diff --git a/src/ssl.c b/src/ssl.c index d34515744..d0d7b6808 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -7590,7 +7590,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, #endif WOLFSSL_MSG("Checking cert signature type"); - InitDecodedCert(cert, der->buffer, der->length, heap); + InitDecodedCert_ex(cert, der->buffer, der->length, heap, devId); if (DecodeToKey(cert, 0) < 0) { WOLFSSL_MSG("Decode to key failed"); @@ -9831,7 +9831,7 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, void* heap, size = cert->length; buff = cert->buffer; - InitDecodedCert(der, buff, size, heap); + InitDecodedCert_ex(der, buff, size, heap, devId); if (ParseCertRelative(der, CERT_TYPE, NO_VERIFY, NULL) != 0) { FreeDecodedCert(der); #ifdef WOLFSSL_SMALL_STACK @@ -20619,7 +20619,8 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, ret = wolfSSL_X509_dup(&ssl->peerCert); #ifdef SESSION_CERTS else if (ssl->session->chain.count > 0) { - if (DecodeToX509(&ssl->peerCert, ssl->session->chain.certs[0].buffer, + if (DecodeToX509(&ssl->peerCert, + ssl->session->chain.certs[0].buffer, ssl->session->chain.certs[0].length) == 0) { ret = wolfSSL_X509_dup(&ssl->peerCert); } diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 29211f240..29c9bb2a8 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -11117,6 +11117,21 @@ int wc_DsaKeyToParamsDer_ex(DsaKey* key, byte* output, word32* inLen) */ void InitDecodedCert(DecodedCert* cert, const byte* source, word32 inSz, void* heap) +{ + InitDecodedCert_ex(cert, source, inSz, heap, INVALID_DEVID); +} + + +/* Initialize decoded certificate object with buffer of DER encoding. + * + * @param [in, out] cert Decoded certificate object. + * @param [in] source Buffer containing DER encoded certificate. + * @param [in] inSz Size of DER data in buffer in bytes. + * @param [in] heap Dynamic memory hint. + * @param [in] devId Crypto callback ID to use. + */ +void InitDecodedCert_ex(DecodedCert* cert, + const byte* source, word32 inSz, void* heap, int devId) { if (cert != NULL) { XMEMSET(cert, 0, sizeof(DecodedCert)); @@ -11152,7 +11167,7 @@ void InitDecodedCert(DecodedCert* cert, #endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */ #ifndef NO_CERTS - InitSignatureCtx(&cert->sigCtx, heap, INVALID_DEVID); + InitSignatureCtx(&cert->sigCtx, heap, devId); #endif } } @@ -20958,6 +20973,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, if (sigCtx == NULL) return MEMORY_E; #endif + InitSignatureCtx(sigCtx, heap, INVALID_DEVID); /* Certificate SEQUENCE */ @@ -24653,7 +24669,8 @@ void wc_SetCert_Free(Cert* cert) } } -static int wc_SetCert_LoadDer(Cert* cert, const byte* der, word32 derSz) +static int wc_SetCert_LoadDer(Cert* cert, const byte* der, word32 derSz, + int devId) { int ret; @@ -24671,8 +24688,8 @@ static int wc_SetCert_LoadDer(Cert* cert, const byte* der, word32 derSz) else { XMEMSET(cert->decodedCert, 0, sizeof(DecodedCert)); - InitDecodedCert((DecodedCert*)cert->decodedCert, der, derSz, - cert->heap); + InitDecodedCert_ex((DecodedCert*)cert->decodedCert, der, derSz, + cert->heap, devId); ret = ParseCertRelative((DecodedCert*)cert->decodedCert, CERT_TYPE, 0, NULL); if (ret >= 0) { @@ -30226,7 +30243,7 @@ int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz) /* Check if decodedCert is cached */ if (cert->der != der) { /* Allocate cache for the decoded cert */ - ret = wc_SetCert_LoadDer(cert, der, (word32)derSz); + ret = wc_SetCert_LoadDer(cert, der, (word32)derSz, INVALID_DEVID); } if (ret >= 0) { @@ -30467,7 +30484,8 @@ static int SetAltNamesFromDcert(Cert* cert, DecodedCert* decoded) #ifndef NO_FILESYSTEM /* Set Alt Names from der cert, return 0 on success */ -static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz) +static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz, + int devId) { int ret; #ifdef WOLFSSL_SMALL_STACK @@ -30486,7 +30504,7 @@ static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz) return MEMORY_E; #endif - InitDecodedCert(decoded, der, (word32)derSz, NULL); + InitDecodedCert_ex(decoded, der, (word32)derSz, NULL, devId); ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0); if (ret < 0) { @@ -30666,7 +30684,7 @@ static void SetNameFromDcert(CertName* cn, DecodedCert* decoded) #ifndef NO_FILESYSTEM /* Set cn name from der buffer, return 0 on success */ -static int SetNameFromCert(CertName* cn, const byte* der, int derSz) +static int SetNameFromCert(CertName* cn, const byte* der, int derSz, int devId) { int ret; #ifdef WOLFSSL_SMALL_STACK @@ -30685,7 +30703,7 @@ static int SetNameFromCert(CertName* cn, const byte* der, int derSz) return MEMORY_E; #endif - InitDecodedCert(decoded, der, (word32)derSz, NULL); + InitDecodedCert_ex(decoded, der, (word32)derSz, NULL, devId); ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0); if (ret < 0) { @@ -30717,7 +30735,8 @@ int wc_SetIssuer(Cert* cert, const char* issuerFile) ret = wc_PemCertToDer_ex(issuerFile, &der); if (ret == 0) { cert->selfSigned = 0; - ret = SetNameFromCert(&cert->issuer, der->buffer, (int)der->length); + ret = SetNameFromCert(&cert->issuer, der->buffer, (int)der->length, + INVALID_DEVID); FreeDer(&der); } @@ -30738,7 +30757,8 @@ int wc_SetSubject(Cert* cert, const char* subjectFile) ret = wc_PemCertToDer_ex(subjectFile, &der); if (ret == 0) { - ret = SetNameFromCert(&cert->subject, der->buffer, (int)der->length); + ret = SetNameFromCert(&cert->subject, der->buffer, (int)der->length, + INVALID_DEVID); FreeDer(&der); } @@ -30761,7 +30781,8 @@ int wc_SetAltNames(Cert* cert, const char* file) ret = wc_PemCertToDer_ex(file, &der); if (ret == 0) { - ret = SetAltNamesFromCert(cert, der->buffer, (int)der->length); + ret = SetAltNamesFromCert(cert, der->buffer, (int)der->length, + INVALID_DEVID); FreeDer(&der); } @@ -30788,7 +30809,7 @@ int wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz) /* Check if decodedCert is cached */ if (cert->der != der) { /* Allocate cache for the decoded cert */ - ret = wc_SetCert_LoadDer(cert, der, (word32)derSz); + ret = wc_SetCert_LoadDer(cert, der, (word32)derSz, INVALID_DEVID); } if (ret >= 0) { @@ -30815,7 +30836,7 @@ int wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz) /* Check if decodedCert is cached */ if (cert->der != der) { /* Allocate cache for the decoded cert */ - ret = wc_SetCert_LoadDer(cert, der, (word32)derSz); + ret = wc_SetCert_LoadDer(cert, der, (word32)derSz, INVALID_DEVID); } if (ret >= 0) { @@ -30842,7 +30863,7 @@ int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz) /* Check if decodedCert is cached */ if (cert->der != der) { /* Allocate cache for the decoded cert */ - ret = wc_SetCert_LoadDer(cert, der, (word32)derSz); + ret = wc_SetCert_LoadDer(cert, der, (word32)derSz, INVALID_DEVID); } if (ret >= 0) { @@ -30876,7 +30897,7 @@ int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz) /* Check if decodedCert is cached */ if (cert->der != der) { /* Allocate cache for the decoded cert */ - ret = wc_SetCert_LoadDer(cert, der, (word32)derSz); + ret = wc_SetCert_LoadDer(cert, der, (word32)derSz, INVALID_DEVID); } if (ret >= 0) { @@ -30913,7 +30934,7 @@ int wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz) /* Check if decodedCert is cached */ if (cert->der != der) { /* Allocate cache for the decoded cert */ - ret = wc_SetCert_LoadDer(cert, der, (word32)derSz); + ret = wc_SetCert_LoadDer(cert, der, (word32)derSz, INVALID_DEVID); } if (ret >= 0) { @@ -30940,7 +30961,7 @@ int wc_SetDatesBuffer(Cert* cert, const byte* der, int derSz) /* Check if decodedCert is cached */ if (cert->der != der) { /* Allocate cache for the decoded cert */ - ret = wc_SetCert_LoadDer(cert, der, (word32)derSz); + ret = wc_SetCert_LoadDer(cert, der, (word32)derSz, INVALID_DEVID); } if (ret >= 0) { @@ -34440,7 +34461,6 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, int sigLength; const byte* sigParams = NULL; word32 sigParamsSz = 0; - WOLFSSL_ENTER("DecodeBasicOcspResponse"); (void)heap; @@ -34708,6 +34728,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, #endif if (ca) { SignatureCtx sigCtx; + /* Initialize he signature context. */ InitSignatureCtx(&sigCtx, heap, INVALID_DEVID); diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index 38f5af42c..8d3a68356 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -34,6 +34,9 @@ #include #include +#ifdef WOLFSSL_CAAM + #include +#endif /* TODO: Consider linked list with mutex */ #ifndef MAX_CRYPTO_DEVID_CALLBACKS @@ -46,6 +49,7 @@ typedef struct CryptoCb { void* ctx; } CryptoCb; static WOLFSSL_GLOBAL CryptoCb gCryptoDev[MAX_CRYPTO_DEVID_CALLBACKS]; +static CryptoDevCallbackFind CryptoCb_FindCb = NULL; #ifdef DEBUG_CRYPTOCB @@ -165,15 +169,32 @@ WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info) } #endif /* DEBUG_CRYPTOCB */ -static CryptoCb* wc_CryptoCb_FindDevice(int devId) +/* Search through listed devices and return the first matching device ID + * found. */ +static CryptoCb* wc_CryptoCb_GetDevice(int devId) { int i; - for (i=0; idevId = INVALID_DEVID; @@ -248,7 +279,7 @@ int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -278,7 +309,7 @@ int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -306,7 +337,7 @@ int wc_CryptoCb_RsaCheckPrivKey(RsaKey* key, const byte* pubKey, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -333,7 +364,7 @@ int wc_CryptoCb_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId) return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -360,7 +391,7 @@ int wc_CryptoCb_Ecdh(ecc_key* private_key, ecc_key* public_key, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(private_key->devId); + dev = wc_CryptoCb_FindDevice(private_key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -387,7 +418,7 @@ int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -416,7 +447,7 @@ int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -445,7 +476,7 @@ int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -473,7 +504,7 @@ int wc_CryptoCb_Curve25519Gen(WC_RNG* rng, int keySize, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -499,7 +530,7 @@ int wc_CryptoCb_Curve25519(curve25519_key* private_key, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(private_key->devId); + dev = wc_CryptoCb_FindDevice(private_key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -529,7 +560,7 @@ int wc_CryptoCb_Ed25519Gen(WC_RNG* rng, int keySize, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -556,7 +587,7 @@ int wc_CryptoCb_Ed25519Sign(const byte* in, word32 inLen, byte* out, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -588,7 +619,7 @@ int wc_CryptoCb_Ed25519Verify(const byte* sig, word32 sigLen, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(key->devId); + dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -624,7 +655,7 @@ int wc_CryptoCb_AesGcmEncrypt(Aes* aes, byte* out, /* locate registered callback */ if (aes) { - dev = wc_CryptoCb_FindDevice(aes->devId); + dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -665,7 +696,7 @@ int wc_CryptoCb_AesGcmDecrypt(Aes* aes, byte* out, /* locate registered callback */ if (aes) { - dev = wc_CryptoCb_FindDevice(aes->devId); + dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -708,7 +739,7 @@ int wc_CryptoCb_AesCcmEncrypt(Aes* aes, byte* out, /* locate registered callback */ if (aes) { - dev = wc_CryptoCb_FindDevice(aes->devId); + dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -749,7 +780,7 @@ int wc_CryptoCb_AesCcmDecrypt(Aes* aes, byte* out, /* locate registered callback */ if (aes) { - dev = wc_CryptoCb_FindDevice(aes->devId); + dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -789,7 +820,7 @@ int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out, /* locate registered callback */ if (aes) { - dev = wc_CryptoCb_FindDevice(aes->devId); + dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -821,7 +852,7 @@ int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out, /* locate registered callback */ if (aes) { - dev = wc_CryptoCb_FindDevice(aes->devId); + dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -854,7 +885,7 @@ int wc_CryptoCb_AesCtrEncrypt(Aes* aes, byte* out, /* locate registered callback */ if (aes) { - dev = wc_CryptoCb_FindDevice(aes->devId); + dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -887,7 +918,7 @@ int wc_CryptoCb_AesEcbEncrypt(Aes* aes, byte* out, /* locate registered callback */ if (aes) { - dev = wc_CryptoCb_FindDevice(aes->devId); + dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -919,7 +950,7 @@ int wc_CryptoCb_AesEcbDecrypt(Aes* aes, byte* out, /* locate registered callback */ if (aes) { - dev = wc_CryptoCb_FindDevice(aes->devId); + dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -954,7 +985,7 @@ int wc_CryptoCb_Des3Encrypt(Des3* des3, byte* out, /* locate registered callback */ if (des3) { - dev = wc_CryptoCb_FindDevice(des3->devId); + dev = wc_CryptoCb_FindDevice(des3->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -986,7 +1017,7 @@ int wc_CryptoCb_Des3Decrypt(Des3* des3, byte* out, /* locate registered callback */ if (des3) { - dev = wc_CryptoCb_FindDevice(des3->devId); + dev = wc_CryptoCb_FindDevice(des3->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ @@ -1020,7 +1051,7 @@ int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in, /* locate registered callback */ if (sha) { - dev = wc_CryptoCb_FindDevice(sha->devId); + dev = wc_CryptoCb_FindDevice(sha->devId, WC_ALGO_TYPE_HASH); } else { /* locate first callback and try using it */ @@ -1053,7 +1084,7 @@ int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in, /* locate registered callback */ if (sha256) { - dev = wc_CryptoCb_FindDevice(sha256->devId); + dev = wc_CryptoCb_FindDevice(sha256->devId, WC_ALGO_TYPE_HASH); } else { /* locate first callback and try using it */ @@ -1087,7 +1118,7 @@ int wc_CryptoCb_Sha384Hash(wc_Sha384* sha384, const byte* in, /* locate registered callback */ #ifndef NO_SHA2_CRYPTO_CB if (sha384) { - dev = wc_CryptoCb_FindDevice(sha384->devId); + dev = wc_CryptoCb_FindDevice(sha384->devId, WC_ALGO_TYPE_HASH); } else #endif @@ -1123,7 +1154,7 @@ int wc_CryptoCb_Sha512Hash(wc_Sha512* sha512, const byte* in, /* locate registered callback */ #ifndef NO_SHA2_CRYPTO_CB if (sha512) { - dev = wc_CryptoCb_FindDevice(sha512->devId); + dev = wc_CryptoCb_FindDevice(sha512->devId, WC_ALGO_TYPE_HASH); } else #endif @@ -1160,7 +1191,7 @@ int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in, word32 inSz, return ret; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(hmac->devId); + dev = wc_CryptoCb_FindDevice(hmac->devId, WC_ALGO_TYPE_HMAC); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -1186,7 +1217,7 @@ int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz) /* locate registered callback */ if (rng) { - dev = wc_CryptoCb_FindDevice(rng->devId); + dev = wc_CryptoCb_FindDevice(rng->devId, WC_ALGO_TYPE_RNG); } else { /* locate first callback and try using it */ @@ -1213,7 +1244,7 @@ int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz) CryptoCb* dev; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(os->devId); + dev = wc_CryptoCb_FindDevice(os->devId, WC_ALGO_TYPE_SEED); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); @@ -1238,7 +1269,7 @@ int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz, /* locate registered callback */ if (cmac) { - dev = wc_CryptoCb_FindDevice(cmac->devId); + dev = wc_CryptoCb_FindDevice(cmac->devId, WC_ALGO_TYPE_CMAC); } else { /* locate first callback and try using it */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 734eff00f..7adfc76d7 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -45138,6 +45138,23 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) return ret; } + +static int myCryptoCbFind(int currentId, int algoType) +{ + /* can have algo specific overrides here + switch (algoType) { + + } + */ + (void)algoType; + + if (currentId == INVALID_DEVID) { + return 1; /* override invalid devid found with 1 */ + } + return currentId; +} + + WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void) { int ret = 0; @@ -45149,7 +45166,7 @@ WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void) /* set devId to something other than INVALID_DEVID */ devId = 1; ret = wc_CryptoCb_RegisterDevice(devId, myCryptoDevCb, &myCtx); - + wc_CryptoCb_SetDeviceFindCb(myCryptoCbFind); #ifndef WC_NO_RNG if (ret == 0) ret = random_test(); diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 5b9e7b4f8..3794acde6 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -2023,6 +2023,8 @@ WOLFSSL_ASN_API DNS_entry* AltNameNew(void* heap); #endif /* IGNORE_NAME_CONSTRAINTS */ WOLFSSL_ASN_API void InitDecodedCert(DecodedCert* cert, const byte* source, word32 inSz, void* heap); +WOLFSSL_LOCAL void InitDecodedCert_ex(DecodedCert* cert, const byte* source, + word32 inSz, void* heap, int devId); WOLFSSL_ASN_API void FreeDecodedCert(DecodedCert* cert); WOLFSSL_ASN_API int ParseCert(DecodedCert* cert, int type, int verify, void* cm); diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h index 287e10941..1b11cf3e4 100644 --- a/wolfssl/wolfcrypt/cryptocb.h +++ b/wolfssl/wolfcrypt/cryptocb.h @@ -366,6 +366,9 @@ WOLFSSL_API int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId); WOLFSSL_API int wc_CryptoCb_DefaultDevID(void); +typedef int (*CryptoDevCallbackFind)(int devId, int algoType); +WOLFSSL_API void wc_CryptoCb_SetDeviceFindCb(CryptoDevCallbackFind cb); + #ifdef DEBUG_CRYPTOCB WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info); #endif