diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 8fe05f74e..3dc391c5f 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -4219,7 +4219,10 @@ int wc_AesSetIV(Aes* aes, const byte* iv) #endif #ifdef WOLF_CRYPTO_CB - if (aes->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { int crypto_cb_ret = wc_CryptoCb_AesCbcEncrypt(aes, out, in, sz); if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE) return crypto_cb_ret; @@ -4352,7 +4355,10 @@ int wc_AesSetIV(Aes* aes, const byte* iv) #endif #ifdef WOLF_CRYPTO_CB - if (aes->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { int crypto_cb_ret = wc_CryptoCb_AesCbcDecrypt(aes, out, in, sz); if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE) return crypto_cb_ret; @@ -4670,7 +4676,10 @@ int wc_AesSetIV(Aes* aes, const byte* iv) } #ifdef WOLF_CRYPTO_CB - if (aes->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { int crypto_cb_ret = wc_CryptoCb_AesCtrEncrypt(aes, out, in, sz); if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE) return crypto_cb_ret; @@ -6863,7 +6872,10 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, } #ifdef WOLF_CRYPTO_CB - if (aes->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { int crypto_cb_ret = wc_CryptoCb_AesGcmEncrypt(aes, out, in, sz, iv, ivSz, authTag, authTagSz, authIn, authInSz); @@ -7419,7 +7431,10 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, } #ifdef WOLF_CRYPTO_CB - if (aes->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { int crypto_cb_ret = wc_CryptoCb_AesGcmDecrypt(aes, out, in, sz, iv, ivSz, authTag, authTagSz, authIn, authInSz); @@ -9311,7 +9326,10 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz, } #ifdef WOLF_CRYPTO_CB - if (aes->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { int crypto_cb_ret = wc_CryptoCb_AesCcmEncrypt(aes, out, in, inSz, nonce, nonceSz, authTag, authTagSz, authIn, authInSz); @@ -9490,7 +9508,10 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, } #ifdef WOLF_CRYPTO_CB - if (aes->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { int crypto_cb_ret = wc_CryptoCb_AesCcmDecrypt(aes, out, in, inSz, nonce, nonceSz, authTag, authTagSz, authIn, authInSz); @@ -10009,7 +10030,10 @@ static WARN_UNUSED_RESULT int _AesEcbEncrypt( word32 blocks = sz / AES_BLOCK_SIZE; #ifdef WOLF_CRYPTO_CB - if (aes->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { int ret = wc_CryptoCb_AesEcbEncrypt(aes, out, in, sz); if (ret != CRYPTOCB_UNAVAILABLE) return ret; @@ -10045,7 +10069,10 @@ static WARN_UNUSED_RESULT int _AesEcbDecrypt( word32 blocks = sz / AES_BLOCK_SIZE; #ifdef WOLF_CRYPTO_CB - if (aes->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (aes->devId != INVALID_DEVID) + #endif + { int ret = wc_CryptoCb_AesEcbDecrypt(aes, out, in, sz); if (ret != CRYPTOCB_UNAVAILABLE) return ret; diff --git a/wolfcrypt/src/cmac.c b/wolfcrypt/src/cmac.c index 2ceefd7ac..e3b9f39ea 100644 --- a/wolfcrypt/src/cmac.c +++ b/wolfcrypt/src/cmac.c @@ -115,7 +115,10 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz, XMEMSET(cmac, 0, sizeof(Cmac)); #ifdef WOLF_CRYPTO_CB - if (devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (devId != INVALID_DEVID) + #endif + { cmac->devId = devId; cmac->devCtx = NULL; @@ -178,7 +181,10 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz) } #ifdef WOLF_CRYPTO_CB - if (cmac->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (cmac->devId != INVALID_DEVID) + #endif + { ret = wc_CryptoCb_Cmac(cmac, NULL, 0, in, inSz, NULL, NULL, 0, NULL); if (ret != CRYPTOCB_UNAVAILABLE) @@ -226,7 +232,10 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz) } #ifdef WOLF_CRYPTO_CB - if (cmac->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (cmac->devId != INVALID_DEVID) + #endif + { ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz, 0, NULL); if (ret != CRYPTOCB_UNAVAILABLE) return ret; diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index ed4f95188..7f6fb75ff 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -49,8 +49,10 @@ typedef struct CryptoCb { void* ctx; } CryptoCb; static WOLFSSL_GLOBAL CryptoCb gCryptoDev[MAX_CRYPTO_DEVID_CALLBACKS]; -static CryptoDevCallbackFind CryptoCb_FindCb = NULL; +#ifdef WOLF_CRYPTO_CB_FIND +static CryptoDevCallbackFind CryptoCb_FindCb = NULL; +#endif #ifdef DEBUG_CRYPTOCB static const char* GetAlgoTypeStr(int algo) @@ -188,9 +190,12 @@ static CryptoCb* wc_CryptoCb_FindDevice(int devId, int algoType) { int localDevId = devId; +#ifdef WOLF_CRYPTO_CB_FIND if (CryptoCb_FindCb != NULL) { localDevId = CryptoCb_FindCb(devId, algoType); } +#endif /* WOLF_CRYPTO_CB_FIND */ + (void)algoType; return wc_CryptoCb_GetDevice(localDevId); } @@ -233,6 +238,7 @@ int wc_CryptoCb_GetDevIdAtIndex(int startIdx) } +#ifdef WOLF_CRYPTO_CB_FIND /* Used to register a find device function. Useful for cases where the * device ID in the struct may not have been set but still wanting to use * a specific crypto callback device ID. The find callback is global and @@ -241,6 +247,7 @@ void wc_CryptoCb_SetDeviceFindCb(CryptoDevCallbackFind cb) { CryptoCb_FindCb = cb; } +#endif int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx) { diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 0e3e4fae9..770a6f133 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -4432,19 +4432,22 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, } #ifdef WOLF_CRYPTO_CB - if (private_key->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (private_key->devId != INVALID_DEVID) + #endif + { err = wc_CryptoCb_Ecdh(private_key, public_key, out, outlen); - #ifndef WOLF_CRYPTO_CB_ONLY_ECC + #ifndef WOLF_CRYPTO_CB_ONLY_ECC if (err != CRYPTOCB_UNAVAILABLE) return err; /* fall-through when unavailable */ - #endif + #endif + #ifdef WOLF_CRYPTO_CB_ONLY_ECC + if (err == CRYPTOCB_UNAVAILABLE) { + err = NO_VALID_DEVID; + } + #endif } - #ifdef WOLF_CRYPTO_CB_ONLY_ECC - else { - err = NO_VALID_DEVID; - } - #endif #endif #ifndef WOLF_CRYPTO_CB_ONLY_ECC @@ -5330,21 +5333,23 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, key->flags = (byte)flags; #ifdef WOLF_CRYPTO_CB - if (key->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (key->devId != INVALID_DEVID) + #endif + { err = wc_CryptoCb_MakeEccKey(rng, keysize, key, curve_id); - #ifndef WOLF_CRYPTO_CB_ONLY_ECC + #ifndef WOLF_CRYPTO_CB_ONLY_ECC if (err != CRYPTOCB_UNAVAILABLE) return err; /* fall-through when unavailable */ - #else + #endif + #ifdef WOLF_CRYPTO_CB_ONLY_ECC + if (err == CRYPTOCB_UNAVAILABLE) { + return NO_VALID_DEVID; + } return err; - #endif + #endif } - #ifdef WOLF_CRYPTO_CB_ONLY_ECC - else { - return NO_VALID_DEVID; - } - #endif #endif #ifndef WOLF_CRYPTO_CB_ONLY_ECC @@ -6320,19 +6325,22 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, } #ifdef WOLF_CRYPTO_CB - if (key->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (key->devId != INVALID_DEVID) + #endif + { err = wc_CryptoCb_EccSign(in, inlen, out, outlen, rng, key); - #ifndef WOLF_CRYPTO_CB_ONLY_ECC + #ifndef WOLF_CRYPTO_CB_ONLY_ECC if (err != CRYPTOCB_UNAVAILABLE) return err; /* fall-through when unavailable */ - #endif + #endif + #ifdef WOLF_CRYPTO_CB_ONLY_ECC + if (err == CRYPTOCB_UNAVAILABLE) { + err = NO_VALID_DEVID; + } + #endif } - #ifdef WOLF_CRYPTO_CB_ONLY_ECC - else { - err = NO_VALID_DEVID; - } - #endif #endif #ifndef WOLF_CRYPTO_CB_ONLY_ECC @@ -8020,19 +8028,22 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, } #ifdef WOLF_CRYPTO_CB - if (key->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (key->devId != INVALID_DEVID) + #endif + { err = wc_CryptoCb_EccVerify(sig, siglen, hash, hashlen, res, key); - #ifndef WOLF_CRYPTO_CB_ONLY_ECC + #ifndef WOLF_CRYPTO_CB_ONLY_ECC if (err != CRYPTOCB_UNAVAILABLE) return err; /* fall-through when unavailable */ - #endif + #endif + #ifdef WOLF_CRYPTO_CB_ONLY_ECC + if (err == CRYPTOCB_UNAVAILABLE) { + err = NO_VALID_DEVID; + } + #endif } - #ifdef WOLF_CRYPTO_CB_ONLY_ECC - else { - err = NO_VALID_DEVID; - } - #endif #endif #ifndef WOLF_CRYPTO_CB_ONLY_ECC diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 885d973d5..259dc5a68 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -1829,7 +1829,10 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz) return 0; #ifdef WOLF_CRYPTO_CB - if (rng->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (rng->devId != INVALID_DEVID) + #endif + { ret = wc_CryptoCb_RandomBlock(rng, output, sz); if (ret != CRYPTOCB_UNAVAILABLE) return ret; @@ -2583,7 +2586,11 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) #ifdef WOLF_CRYPTO_CB int ret; - if (os != NULL && os->devId != INVALID_DEVID) { + if (os != NULL + #ifndef WOLF_CRYPTO_CB_FIND + && os->devId != INVALID_DEVID) + #endif + { ret = wc_CryptoCb_RandomSeed(os, output, sz); if (ret != CRYPTOCB_UNAVAILABLE) return ret; @@ -3702,7 +3709,10 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) } #ifdef WOLF_CRYPTO_CB - if (os->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (os->devId != INVALID_DEVID) + #endif + { ret = wc_CryptoCb_RandomSeed(os, output, sz); if (ret != CRYPTOCB_UNAVAILABLE) return ret; diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index fac7e3c14..f667ebc88 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -3172,21 +3172,23 @@ static int wc_RsaFunction_ex(const byte* in, word32 inLen, byte* out, } #ifdef WOLF_CRYPTO_CB - if (key->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (key->devId != INVALID_DEVID) + #endif + { ret = wc_CryptoCb_Rsa(in, inLen, out, outLen, type, key, rng); - #ifndef WOLF_CRYPTO_CB_ONLY_RSA + #ifndef WOLF_CRYPTO_CB_ONLY_RSA if (ret != CRYPTOCB_UNAVAILABLE) return ret; /* fall-through when unavailable and try using software */ - #else + #endif + #ifdef WOLF_CRYPTO_CB_ONLY_RSA + if (ret == CRYPTOCB_UNAVAILABLE) { + return NO_VALID_DEVID; + } return ret; - #endif + #endif } - #ifdef WOLF_CRYPTO_CB_ONLY_RSA - else { - return NO_VALID_DEVID; - } - #endif #endif #ifndef WOLF_CRYPTO_CB_ONLY_RSA @@ -4768,22 +4770,23 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) #endif #ifdef WOLF_CRYPTO_CB - if (key->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (key->devId != INVALID_DEVID) + #endif + { err = wc_CryptoCb_MakeRsaKey(key, size, e, rng); - #ifndef WOLF_CRYPTO_CB_ONLY_RSA + #ifndef WOLF_CRYPTO_CB_ONLY_RSA if (err != CRYPTOCB_UNAVAILABLE) goto out; /* fall-through when unavailable */ - #else - goto out; - #endif + #endif + #ifdef WOLF_CRYPTO_CB_ONLY_RSA + if (err == CRYPTOCB_UNAVAILABLE) + err = NO_VALID_DEVID; + goto out; + } + #endif } - #ifdef WOLF_CRYPTO_CB_ONLY_RSA - else { - err = NO_VALID_DEVID; - goto out; - } - #endif #endif #ifndef WOLF_CRYPTO_CB_ONLY_RSA diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index 94bdc2653..75b975eb8 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -1231,7 +1231,10 @@ static int InitSha256(wc_Sha256* sha256) } #ifdef WOLF_CRYPTO_CB - if (sha256->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (sha256->devId != INVALID_DEVID) + #endif + { int ret = wc_CryptoCb_Sha256Hash(sha256, data, len, NULL); if (ret != CRYPTOCB_UNAVAILABLE) return ret; @@ -1394,7 +1397,10 @@ static int InitSha256(wc_Sha256* sha256) } #ifdef WOLF_CRYPTO_CB - if (sha256->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (sha256->devId != INVALID_DEVID) + #endif + { ret = wc_CryptoCb_Sha256Hash(sha256, NULL, 0, hash); if (ret != CRYPTOCB_UNAVAILABLE) return ret; diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index f4e77ccc2..3d17a09b4 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -952,7 +952,10 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len) } #ifdef WOLF_CRYPTO_CB - if (sha512->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (sha512->devId != INVALID_DEVID) + #endif + { int ret = wc_CryptoCb_Sha512Hash(sha512, data, len, NULL); if (ret != CRYPTOCB_UNAVAILABLE) return ret; @@ -1151,7 +1154,10 @@ static int Sha512_Family_Final(wc_Sha512* sha512, byte* hash, size_t digestSz, } #ifdef WOLF_CRYPTO_CB - if (sha512->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (sha512->devId != INVALID_DEVID) + #endif + { byte localHash[WC_SHA512_DIGEST_SIZE]; ret = wc_CryptoCb_Sha512Hash(sha512, NULL, 0, localHash); if (ret != CRYPTOCB_UNAVAILABLE) { @@ -1374,7 +1380,10 @@ int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len) } #ifdef WOLF_CRYPTO_CB - if (sha384->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (sha384->devId != INVALID_DEVID) + #endif + { int ret = wc_CryptoCb_Sha384Hash(sha384, data, len, NULL); if (ret != CRYPTOCB_UNAVAILABLE) return ret; @@ -1423,7 +1432,10 @@ int wc_Sha384Final(wc_Sha384* sha384, byte* hash) } #ifdef WOLF_CRYPTO_CB - if (sha384->devId != INVALID_DEVID) { + #ifndef WOLF_CRYPTO_CB_FIND + if (sha384->devId != INVALID_DEVID) + #endif + { ret = wc_CryptoCb_Sha384Hash(sha384, NULL, 0, hash); if (ret != CRYPTOCB_UNAVAILABLE) return ret; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 8f9ee60f8..b68622325 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -45192,20 +45192,30 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) } +#ifdef WOLF_CRYPTO_CB_FIND static int myCryptoCbFind(int currentId, int algoType) { /* can have algo specific overrides here switch (algoType) { + i.e. + WC_ALGO_TYPE_CMAC + WC_ALGO_TYPE_SEED + WC_ALGO_TYPE_HMAC + WC_ALGO_TYPE_HASH + WC_ALGO_TYPE_CIPHER + WC_ALGO_TYPE_PK + } */ (void)algoType; if (currentId == INVALID_DEVID) { - return 1; /* override invalid devid found with 1 */ + /* can override invalid devid found with 1 */ } return currentId; } +#endif /* WOLF_CRYPTO_CB_FIND */ WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void) @@ -45220,7 +45230,9 @@ WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void) /* set devId to something other than INVALID_DEVID */ devId = 1; ret = wc_CryptoCb_RegisterDevice(devId, myCryptoDevCb, &myCtx); +#ifdef WOLF_CRYPTO_CB_FIND wc_CryptoCb_SetDeviceFindCb(myCryptoCbFind); +#endif /* WOLF_CRYPTO_CB_FIND */ #ifndef WC_NO_RNG if (ret == 0) ret = random_test(); diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h index 1b11cf3e4..b5a592b18 100644 --- a/wolfssl/wolfcrypt/cryptocb.h +++ b/wolfssl/wolfcrypt/cryptocb.h @@ -366,8 +366,10 @@ WOLFSSL_API int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId); WOLFSSL_API int wc_CryptoCb_DefaultDevID(void); +#ifdef WOLF_CRYPTO_CB_FIND typedef int (*CryptoDevCallbackFind)(int devId, int algoType); WOLFSSL_API void wc_CryptoCb_SetDeviceFindCb(CryptoDevCallbackFind cb); +#endif #ifdef DEBUG_CRYPTOCB WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info); diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 38bf145fe..d18ddcc31 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -1816,8 +1816,6 @@ extern void uITRON4_free(void *p) ; #ifdef WOLFSSL_IMXRT1170_CAAM #define WOLFSSL_CAAM - - #define WOLFSSL_NO_CAAM_BLOB #endif /* OS specific support so far */