secret_ssh (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &key); ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
if (wc_FreeRng(&rng) && ret == 0) { if (wc_FreeRng(&rng) && ret == 0) {
ret = WOLFSSL_FATAL_ERROR; ret = WOLFSSL_FATAL_ERROR;
@ -25740,6 +25788,9 @@ static int test_wc_ecc_shared_secret_ssh (void)
} }
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, key2Sz, &key2); ret = wc_ecc_make_key(&rng, key2Sz, &key2);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key2.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
@ -25834,6 +25885,9 @@ static int test_wc_ecc_verify_hash_ex (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &key); ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
if (ret == 0) { if (ret == 0) {
@ -25953,6 +26007,9 @@ static int test_wc_ecc_mulmod (void)
} }
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY32, &key1); ret = wc_ecc_make_key(&rng, KEY32, &key1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key1.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
wc_FreeRng(&rng); wc_FreeRng(&rng);
} }
@ -26031,6 +26088,9 @@ static int test_wc_ecc_is_valid_idx (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, 32, &key); ret = wc_ecc_make_key(&rng, 32, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
} }
@ -26124,6 +26184,9 @@ static int test_wc_ecc_sig_size_calc (void)
ret = wc_ecc_init(&key); ret = wc_ecc_init(&key);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, 16, &key); ret = wc_ecc_make_key(&rng, 16, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
sz = key.dp->size; sz = key.dp->size;
} }
@ -26210,6 +26273,9 @@ static int test_wc_EccPrivateKeyToDer (void)
ret = wc_ecc_init(&eccKey); ret = wc_ecc_init(&eccKey);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &eccKey); ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
inLen = (word32)sizeof(output); inLen = (word32)sizeof(output);
/* Bad Cases */ /* Bad Cases */
@ -26666,6 +26732,9 @@ static int test_wc_SetSubjectKeyIdFromPublicKey_ex (void)
ret = wc_ecc_init(&eccKey); ret = wc_ecc_init(&eccKey);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &eccKey); ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
if (ret == 0) { if (ret == 0) {
ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey); ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey);
@ -26755,6 +26824,9 @@ static int test_wc_SetAuthKeyIdFromPublicKey_ex (void)
ret = wc_ecc_init(&eccKey); ret = wc_ecc_init(&eccKey);
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &eccKey); ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
} }
if (ret == 0) { if (ret == 0) {
ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey); ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey);
@ -38935,11 +39007,11 @@ static void test_wolfSSL_BIO_connect(void)
} }
static void test_wolfSSL_BIO_Qt_usecase(void) static void test_wolfSSL_BIO_tls(void)
{ {
#if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT) #if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT)
printf(testingFmt, "test_wolfSSL_BIO_Qt_usecase()"); printf(testingFmt, "test_wolfSSL_BIO_tls()");
SSL_CTX* ctx; SSL_CTX* ctx;
SSL *ssl; SSL *ssl;
@ -38958,8 +39030,18 @@ static void test_wolfSSL_BIO_Qt_usecase(void)
* then writes the read data into read-bio. * then writes the read data into read-bio.
*/ */
SSL_set_bio(ssl, readBio, writeBio); SSL_set_bio(ssl, readBio, writeBio);
AssertIntEQ(ret = SSL_connect(ssl), WOLFSSL_FATAL_ERROR);
err = SSL_get_error(ssl, ret); do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = SSL_connect(ssl);
err = SSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
AssertIntEQ(ret, WOLFSSL_FATAL_ERROR);
/* in this use case, should return WANT READ /* in this use case, should return WANT READ
* so that Qt will read the data from plain packet for next state. * so that Qt will read the data from plain packet for next state.
*/ */
@ -47875,16 +47957,34 @@ static int test_tls13_apis(void)
#ifdef HAVE_ECC #ifdef HAVE_ECC
AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1), do {
WOLFSSL_SUCCESS); ret = wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(serverSsl, WOLF_POLL_FLAG_CHECK_HW);
#endif
} while (ret == WC_PENDING_E);
AssertIntEQ(ret, WOLFSSL_SUCCESS);
#endif #endif
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12 #ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1), do {
WOLFSSL_SUCCESS); ret = wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(clientTls12Ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
} while (ret == WC_PENDING_E);
AssertIntEQ(ret, WOLFSSL_SUCCESS);
#endif #endif
AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1), do {
WOLFSSL_SUCCESS); ret = wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(clientSsl, WOLF_POLL_FLAG_CHECK_HW);
#endif
} while (ret == WC_PENDING_E);
AssertIntEQ(ret, WOLFSSL_SUCCESS);
#endif #endif
#elif defined(HAVE_CURVE25519) #elif defined(HAVE_CURVE25519)
AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG);
@ -53360,7 +53460,7 @@ void ApiTest(void)
test_wolfSSL_BIO_printf(); test_wolfSSL_BIO_printf();
test_wolfSSL_BIO_f_md(); test_wolfSSL_BIO_f_md();
test_wolfSSL_BIO_up_ref(); test_wolfSSL_BIO_up_ref();
test_wolfSSL_BIO_Qt_usecase(); test_wolfSSL_BIO_tls();
#endif #endif
test_wolfSSL_cert_cb(); test_wolfSSL_cert_cb();
test_wolfSSL_SESSION(); test_wolfSSL_SESSION();

119
wolfcrypt/src/ecc.c
View File

@ -210,6 +210,13 @@ ECC Curve Sizes:
#define GEN_MEM_ERR MP_MEM #define GEN_MEM_ERR MP_MEM
#endif #endif
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC) && \
!defined(WOLFSSL_CRYPTOCELL) && !defined(NO_ECC_MAKE_PUB)
#undef HAVE_ECC_MAKE_PUB
#define HAVE_ECC_MAKE_PUB
#endif
/* forward declarations */ /* forward declarations */
static int wc_ecc_new_point_ex(ecc_point** point, void* heap); static int wc_ecc_new_point_ex(ecc_point** point, void* heap);
static void wc_ecc_del_point_ex(ecc_point* p, void* heap); static void wc_ecc_del_point_ex(ecc_point* p, void* heap);
@ -4571,7 +4578,7 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
SAVE_VECTOR_REGISTERS(return _svr_ret;); SAVE_VECTOR_REGISTERS(return _svr_ret;);
switch(private_key->state) { switch (private_key->state) {
case ECC_STATE_NONE: case ECC_STATE_NONE:
case ECC_STATE_SHARED_SEC_GEN: case ECC_STATE_SHARED_SEC_GEN:
private_key->state = ECC_STATE_SHARED_SEC_GEN; private_key->state = ECC_STATE_SHARED_SEC_GEN;
@ -4780,6 +4787,8 @@ static WC_INLINE void wc_ecc_reset(ecc_key* key)
* Note this function is local to the file because of the argument type * Note this function is local to the file because of the argument type
* ecc_curve_spec. Having this argument allows for not having to load the * ecc_curve_spec. Having this argument allows for not having to load the
* curve type multiple times when generating a key with wc_ecc_make_key(). * curve type multiple times when generating a key with wc_ecc_make_key().
* For async the results are placed directly into pubOut, so this function
* does not need called again
* *
* returns MP_OKAY on success * returns MP_OKAY on success
*/ */
@ -4787,17 +4796,14 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
ecc_point* pubOut, WC_RNG* rng) ecc_point* pubOut, WC_RNG* rng)
{ {
int err = MP_OKAY; int err = MP_OKAY;
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) \ #ifdef HAVE_ECC_MAKE_PUB
&& !defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC) #if !defined(WOLFSSL_SP_MATH) && !(defined(WOLFSSL_ASYNC_CRYPT) && \
#if !defined(WOLFSSL_SP_MATH) defined(WC_ASYNC_ENABLE_ECC) && defined(HAVE_INTEL_QA))
ecc_point* base = NULL; ecc_point* base = NULL;
#ifdef WOLFSSL_NO_MALLOC
ecc_point lcl_base;
#endif
#endif #endif
ecc_point* pub; ecc_point* pub;
DECLARE_CURVE_SPECS(ECC_CURVE_FIELD_COUNT); DECLARE_CURVE_SPECS(ECC_CURVE_FIELD_COUNT);
#endif /* !WOLFSSL_ATECC508A */ #endif /* HAVE_ECC_MAKE_PUB */
(void)rng; (void)rng;
@ -4807,10 +4813,7 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
SAVE_VECTOR_REGISTERS(return _svr_ret;); SAVE_VECTOR_REGISTERS(return _svr_ret;);
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) \ #ifdef HAVE_ECC_MAKE_PUB
&& !defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC) && \
!defined(WOLFSSL_CRYPTOCELL)
/* if ecc_point passed in then use it as output for public key point */ /* if ecc_point passed in then use it as output for public key point */
if (pubOut != NULL) { if (pubOut != NULL) {
pub = pubOut; pub = pubOut;
@ -4855,10 +4858,26 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
#endif #endif
} }
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
defined(HAVE_INTEL_QA)
if (err == MP_OKAY) {
word32 keySz = key->dp->size;
/* sync private key to raw */
err = wc_mp_to_bigint_sz(&key->k, &key->k.raw, keySz);
if (err == MP_OKAY) {
err = IntelQaEccPointMul(&key->asyncDev,
&key->k.raw, pub->x, pub->y, pub->z,
&curve->Gx->raw, &curve->Gy->raw,
&curve->Af->raw, &curve->Bf->raw, &curve->prime->raw,
key->dp->cofactor);
}
}
#else
#ifdef WOLFSSL_HAVE_SP_ECC
if (err != MP_OKAY) { if (err != MP_OKAY) {
} }
else else
#ifdef WOLFSSL_HAVE_SP_ECC
#ifndef WOLFSSL_SP_NO_256 #ifndef WOLFSSL_SP_NO_256
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) { if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) {
err = sp_ecc_mulmod_base_256(&key->k, pub, 1, key->heap); err = sp_ecc_mulmod_base_256(&key->k, pub, 1, key->heap);
@ -4877,13 +4896,15 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
} }
else else
#endif #endif
#endif #endif /* WOLFSSL_HAVE_SP_ECC */
#if defined(WOLFSSL_SP_MATH) #if defined(WOLFSSL_SP_MATH)
err = WC_KEY_SIZE_E; err = WC_KEY_SIZE_E;
#else #else
{ if (err == MP_OKAY) {
mp_digit mp = 0; mp_digit mp = 0;
#ifdef WOLFSSL_NO_MALLOC #ifdef WOLFSSL_NO_MALLOC
ecc_point lcl_base;
base = &lcl_base; base = &lcl_base;
#endif #endif
err = wc_ecc_new_point_ex(&base, key->heap); err = wc_ecc_new_point_ex(&base, key->heap);
@ -4914,9 +4935,14 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
wc_ecc_del_point_ex(base, key->heap); wc_ecc_del_point_ex(base, key->heap);
} }
#endif #endif /* WOLFSSL_SP_MATH */
#endif /* HAVE_INTEL_QA */
if (err != MP_OKAY) { if (err != MP_OKAY
#ifdef WOLFSSL_ASYNC_CRYPT
&& err != WC_PENDING_E
#endif
) {
/* clean up if failed */ /* clean up if failed */
#ifndef ALT_ECC_SIZE #ifndef ALT_ECC_SIZE
mp_clear(pub->x); mp_clear(pub->x);
@ -4932,9 +4958,10 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
} }
#else #else
/* Using hardware crypto, that does not support ecc_make_pub_ex */
(void)curveIn; (void)curveIn;
err = NOT_COMPILED_IN; err = NOT_COMPILED_IN;
#endif /* WOLFSSL_ATECC508A || WOLFSSL_SILABS_SE_ACCEL */ #endif /* HAVE_ECC_MAKE_PUB */
/* change key state if public part is cached */ /* change key state if public part is cached */
if (key->type == ECC_PRIVATEKEY_ONLY && pubOut == NULL) { if (key->type == ECC_PRIVATEKEY_ONLY && pubOut == NULL) {
@ -4983,15 +5010,11 @@ int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng)
static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
int curve_id, int flags) int curve_id, int flags)
{ {
int err = 0;
int err; #if defined(HAVE_ECC_MAKE_PUB) && !defined(WOLFSSL_SP_MATH)
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_KCAPI_ECC) && \
!defined(WOLFSSL_SE050)
#if !defined(WOLFSSL_SP_MATH)
DECLARE_CURVE_SPECS(ECC_CURVE_FIELD_COUNT); DECLARE_CURVE_SPECS(ECC_CURVE_FIELD_COUNT);
#endif #endif
#endif /* !WOLFSSL_ATECC508A */
#if defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_ATECC508A) && \ #if defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A) !defined(WOLFSSL_ATECC608A)
const CRYS_ECPKI_Domain_t* pDomain; const CRYS_ECPKI_Domain_t* pDomain;
@ -5028,7 +5051,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
#ifdef HAVE_CAVIUM #ifdef HAVE_CAVIUM
/* TODO: Not implemented */ /* TODO: Not implemented */
#elif defined(HAVE_INTEL_QA) #elif defined(HAVE_INTEL_QA)
/* TODO: Not implemented */ /* Implemented in ecc_make_pub_ex for the pub calc */
#else #else
if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_ECC_MAKE)) { if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_ECC_MAKE)) {
WC_ASYNC_TEST* testDev = &key->asyncDev.test; WC_ASYNC_TEST* testDev = &key->asyncDev.test;
@ -5173,19 +5196,24 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
} }
/* generate k */ /* generate k */
if (err == MP_OKAY) if (err == MP_OKAY) {
err = wc_ecc_gen_k(rng, key->dp->size, &key->k, curve->order); err = wc_ecc_gen_k(rng, key->dp->size, &key->k, curve->order);
}
/* generate public key from k */ /* generate public key from k */
if (err == MP_OKAY) if (err == MP_OKAY) {
err = ecc_make_pub_ex(key, curve, NULL, rng); err = ecc_make_pub_ex(key, curve, NULL, rng);
}
if (err == MP_OKAY) if (err == MP_OKAY
#ifdef WOLFSSL_ASYNC_CRYPT
|| err == WC_PENDING_E
#endif
) {
key->type = ECC_PRIVATEKEY; key->type = ECC_PRIVATEKEY;
}
/* cleanup these on failure case only */ else {
if (err != MP_OKAY) { /* cleanup these on failure case only */
/* clean up */
mp_forcezero(&key->k); mp_forcezero(&key->k);
} }
@ -5206,7 +5234,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
err = wc_mp_to_bigint(key->pubkey.z, &key->pubkey.z->raw); err = wc_mp_to_bigint(key->pubkey.z, &key->pubkey.z->raw);
#endif #endif
#endif /* WOLFSSL_ATECC508A */ #endif /* HAVE_ECC_MAKE_PUB */
return err; return err;
} }
@ -5654,7 +5682,7 @@ static int wc_ecc_sign_hash_async(const byte* in, word32 inlen, byte* out,
r = key->r; r = key->r;
s = key->s; s = key->s;
switch(key->state) { switch (key->state) {
case ECC_STATE_NONE: case ECC_STATE_NONE:
case ECC_STATE_SIGN_DO: case ECC_STATE_SIGN_DO:
key->state = ECC_STATE_SIGN_DO; key->state = ECC_STATE_SIGN_DO;
@ -5957,6 +5985,10 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng,
err = _ecc_make_key_ex(rng, key->dp->size, pubkey, key->dp->id, err = _ecc_make_key_ex(rng, key->dp->size, pubkey, key->dp->id,
WC_ECC_FLAG_NONE); WC_ECC_FLAG_NONE);
} }
#ifdef WOLFSSL_ASYNC_CRYPT
/* for async do blocking wait here */
err = wc_AsyncWait(err, &pubkey->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (err != MP_OKAY) break; if (err != MP_OKAY) break;
/* find r = x1 mod n */ /* find r = x1 mod n */
@ -7297,6 +7329,9 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
!defined(WOLFSSL_SMALL_STACK) !defined(WOLFSSL_SMALL_STACK)
mp_int r_lcl, s_lcl; mp_int r_lcl, s_lcl;
#endif #endif
#ifdef WOLFSSL_ASYNC_CRYPT
int isPrivateKeyOnly = 0;
#endif
if (sig == NULL || hash == NULL || res == NULL || key == NULL) { if (sig == NULL || hash == NULL || res == NULL || key == NULL) {
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;
@ -7356,7 +7391,11 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
case ECC_STATE_VERIFY_DO: case ECC_STATE_VERIFY_DO:
key->state = ECC_STATE_VERIFY_DO; key->state = ECC_STATE_VERIFY_DO;
#ifdef WOLFSSL_ASYNC_CRYPT
if (key->type == ECC_PRIVATEKEY_ONLY) {
isPrivateKeyOnly = 1;
}
#endif
err = wc_ecc_verify_hash_ex(r, s, hash, hashlen, res, key); err = wc_ecc_verify_hash_ex(r, s, hash, hashlen, res, key);
#ifndef WOLFSSL_ASYNC_CRYPT #ifndef WOLFSSL_ASYNC_CRYPT
@ -7385,11 +7424,14 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
err = BAD_STATE_E; err = BAD_STATE_E;
} }
#ifdef WOLFSSL_ASYNC_CRYPT
/* if async pending then return and skip done cleanup below */ /* if async pending then return and skip done cleanup below */
if (err == WC_PENDING_E) { if (err == WC_PENDING_E) {
key->state++; if (!isPrivateKeyOnly) /* do not advance state if doing make pub key */
key->state++;
return err; return err;
} }
#endif
/* cleanup */ /* cleanup */
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
@ -7401,7 +7443,8 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
s = NULL; s = NULL;
#endif #endif
key->state = ECC_STATE_NONE; /* make sure required variables are reset */
wc_ecc_reset(key);
return err; return err;
} }

2
wolfcrypt/src/wolfmath.c
View File

@ -344,7 +344,7 @@ void wc_bigint_free(WC_BIGINT* a)
/* sz: make sure the buffer is at least that size and zero padded. /* sz: make sure the buffer is at least that size and zero padded.
* A `sz == 0` will use the size of `src`. * A `sz == 0` will use the size of `src`.
* The calulcates sz is stored into dst->len in `wc_bigint_alloc`. * The calculates sz is stored into dst->len in `wc_bigint_alloc`.
*/ */
int wc_mp_to_bigint_sz(mp_int* src, WC_BIGINT* dst, word32 sz) int wc_mp_to_bigint_sz(mp_int* src, WC_BIGINT* dst, word32 sz)
{ {

6
wolfcrypt/test/test.c
View File

@ -21356,6 +21356,9 @@ static int ecc_test_make_pub(WC_RNG* rng)
} }
#if !defined(WOLFSSL_CRYPTOCELL) #if !defined(WOLFSSL_CRYPTOCELL)
ret = wc_ecc_make_pub(key, pubPoint); ret = wc_ecc_make_pub(key, pubPoint);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) { if (ret != 0) {
ERROR_OUT(-9859, done); ERROR_OUT(-9859, done);
} }
@ -23412,6 +23415,9 @@ static int ecc_test_allocator(WC_RNG* rng)
#ifndef WC_NO_RNG #ifndef WC_NO_RNG
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, key); ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) { if (ret != 0) {
ERROR_OUT(-10151, exit); ERROR_OUT(-10151, exit);
} }