feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

af_alg sha3 addition

Browse Source 
hardware acceleration with RSA

add AES-GCM hardware acceleration

refactor setting RSA IV flag

check and set AF_ALG flags

fix for default AF_ALG use

set buffer alignment with Xilinx RSA

macro guard after rebase

use ALIGN64

clean up test cases
This commit is contained in:
Jacob Barthelmeh
2018-08-24 10:24:53 -06:00
parent d07cf53bb1
commit f0a3045d62
18 changed files with 751 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
configure.ac
View File

@@ -1078,6 +1078,14 @@ then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AFALG_HASH"
fi
if test "$ENABLED_AFALG" = "xilinx"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AFALG_XILINX"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NOSHA3_224 -DWOLFSSL_NOSHA3_256 -DWOLFSSL_NOSHA3_512"
ENABLED_AFALG="yes"
ENABLED_XILINX="yes"
fi
AM_CONDITIONAL([BUILD_AFALG], [test "x$ENABLED_AFALG" = "xyes"])

6
tests/api.c
View File

@@ -5544,7 +5544,8 @@ static int testing_wc_Sha3_Update (void)
{
int ret = 0;
#if defined(WOLFSSL_SHA3)
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_XILINX_CRYPT) && \
!defined(WOLFSSL_AFALG_XILINX)
wc_Sha3 sha3;
byte msg[] = "Everybody's working for the weekend.";
byte msg2[] = "Everybody gets Friday off.";
@@ -6022,7 +6023,8 @@ static int test_wc_Sha3_512_Final (void)
{
int ret = 0;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) && \
!defined(WOLFSSL_NOSHA3_384)
wc_Sha3 sha3;
const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
"nopnopq";

13
wolfcrypt/benchmark/benchmark.c
View File

@@ -1125,8 +1125,13 @@ static void* benchmarks_do(void* args)
if (bench_buf_size % 16)
bench_buf_size += 16 - (bench_buf_size % 16);
bench_plain = (byte*)XMALLOC((size_t)bench_buf_size, HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
bench_cipher = (byte*)XMALLOC((size_t)bench_buf_size, HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
#ifdef WOLFSSL_AFALG_XILINX_AES
bench_plain = (byte*)aligned_alloc(64, (size_t)bench_buf_size + 16);
bench_cipher = (byte*)aligned_alloc(64, (size_t)bench_buf_size + 16);
#else
bench_plain = (byte*)XMALLOC((size_t)bench_buf_size + 16, HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
bench_cipher = (byte*)XMALLOC((size_t)bench_buf_size + 16, HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
#endif
if (bench_plain == NULL || bench_cipher == NULL) {
XFREE(bench_plain, HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(bench_cipher, HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
@@ -1993,11 +1998,11 @@ exit:
void bench_aesgcm(int doAsync)
{
#ifdef WOLFSSL_AES_128
#if defined(WOLFSSL_AES_128) && !defined(WOLFSSL_AFALG_XILINX_AES)
bench_aesgcm_internal(doAsync, bench_key, 16, bench_iv, 12,
"AES-128-GCM-enc", "AES-128-GCM-dec");
#endif
#ifdef WOLFSSL_AES_192
#if defined(WOLFSSL_AES_192) && !defined(WOLFSSL_AFALG_XILINX_AES)
bench_aesgcm_internal(doAsync, bench_key, 24, bench_iv, 12,
"AES-192-GCM-enc", "AES-192-GCM-dec");
#endif

6
wolfcrypt/src/aes.c
View File

@@ -3485,6 +3485,8 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
#if defined(WOLFSSL_XILINX_CRYPT)
wc_AesGcmSetKey_ex(aes, key, len, XSECURE_CSU_AES_KEY_SRC_KUP);
#elif defined(WOLFSSL_AFALG_XILINX_AES)
wc_AesGcmSetKey_ex(aes, key, len, 0);
#endif
#ifdef WOLFSSL_IMX6_CAAM_BLOB
@@ -8217,7 +8219,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#endif /* end GCM_WORD32 */
#if !defined(WOLFSSL_XILINX_CRYPT)
#if !defined(WOLFSSL_XILINX_CRYPT) && !defined(WOLFSSL_AFALG_XILINX_AES)
#ifdef FREESCALE_LTC_AES_GCM
int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
@@ -9654,7 +9656,7 @@ void wc_AesFree(Aes* aes)
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
wolfAsync_DevCtxFree(&aes->asyncDev, WOLFSSL_ASYNC_MARKER_AES);
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLFSSL_AFALG
#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
if (aes->rdFd > 0) { /* negative is error case */
close(aes->rdFd);
}

48
wolfcrypt/src/hmac.c
View File

@@ -248,18 +248,26 @@ int _InitHmac(Hmac* hmac, int type, void* heap)
#endif /* HAVE_BLAKE2 */
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
case WC_SHA3_224:
ret = wc_InitSha3_224(&hmac->hash.sha3, heap, INVALID_DEVID);
break;
#endif
#ifndef WOLFSSL_NOSHA3_256
case WC_SHA3_256:
ret = wc_InitSha3_256(&hmac->hash.sha3, heap, INVALID_DEVID);
break;
#endif
#ifndef WOLFSSL_NOSHA3_384
case WC_SHA3_384:
ret = wc_InitSha3_384(&hmac->hash.sha3, heap, INVALID_DEVID);
break;
#endif
#ifndef WOLFSSL_NOSHA3_512
case WC_SHA3_512:
ret = wc_InitSha3_512(&hmac->hash.sha3, heap, INVALID_DEVID);
break;
#endif
#endif
default:
@@ -465,6 +473,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
#endif /* HAVE_BLAKE2 */
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
case WC_SHA3_224:
hmac_block_size = WC_SHA3_224_BLOCK_SIZE;
if (length <= WC_SHA3_224_BLOCK_SIZE) {
@@ -483,6 +492,8 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
length = WC_SHA3_224_DIGEST_SIZE;
}
break;
#endif
#ifndef WOLFSSL_NOSHA3_256
case WC_SHA3_256:
hmac_block_size = WC_SHA3_256_BLOCK_SIZE;
if (length <= WC_SHA3_256_BLOCK_SIZE) {
@@ -501,6 +512,8 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
length = WC_SHA3_256_DIGEST_SIZE;
}
break;
#endif
#ifndef WOLFSSL_NOSHA3_384
case WC_SHA3_384:
hmac_block_size = WC_SHA3_384_BLOCK_SIZE;
if (length <= WC_SHA3_384_BLOCK_SIZE) {
@@ -519,6 +532,8 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
length = WC_SHA3_384_DIGEST_SIZE;
}
break;
#endif
#ifndef WOLFSSL_NOSHA3_512
case WC_SHA3_512:
hmac_block_size = WC_SHA3_512_BLOCK_SIZE;
if (length <= WC_SHA3_512_BLOCK_SIZE) {
@@ -537,6 +552,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
length = WC_SHA3_512_DIGEST_SIZE;
}
break;
#endif
#endif /* WOLFSSL_SHA3 */
default:
@@ -630,22 +646,30 @@ static int HmacKeyInnerHash(Hmac* hmac)
#endif /* HAVE_BLAKE2 */
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
case WC_SHA3_224:
ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
WC_SHA3_224_BLOCK_SIZE);
break;
#endif
#ifndef WOLFSSL_NOSHA3_256
case WC_SHA3_256:
ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
WC_SHA3_256_BLOCK_SIZE);
break;
#endif
#ifndef WOLFSSL_NOSHA3_384
case WC_SHA3_384:
ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
WC_SHA3_384_BLOCK_SIZE);
break;
#endif
#ifndef WOLFSSL_NOSHA3_512
case WC_SHA3_512:
ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
WC_SHA3_512_BLOCK_SIZE);
break;
#endif
#endif /* WOLFSSL_SHA3 */
default:
@@ -729,18 +753,26 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
#endif /* HAVE_BLAKE2 */
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
case WC_SHA3_224:
ret = wc_Sha3_224_Update(&hmac->hash.sha3, msg, length);
break;
#endif
#ifndef WOLFSSL_NOSHA3_256
case WC_SHA3_256:
ret = wc_Sha3_256_Update(&hmac->hash.sha3, msg, length);
break;
#endif
#ifndef WOLFSSL_NOSHA3_384
case WC_SHA3_384:
ret = wc_Sha3_384_Update(&hmac->hash.sha3, msg, length);
break;
#endif
#ifndef WOLFSSL_NOSHA3_512
case WC_SHA3_512:
ret = wc_Sha3_512_Update(&hmac->hash.sha3, msg, length);
break;
#endif
#endif /* WOLFSSL_SHA3 */
default:
@@ -907,6 +939,7 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
#endif /* HAVE_BLAKE2 */
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
case WC_SHA3_224:
ret = wc_Sha3_224_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
if (ret != 0)
@@ -921,6 +954,8 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
break;
ret = wc_Sha3_224_Final(&hmac->hash.sha3, hash);
break;
#endif
#ifndef WOLFSSL_NOSHA3_256
case WC_SHA3_256:
ret = wc_Sha3_256_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
if (ret != 0)
@@ -935,6 +970,8 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
break;
ret = wc_Sha3_256_Final(&hmac->hash.sha3, hash);
break;
#endif
#ifndef WOLFSSL_NOSHA3_384
case WC_SHA3_384:
ret = wc_Sha3_384_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
if (ret != 0)
@@ -949,6 +986,8 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
break;
ret = wc_Sha3_384_Final(&hmac->hash.sha3, hash);
break;
#endif
#ifndef WOLFSSL_NOSHA3_512
case WC_SHA3_512:
ret = wc_Sha3_512_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
if (ret != 0)
@@ -963,6 +1002,7 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
break;
ret = wc_Sha3_512_Final(&hmac->hash.sha3, hash);
break;
#endif
#endif /* WOLFSSL_SHA3 */
default:
@@ -1049,18 +1089,26 @@ void wc_HmacFree(Hmac* hmac)
#endif /* HAVE_BLAKE2 */
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
case WC_SHA3_224:
wc_Sha3_224_Free(&hmac->hash.sha3);
break;
#endif
#ifndef WOLFSSL_NOSHA3_256
case WC_SHA3_256:
wc_Sha3_256_Free(&hmac->hash.sha3);
break;
#endif
#ifndef WOLFSSL_NOSHA3_384
case WC_SHA3_384:
wc_Sha3_384_Free(&hmac->hash.sha3);
break;
#endif
#ifndef WOLFSSL_NOSHA3_512
case WC_SHA3_512:
wc_Sha3_512_Free(&hmac->hash.sha3);
break;
#endif
#endif /* WOLFSSL_SHA3 */
default:

203
wolfcrypt/src/port/af_alg/afalg_aes.c
View File

@@ -20,6 +20,7 @@
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@@ -27,7 +28,8 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#if !defined(NO_AES) && defined(WOLFSSL_AFALG)
#if !defined(NO_AES) && (defined(WOLFSSL_AFALG) || \
defined(WOLFSSL_AFALG_XILINX_AES))
#include <wolfssl/wolfcrypt/aes.h>
#include <wolfssl/wolfcrypt/logging.h>
@@ -43,10 +45,15 @@
#endif
static const char WC_TYPE_SYMKEY[] = "skcipher";
static const char WC_NAME_AESCBC[] = "cbc(aes)";
static int wc_AesSetup(Aes* aes, const char* type, const char* name, int ivSz, int aadSz)
{
#ifdef WOLFSSL_AFALG_XILINX_AES
byte* key = (byte*)aes->msgBuf;
#else
byte* key = (byte*)aes->key;
#endif
aes->rdFd = wc_Afalg_CreateRead(aes->alFd, type, name);
if (aes->rdFd < 0) {
WOLFSSL_MSG("Unable to accept and get AF_ALG read socket");
@@ -54,18 +61,23 @@ static int wc_AesSetup(Aes* aes, const char* type, const char* name, int ivSz, i
return aes->rdFd;
}
if (setsockopt(aes->alFd, SOL_ALG, ALG_SET_KEY, (byte*)aes->key, aes->keylen) != 0) {
if (setsockopt(aes->alFd, SOL_ALG, ALG_SET_KEY, key, aes->keylen) != 0) {
WOLFSSL_MSG("Unable to set AF_ALG key");
aes->rdFd = WC_SOCK_NOTSET;
return WC_AFALG_SOCK_E;
}
ForceZero((byte*)aes->key, sizeof(aes->key));
ForceZero(key, sizeof(aes->key));
/* set up CMSG headers */
XMEMSET((byte*)&(aes->msg), 0, sizeof(struct msghdr));
aes->msg.msg_control = (byte*)(aes->key); /* use existing key buffer for
aes->msg.msg_control = key; /* use existing key buffer for
* control buffer */
#ifdef WOLFSSL_AFALG_XILINX_AES
aes->msg.msg_controllen = CMSG_SPACE(4) +
CMSG_SPACE(sizeof(struct af_alg_iv) + ivSz);
(void)aadSz;
#else
aes->msg.msg_controllen = CMSG_SPACE(4);
if (aadSz > 0) {
aes->msg.msg_controllen += CMSG_SPACE(4);
@@ -73,6 +85,7 @@ static int wc_AesSetup(Aes* aes, const char* type, const char* name, int ivSz, i
if (ivSz > 0) {
aes->msg.msg_controllen += CMSG_SPACE((sizeof(struct af_alg_iv) + ivSz));
}
#endif
if (wc_Afalg_SetOp(CMSG_FIRSTHDR(&(aes->msg)), aes->dir) < 0) {
WOLFSSL_MSG("Error with setting AF_ALG operation");
@@ -84,6 +97,7 @@ static int wc_AesSetup(Aes* aes, const char* type, const char* name, int ivSz, i
}
#ifdef WOLFSSL_AFALG
int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
@@ -122,10 +136,12 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
return wc_AesSetIV(aes, iv);
}
#endif
/* AES-CBC */
#ifdef HAVE_AES_CBC
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AFALG)
static const char WC_NAME_AESCBC[] = "cbc(aes)";
int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
struct cmsghdr* cmsg;
@@ -235,7 +251,8 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
/* AES-DIRECT */
#if defined(WOLFSSL_AES_DIRECT) || defined(HAVE_AES_ECB)
#if (defined(WOLFSSL_AES_DIRECT) || defined(HAVE_AES_ECB)) && \
defined(WOLFSSL_AFALG)
static const char WC_NAME_AESECB[] = "ecb(aes)";
@@ -279,7 +296,7 @@ static int wc_Afalg_AesDirect(Aes* aes, byte* out, const byte* in, word32 sz)
#endif
#if defined(WOLFSSL_AES_DIRECT)
#if defined(WOLFSSL_AES_DIRECT) && defined(WOLFSSL_AFALG)
void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
{
if (wc_Afalg_AesDirect(aes, out, in, AES_BLOCK_SIZE) != 0) {
@@ -305,7 +322,7 @@ int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
/* AES-CTR */
#if defined(WOLFSSL_AES_COUNTER)
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AFALG)
static const char WC_NAME_AESCTR[] = "ctr(aes)";
/* Increment AES counter */
@@ -424,8 +441,14 @@ int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
#ifdef HAVE_AESGCM
static const char WC_TYPE_AEAD[] = "aead";
static const char WC_NAME_AESGCM[] = "gcm(aes)";
#ifdef WOLFSSL_AFALG_XILINX_AES
static const char WC_NAME_AESGCM[] = "xilinx-zynqmp-aes";
static const char* WC_TYPE_AEAD = WC_TYPE_SYMKEY;
#else
static const char WC_NAME_AESGCM[] = "gcm(aes)";
static const char WC_TYPE_AEAD[] = "aead";
#endif
#ifndef WC_SYSTEM_AESGCM_IV
/* size of IV allowed on system for AES-GCM */
@@ -438,7 +461,16 @@ static const char WC_NAME_AESGCM[] = "gcm(aes)";
#define WOLFSSL_MAX_AUTH_TAG_SZ 16
#endif
#ifdef WOLFSSL_AFALG_XILINX_AES
/* Xilinx uses a slightly different function because the default AES key is also
* needed if handling additional data with creating/validating the TAG.
*
* returns 0 on success
*/
int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len, word32 kup)
#else
int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
#endif
{
#if defined(AES_MAX_KEY_SIZE)
const word32 max_key_len = (AES_MAX_KEY_SIZE / 8);
@@ -466,13 +498,26 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
}
/* save key until direction is known i.e. encrypt or decrypt */
#ifdef WOLFSSL_AFALG_XILINX_AES
(void)kup; /* using alternate buffer because software key is needed */
XMEMCPY((byte*)(aes->msgBuf), key, len);
#else
XMEMCPY((byte*)(aes->key), key, len);
#endif
return 0;
}
/* Performs AES-GCM encryption and returns 0 on success
*
* Warning: If using Xilinx hardware acceleration it is assumed that the out
* buffer is large enough to hold both cipher text and tag. That is
* sz | 16 bytes. The input and output buffer is expected to be 64 bit
* aligned
*
*/
int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
@@ -482,7 +527,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
struct iovec iov[3];
int ret;
struct msghdr* msg;
byte scratch[16];
byte scratch[AES_BLOCK_SIZE];
/* argument checks */
if (aes == NULL || authTagSz > AES_BLOCK_SIZE) {
@@ -510,6 +555,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
/* note that if the ivSz was to change, the msg_controllen would need
reset */
#ifndef WOLFSSL_AFALG_XILINX_AES
/* set auth tag
* @TODO case where tag size changes between calls? */
ret = setsockopt(aes->alFd, SOL_ALG, ALG_SET_AEAD_AUTHSIZE, NULL,
@@ -519,8 +565,10 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
WOLFSSL_MSG("Unable to set AF_ALG tag size ");
return WC_AFALG_SOCK_E;
}
#endif
}
msg = &(aes->msg);
cmsg = CMSG_FIRSTHDR(msg);
cmsg = CMSG_NXTHDR(msg, cmsg);
@@ -532,7 +580,37 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return ret;
}
#ifdef WOLFSSL_AFALG_XILINX_AES
if (sz > 0) {
iov[0].iov_base = (byte*)in;
iov[0].iov_len = sz + AES_BLOCK_SIZE;
msg->msg_iov = iov;
msg->msg_iovlen = 1; /* # of iov structures */
ret = (int)sendmsg(aes->rdFd, msg, 0);
if (ret < 0) {
return ret;
}
ret = read(aes->rdFd, out, sz + AES_BLOCK_SIZE);
if (ret < 0) {
return ret;
}
XMEMCPY(authTag, out + sz, authTagSz);
}
/* handle completing tag with using software if additional data added */
if (authIn != NULL) {
byte initalCounter[AES_BLOCK_SIZE];
XMEMSET(initalCounter, 0, AES_BLOCK_SIZE);
XMEMCPY(initalCounter, iv, ivSz);
initalCounter[AES_BLOCK_SIZE - 1] = 1;
GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
wc_AesEncryptDirect(aes, scratch, initalCounter);
xorbuf(authTag, scratch, authTagSz);
}
#else
if (authInSz > 0) {
cmsg = CMSG_NXTHDR(msg, cmsg);
ret = wc_Afalg_SetAad(cmsg, authInSz);
@@ -549,12 +627,11 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
iov[1].iov_base = (byte*)in;
iov[1].iov_len = sz;
aes->msg.msg_iov = iov;
aes->msg.msg_iovlen = 2; /* # of iov structures */
msg->msg_iov = iov;
msg->msg_iovlen = 2; /* # of iov structures */
ret = (int)sendmsg(aes->rdFd, &(aes->msg), 0);
ret = (int)sendmsg(aes->rdFd, msg, 0);
if (ret < 0) {
perror("sendmsg error");
return ret;
}
@@ -570,24 +647,36 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
ret = (int)readv(aes->rdFd, iov, 3);
if (ret < 0) {
perror("read error");
return ret;
}
#endif
return 0;
}
#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AESGCM_DECRYPT)
/* Performs AES-GCM decryption and returns 0 on success
*
* Warning: If using Xilinx hardware acceleration it is assumed that the in
* buffer is large enough to hold both cipher text and tag. That is
* sz | 16 bytes
*/
int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
struct cmsghdr* cmsg;
struct iovec iov[3];
int ret;
struct msghdr* msg;
byte scratch[16];
struct iovec iov[3];
byte scratch[AES_BLOCK_SIZE];
int ret;
#ifdef WOLFSSL_AFALG_XILINX_AES
byte* tag = (byte*)authTag;
byte buf[AES_BLOCK_SIZE];
byte initalCounter[AES_BLOCK_SIZE];
#endif
/* argument checks */
if (aes == NULL || authTagSz > AES_BLOCK_SIZE) {
@@ -612,6 +701,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return ret;
}
#ifndef WOLFSSL_AFALG_XILINX_AES
/* set auth tag
* @TODO case where tag size changes between calls? */
ret = setsockopt(aes->alFd, SOL_ALG, ALG_SET_AEAD_AUTHSIZE, NULL,
@@ -620,18 +710,71 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
WOLFSSL_MSG("Unable to set AF_ALG tag size ");
return WC_AFALG_SOCK_E;
}
#endif
}
/* set IV and AAD size */
msg = &(aes->msg);
cmsg = CMSG_FIRSTHDR(msg);
cmsg = CMSG_NXTHDR(msg, cmsg);
msg = &aes->msg;
if ((cmsg = CMSG_FIRSTHDR(msg)) == NULL) {
return WC_AFALG_SOCK_E;
}
if (wc_Afalg_SetOp(cmsg, aes->dir) < 0) {
WOLFSSL_MSG("Error with setting AF_ALG operation");
return WC_AFALG_SOCK_E;
}
if ((cmsg = CMSG_NXTHDR(msg, cmsg)) == NULL) {
return WC_AFALG_SOCK_E;
}
ret = wc_Afalg_SetIv(cmsg, (byte*)iv, ivSz);
if (ret < 0) {
return ret;
}
#ifdef WOLFSSL_AFALG_XILINX_AES
/* check for and handle additional data */
if (authIn != NULL && authInSz > 0) {
XMEMSET(initalCounter, 0, AES_BLOCK_SIZE);
XMEMCPY(initalCounter, iv, ivSz);
initalCounter[AES_BLOCK_SIZE - 1] = 1;
tag = buf;
GHASH(aes, NULL, 0, in, sz, tag, AES_BLOCK_SIZE);
wc_AesEncryptDirect(aes, scratch, initalCounter);
xorbuf(tag, scratch, AES_BLOCK_SIZE);
if (ret != 0) {
return AES_GCM_AUTH_E;
}
}
/* it is assumed that in buffer size is large enough to hold TAG */
XMEMCPY((byte*)in + sz, tag, AES_BLOCK_SIZE);
iov[0].iov_base = (byte*)in;
iov[0].iov_len = sz + AES_BLOCK_SIZE;
msg->msg_iov = iov;
msg->msg_iovlen = 1;
ret = sendmsg(aes->rdFd, msg, 0);
if (ret < 0) {
return ret;
}
ret = read(aes->rdFd, out, sz + AES_BLOCK_SIZE);
if (ret < 0) {
return AES_GCM_AUTH_E;
}
/* check on tag */
if (authIn != NULL && authInSz > 0) {
GHASH(aes, authIn, authInSz, in, sz, tag, AES_BLOCK_SIZE);
wc_AesEncryptDirect(aes, scratch, initalCounter);
xorbuf(tag, scratch, AES_BLOCK_SIZE);
if (ConstantCompare(tag, authTag, authTagSz) != 0) {
return AES_GCM_AUTH_E;
}
}
#else
if (authInSz > 0) {
cmsg = CMSG_NXTHDR(msg, cmsg);
ret = wc_Afalg_SetAad(cmsg, authInSz);
@@ -643,16 +786,13 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
/* set data to be decrypted*/
iov[0].iov_base = (byte*)authIn;
iov[0].iov_len = authInSz;
iov[1].iov_base = (byte*)in;
iov[1].iov_len = sz;
iov[2].iov_base = (byte*)authTag;
iov[2].iov_len = authTagSz;
aes->msg.msg_iov = iov;
aes->msg.msg_iovlen = 3; /* # of iov structures */
msg->msg_iov = iov;
msg->msg_iovlen = 3; /* # of iov structures */
ret = (int)sendmsg(aes->rdFd, &(aes->msg), 0);
if (ret < 0) {
return ret;
@@ -660,14 +800,13 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
iov[0].iov_base = scratch;
iov[0].iov_len = authInSz;
iov[1].iov_base = out;
iov[1].iov_len = sz;
ret = (int)readv(aes->rdFd, iov, 2);
if (ret < 0) {
return AES_GCM_AUTH_E;
}
#endif
return 0;
}

242
wolfcrypt/src/port/af_alg/afalg_hash.c
View File

@@ -26,83 +26,106 @@
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_AFALG_HASH)
#if defined(WOLFSSL_AFALG_HASH) || defined(WOLFSSL_AFALG_XILINX)
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
#include <wolfssl/wolfcrypt/port/af_alg/afalg_hash.h>
static const char WC_TYPE_HASH[] = "hash";
#if !defined(NO_SHA256)
#include <wolfssl/wolfcrypt/sha256.h>
static const char WC_NAME_SHA256[] = "sha256";
/* create AF_ALG sockets for SHA256 operation */
int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
/* generic AF_ALG hash free */
static void AfalgHashFree(wolfssl_AFALG_Hash* hash)
{
if (sha == NULL) {
if (hash == NULL)
return;
if (hash->alFd > 0) {
close(hash->alFd);
hash->alFd = -1; /* avoid possible double close on socket */
}
if (hash->rdFd > 0) {
close(hash->rdFd);
hash->rdFd = -1; /* avoid possible double close on socket */
}
#if defined(WOLFSSL_AFALG_HASH_KEEP)
if (hash->msg != NULL) {
XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
hash->msg = NULL;
}
#endif
}
/* generic hash init for AF_ALG, returns 0 on success */
static int AfalgHashInit(wolfssl_AFALG_Hash* hash, void* heap, int devId,
const char* type)
{
if (hash == NULL) {
return BAD_FUNC_ARG;
}
(void)devId; /* no async for now */
XMEMSET(sha, 0, sizeof(wc_Sha256));
sha->heap = heap;
XMEMSET(hash, 0, sizeof(wolfssl_AFALG_Hash));
hash->heap = heap;
sha->len = 0;
sha->used = 0;
sha->msg = NULL;
sha->alFd = -1;
sha->rdFd = -1;
hash->len = 0;
hash->used = 0;
hash->msg = NULL;
hash->alFd = -1;
hash->rdFd = -1;
sha->alFd = wc_Afalg_Socket();
if (sha->alFd < 0) {
hash->alFd = wc_Afalg_Socket();
if (hash->alFd < 0) {
return WC_AFALG_SOCK_E;
}
sha->rdFd = wc_Afalg_CreateRead(sha->alFd, WC_TYPE_HASH, WC_NAME_SHA256);
if (sha->rdFd < 0) {
close(sha->alFd);
hash->rdFd = wc_Afalg_CreateRead(hash->alFd, WC_TYPE_HASH, type);
if (hash->rdFd < 0) {
close(hash->alFd);
return WC_AFALG_SOCK_E;
}
return 0;
}
int wc_Sha256Update(wc_Sha256* sha, const byte* in, word32 sz)
/* generic hash update for AF_ALG, returns 0 on success */
static int AfalgHashUpdate(wolfssl_AFALG_Hash* hash, const byte* in, word32 sz)
{
if (sha == NULL || (sz > 0 && in == NULL)) {
if (hash == NULL || (sz > 0 && in == NULL)) {
return BAD_FUNC_ARG;
}
#ifdef WOLFSSL_AFALG_HASH_KEEP
/* keep full message to hash at end instead of incremental updates */
if (sha->len < sha->used + sz) {
if (sha->msg == NULL) {
sha->msg = (byte*)XMALLOC(sha->used + sz, sha->heap,
if (hash->len < hash->used + sz) {
if (hash->msg == NULL) {
hash->msg = (byte*)XMALLOC(hash->used + sz, hash->heap,
DYNAMIC_TYPE_TMP_BUFFER);
} else {
byte* pt = (byte*)XREALLOC(sha->msg, sha->used + sz, sha->heap,
byte* pt = (byte*)XREALLOC(hash->msg, hash->used + sz, hash->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (pt == NULL) {
return MEMORY_E;
}
sha->msg = pt;
hash->msg = pt;
}
if (sha->msg == NULL) {
if (hash->msg == NULL) {
return MEMORY_E;
}
sha->len = sha->used + sz;
hash->len = hash->used + sz;
}
XMEMCPY(sha->msg + sha->used, in, sz);
sha->used += sz;
XMEMCPY(hash->msg + hash->used, in, sz);
hash->used += sz;
#else
int ret;
if ((ret = (int)send(sha->rdFd, in, sz, MSG_MORE)) < 0) {
if ((ret = (int)send(hash->rdFd, in, sz, MSG_MORE)) < 0) {
return ret;
}
#endif
@@ -110,72 +133,78 @@ int wc_Sha256Update(wc_Sha256* sha, const byte* in, word32 sz)
}
int wc_Sha256Final(wc_Sha256* sha, byte* hash)
/* generic hash final for AF_ALG, return 0 on success */
static int AfalgHashFinal(wolfssl_AFALG_Hash* hash, byte* out, word32 outSz,
const char* type)
{
int ret;
int ret;
void* heap;
if (sha == NULL || hash == NULL) {
if (hash == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
heap = hash->heap; /* keep because AfalgHashInit clears the pointer */
#ifdef WOLFSSL_AFALG_HASH_KEEP
/* keep full message to hash at end instead of incremental updates */
if ((ret = (int)send(sha->rdFd, sha->msg, sha->used, 0)) < 0) {
/* keep full message to out at end instead of incremental updates */
if ((ret = (int)send(hash->rdFd, hash->msg, hash->used, 0)) < 0) {
return ret;
}
XFREE(sha->msg, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
sha->msg = NULL;
XFREE(hash->msg, heap, DYNAMIC_TYPE_TMP_BUFFER);
hash->msg = NULL;
#else
if ((ret = (int)send(sha->rdFd, NULL, 0, 0)) < 0) {
if ((ret = (int)send(hash->rdFd, NULL, 0, 0)) < 0) {
return ret;
}
#endif
if ((ret = (int)read(sha->rdFd, hash, WC_SHA256_DIGEST_SIZE)) !=
WC_SHA256_DIGEST_SIZE) {
if ((ret = (int)read(hash->rdFd, out, outSz)) != (int)outSz) {
return ret;
}
wc_Sha256Free(sha);
return wc_InitSha256_ex(sha, sha->heap, 0);
AfalgHashFree(hash);
return AfalgHashInit(hash, heap, 0, type);
}
int wc_Sha256GetHash(wc_Sha256* sha, byte* hash)
/* generic function to get intermediate hash */
static int AfalgHashGet(wolfssl_AFALG_Hash* hash, byte* out, word32 outSz)
{
int ret;
if (sha == NULL || hash == NULL) {
if (hash == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
(void)ret;
#ifdef WOLFSSL_AFALG_HASH_KEEP
if ((ret = (int)send(sha->rdFd, sha->msg, sha->used, 0)) < 0) {
if ((ret = (int)send(hash->rdFd, hash->msg, hash->used, 0)) < 0) {
return ret;
}
if ((ret = (int)read(sha->rdFd, hash, WC_SHA256_DIGEST_SIZE)) !=
WC_SHA256_DIGEST_SIZE) {
if ((ret = (int)read(hash->rdFd, out, outSz)) != (int)outSz) {
return ret;
}
return 0;
#else
(void)sha;
(void)hash;
(void)out;
(void)outSz;
WOLFSSL_MSG("Compile with WOLFSSL_AFALG_HASH_KEEP for this feature");
return NOT_COMPILED_IN;
#endif
}
int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
/* generic struct copy for AF_ALG, returns 0 on success */
static int AfalgHashCopy(wolfssl_AFALG_Hash* src, wolfssl_AFALG_Hash* dst)
{
if (src == NULL || dst == NULL) {
return BAD_FUNC_ARG;
}
XMEMCPY(dst, src, sizeof(wc_Sha256));
XMEMCPY(dst, src, sizeof(wolfssl_AFALG_Hash));
#ifdef WOLFSSL_AFALG_HASH_KEEP
dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -189,16 +218,121 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
dst->alFd = accept(src->alFd, NULL, 0);
if (dst->rdFd == -1 || dst->alFd == -1) {
wc_Sha256Free(dst);
AfalgHashFree(dst);
return -1;
}
return 0;
}
#if !defined(NO_SHA256) && defined(WOLFSSL_AFALG_HASH)
#include <wolfssl/wolfcrypt/sha256.h>
static const char WC_NAME_SHA256[] = "sha256";
/* create AF_ALG sockets for SHA256 operation */
int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
{
return AfalgHashInit(sha, heap, devId, WC_NAME_SHA256);
}
int wc_Sha256Update(wc_Sha256* sha, const byte* in, word32 sz)
{
return AfalgHashUpdate(sha, in, sz);
}
int wc_Sha256Final(wc_Sha256* sha, byte* hash)
{
return AfalgHashFinal(sha, hash, WC_SHA256_DIGEST_SIZE, WC_NAME_SHA256);
}
int wc_Sha256GetHash(wc_Sha256* sha, byte* hash)
{
return AfalgHashGet(sha, hash, WC_SHA256_DIGEST_SIZE);
}
int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
{
return AfalgHashCopy(src, dst);
}
#endif /* !NO_SHA256 */
#if defined(WOLFSSL_SHA3) && defined(WOLFSSL_AFALG_XILINX)
#include <wolfssl/wolfcrypt/sha3.h>
static const char WC_NAME_SHA3[] = "xilinx-keccak-384";
void wc_Sha3_384_Free(wc_Sha3* sha)
{
AfalgHashFree(sha);
}
/* create AF_ALG sockets for SHA256 operation */
int wc_InitSha3_384(wc_Sha3* sha, void* heap, int devId)
{
return AfalgHashInit(sha, heap, devId, WC_NAME_SHA3);
}
int wc_Sha3_384_Update(wc_Sha3* sha, const byte* in, word32 sz)
{
#ifndef WOLFSSL_AFALG_HASH_KEEP
if (sz % 4) {
WOLFSSL_MSG("Alignment issue. Message size needs to be divisable by 4")
return BAD_FUNC_ARG;
}
#endif
return AfalgHashUpdate(sha, in, sz);
}
int wc_Sha3_384_Final(wc_Sha3* sha, byte* hash)
{
if (sha == NULL || hash == NULL) {
return BAD_FUNC_ARG;
}
#ifdef WOLFSSL_AFALG_HASH_KEEP
if (sha->used % 4) {
WOLFSSL_MSG("Alignment issue. Message size needs to be divisable by 4");
return BAD_FUNC_ARG;
}
#endif
return AfalgHashFinal(sha, hash, WC_SHA3_384_DIGEST_SIZE, WC_NAME_SHA3);
}
int wc_Sha3_384_GetHash(wc_Sha3* sha, byte* hash)
{
if (sha == NULL || hash == NULL) {
return BAD_FUNC_ARG;
}
#ifdef WOLFSSL_AFALG_HASH_KEEP
if (sha->used % 4) {
WOLFSSL_MSG("Alignment issue. Message size needs to be divisable by 4");
return BAD_FUNC_ARG;
}
#endif
return AfalgHashGet(sha, hash, WC_SHA3_384_DIGEST_SIZE);
}
int wc_Sha3_384_Copy(wc_Sha3* src, wc_Sha3* dst)
{
return AfalgHashCopy(src, dst);
}
#endif /* WOLFSSL_SHA3 && WOLFSSL_AFALG_XILINX */
#endif /* WOLFSSL_AFALG */

2
wolfcrypt/src/port/af_alg/wc_afalg.c
View File

@@ -27,7 +27,7 @@
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
#if !defined(NO_AES) && defined(WOLFSSL_AFALG)
#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX)
#include <wolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
#include <linux/if_alg.h>

184
wolfcrypt/src/rsa.c
View File

@@ -43,6 +43,10 @@
#include <wolfssl/wolfcrypt/rsa.h>
#ifdef WOLFSSL_AFALG_XILINX
#include <wolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
#endif
#ifdef WOLFSSL_HAVE_SP_RSA
#include <wolfssl/wolfcrypt/sp.h>
#endif
@@ -221,6 +225,7 @@ enum {
RSA_STATE_DECRYPT_RES,
};
static void wc_RsaCleanup(RsaKey* key)
{
#ifndef WOLFSSL_RSA_VERIFY_INLINE
@@ -317,6 +322,11 @@ int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
key->mod = NULL;
#endif
#ifdef WOLFSSL_AFALG_XILINX
key->alFd = WC_SOCK_NOTSET;
key->rdFd = WC_SOCK_NOTSET;
#endif
return ret;
}
@@ -469,6 +479,18 @@ int wc_FreeRsaKey(RsaKey* key)
key->mod = NULL;
#endif
#ifdef WOLFSSL_AFALG_XILINX
/* make sure that sockets are closed on cleanup */
if (key->alFd > 0) {
close(key->alFd);
key->alFd = WC_SOCK_NOTSET;
}
if (key->rdFd > 0) {
close(key->rdFd);
key->rdFd = WC_SOCK_NOTSET;
}
#endif
return ret;
}
@@ -1508,6 +1530,167 @@ static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out,
}
#endif /* WC_RSA_NONBLOCK */
#ifdef WOLFSSL_AFALG_XILINX
#ifndef ERROR_OUT
#define ERROR_OUT(x) ret = (x); goto done
#endif
static const char WC_TYPE_ASYMKEY[] = "skcipher";
static const char WC_NAME_RSA[] = "xilinx-zynqmp-rsa";
#ifndef MAX_XILINX_RSA_KEY
/* max key size of 4096 bits / 512 bytes */
#define MAX_XILINX_RSA_KEY 512
#endif
static const byte XILINX_RSA_FLAG[] = {0x1};
/* AF_ALG implementation of RSA */
static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng)
{
struct msghdr msg;
struct cmsghdr* cmsg;
struct iovec iov;
byte* keyBuf = NULL;
word32 keyBufSz = 0;
char cbuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) + 1)] = {0};
int ret = 0;
int op = 0; /* decryption vs encryption flag */
word32 keyLen;
/* input and output buffer need to be aligned */
ALIGN64 byte outBuf[MAX_XILINX_RSA_KEY];
ALIGN64 byte inBuf[MAX_XILINX_RSA_KEY];
XMEMSET(&msg, 0, sizeof(struct msghdr));
(void)rng;
keyLen = wc_RsaEncryptSize(key);
if (keyLen > *outLen) {
ERROR_OUT(RSA_BUFFER_E);
}
if (keyLen > MAX_XILINX_RSA_KEY) {
WOLFSSL_MSG("RSA key size larger than supported");
ERROR_OUT(BAD_FUNC_ARG);
}
if ((keyBuf = (byte*)XMALLOC(keyLen * 2, key->heap, DYNAMIC_TYPE_KEY))
== NULL) {
ERROR_OUT(MEMORY_E);
}
if ((ret = mp_to_unsigned_bin(&(key->n), keyBuf)) != MP_OKAY) {
ERROR_OUT(MP_TO_E);
}
switch(type) {
case RSA_PRIVATE_DECRYPT:
case RSA_PRIVATE_ENCRYPT:
op = 1; /* set as decrypt */
{
keyBufSz = mp_unsigned_bin_size(&(key->d));
if ((mp_to_unsigned_bin(&(key->d), keyBuf + keyLen))
!= MP_OKAY) {
ERROR_OUT(MP_TO_E);
}
}
break;
case RSA_PUBLIC_DECRYPT:
case RSA_PUBLIC_ENCRYPT: {
word32 exp = 0;
word32 eSz = mp_unsigned_bin_size(&(key->e));
if ((mp_to_unsigned_bin(&(key->e), (byte*)&exp +
(sizeof(word32) - eSz))) != MP_OKAY) {
ERROR_OUT(MP_TO_E);
}
keyBufSz = sizeof(word32);
XMEMCPY(keyBuf + keyLen, (byte*)&exp, keyBufSz);
break;
}
default:
ERROR_OUT(RSA_WRONG_TYPE_E);
}
keyBufSz += keyLen; /* add size of modulus */
/* check for existing sockets before creating new ones */
if (key->alFd > 0) {
close(key->alFd);
key->alFd = WC_SOCK_NOTSET;
}
if (key->rdFd > 0) {
close(key->rdFd);
key->rdFd = WC_SOCK_NOTSET;
}
/* create new sockets and set the key to use */
if ((key->alFd = wc_Afalg_Socket()) < 0) {
WOLFSSL_MSG("Unable to create socket");
ERROR_OUT(key->alFd);
}
if ((key->rdFd = wc_Afalg_CreateRead(key->alFd, WC_TYPE_ASYMKEY,
WC_NAME_RSA)) < 0) {
WOLFSSL_MSG("Unable to bind and create read/send socket");
ERROR_OUT(key->rdFd);
}
if ((ret = setsockopt(key->alFd, SOL_ALG, ALG_SET_KEY, keyBuf,
keyBufSz)) < 0) {
WOLFSSL_MSG("Error setting RSA key");
ERROR_OUT(ret);
}
msg.msg_control = cbuf;
msg.msg_controllen = sizeof(cbuf);
cmsg = CMSG_FIRSTHDR(&msg);
if ((ret = wc_Afalg_SetOp(cmsg, op)) < 0) {
ERROR_OUT(ret);
}
/* set flag in IV spot, needed for Xilinx hardware acceleration use */
cmsg = CMSG_NXTHDR(&msg, cmsg);
if ((ret = wc_Afalg_SetIv(cmsg, (byte*)XILINX_RSA_FLAG,
sizeof(XILINX_RSA_FLAG))) != 0) {
ERROR_OUT(ret);
}
/* compose and send msg */
XMEMCPY(inBuf, (byte*)in, inLen); /* for alignment */
iov.iov_base = inBuf;
iov.iov_len = inLen;
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
if ((ret = sendmsg(key->rdFd, &msg, 0)) <= 0) {
ERROR_OUT(WC_AFALG_SOCK_E);
}
if ((ret = read(key->rdFd, outBuf, inLen)) <= 0) {
ERROR_OUT(WC_AFALG_SOCK_E);
}
XMEMCPY(out, outBuf, ret);
*outLen = keyLen;
done:
/* clear key data and free buffer */
if (keyBuf != NULL) {
ForceZero(keyBuf, keyBufSz);
}
XFREE(keyBuf, key->heap, DYNAMIC_TYPE_KEY);
if (key->alFd > 0) {
close(key->alFd);
key->alFd = WC_SOCK_NOTSET;
}
if (key->rdFd > 0) {
close(key->rdFd);
key->rdFd = WC_SOCK_NOTSET;
}
return ret;
}
#else
static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng)
{
@@ -1775,6 +1958,7 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
return ret;
#endif /* WOLFSSL_SP_MATH */
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA)
static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,

2
wolfcrypt/src/sha256.c
View File

@@ -2915,7 +2915,7 @@ void wc_Sha256Free(wc_Sha256* sha256)
#ifdef WOLFSSL_DEVCRYPTO_HASH
wc_DevCryptoFree(&sha256->ctx);
#endif /* WOLFSSL_DEVCRYPTO */
#if defined(WOLFSSL_AFALG_HASH_KEEP) || \
#if (defined(WOLFSSL_AFALG_HASH) && defined(WOLFSSL_AFALG_HASH_KEEP)) || \
(defined(WOLFSSL_DEVCRYPTO_HASH) && defined(WOLFSSL_DEVCRYPTO_HASH_KEEP))
if (sha256->msg != NULL) {
XFREE(sha256->msg, sha256->heap, DYNAMIC_TYPE_TMP_BUFFER);

3
wolfcrypt/src/sha3.c
View File

@@ -26,7 +26,8 @@
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_XILINX_CRYPT)
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_XILINX_CRYPT) && \
!defined(WOLFSSL_AFALG_XILINX)
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)

137
wolfcrypt/test/test.c
View File

@@ -222,6 +222,11 @@
#include "wolfcrypt/test/test.h"
#endif
/* these cases do not have intermediate hashing support */
#if (defined(WOLFSSL_AFALG_XILINX) && !defined(WOLFSSL_AFALG_HASH_KEEP))
#define NO_INTM_HASH_TEST
#endif
#if defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_MULTI_ATTRIB)
static void initDefaultName(void);
#endif
@@ -668,7 +673,9 @@ initDefaultName();
printf( "HMAC-BLAKE2 test passed!\n");
#endif
#ifdef WOLFSSL_SHA3
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA3) && \
!defined(WOLFSSL_NOSHA3_224) && !defined(WOLFSSL_NOSHA3_256) && \
!defined(WOLFSSL_NOSHA3_384) && !defined(WOLFSSL_NOSHA3_512)
if ( (ret = hmac_sha3_test()) != 0)
return err_sys("HMAC-SHA3 test failed!\n", ret);
else
@@ -690,7 +697,8 @@ initDefaultName();
printf( "X963-KDF test passed!\n");
#endif
#if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128)
#if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128) && \
!defined(WOLFSSL_AFALG_XILINX_AES)
if ( (ret = gmac_test()) != 0)
return err_sys("GMAC test failed!\n", ret);
else
@@ -777,16 +785,13 @@ initDefaultName();
!defined(STM32_CRYPTO)
if ( (ret = aesgcm_test()) != 0)
return err_sys("AES-GCM test failed!\n", ret);
else
#endif
{
if ((ret = aesgcm_default_test()) != 0) {
return err_sys("AES-GCM test failed!\n", ret);
}
else {
printf( "AES-GCM test passed!\n");
}
#ifndef WOLFSSL_AFALG_XILINX_AES
if ((ret = aesgcm_default_test()) != 0) {
return err_sys("AES-GCM test failed!\n", ret);
}
#endif
printf( "AES-GCM test passed!\n");
#endif
#if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
@@ -2569,7 +2574,9 @@ static int sha3_384_test(void)
{
wc_Sha3 sha;
byte hash[WC_SHA3_384_DIGEST_SIZE];
#ifndef NO_INTM_HASH_TEST
byte hashcopy[WC_SHA3_384_DIGEST_SIZE];
#endif
testVector a, b, c;
testVector test_sha[3];
@@ -2584,6 +2591,17 @@ static int sha3_384_test(void)
a.inLen = XSTRLEN(a.input);
a.outLen = WC_SHA3_384_DIGEST_SIZE;
#ifdef WOLFSSL_AFALG_XILINX
/* NIST test vector with a length that is a multiple of 4 */
b.input = "\x7d\x80\xb1\x60\xc4\xb5\x36\xa3\xbe\xb7\x99\x80\x59\x93\x44"
"\x04\x7c\x5f\x82\xa1\xdf\xc3\xee\xd4";
b.output = "\x04\x1c\xc5\x86\x1b\xa3\x34\x56\x3c\x61\xd4\xef\x97\x10\xd4"
"\x89\x6c\x31\x1c\x92\xed\xbe\x0d\x7c\xd5\x3e\x80\x3b\xf2\xf4"
"\xeb\x60\x57\x23\x55\x70\x77\x0c\xe8\x7c\x55\x20\xd7\xec\x14"
"\x19\x87\x22";
b.inLen = XSTRLEN(b.input);
b.outLen = WC_SHA3_384_DIGEST_SIZE;
#else
b.input = "abc";
b.output = "\xec\x01\x49\x82\x88\x51\x6f\xc9\x26\x45\x9f\x58\xe2\xc6\xad"
"\x8d\xf9\xb4\x73\xcb\x0f\xc0\x8c\x25\x96\xda\x7c\xf0\xe4\x9b"
@@ -2591,7 +2609,7 @@ static int sha3_384_test(void)
"\x37\x6d\x25";
b.inLen = XSTRLEN(b.input);
b.outLen = WC_SHA3_384_DIGEST_SIZE;
#endif
c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
c.output = "\x99\x1c\x66\x57\x55\xeb\x3a\x4b\x6b\xbd\xfb\x75\xc7\x8a\x49"
"\x2e\x8c\x56\xa2\x2c\x5c\x4d\x7e\x42\x9b\xfd\xbc\x32\xb9\xd4"
@@ -2613,17 +2631,21 @@ static int sha3_384_test(void)
(word32)test_sha[i].inLen);
if (ret != 0)
ERROR_OUT(-2701 - i, exit);
#ifndef NO_INTM_HASH_TEST
ret = wc_Sha3_384_GetHash(&sha, hashcopy);
if (ret != 0)
ERROR_OUT(-2702 - i, exit);
#endif
ret = wc_Sha3_384_Final(&sha, hash);
if (ret != 0)
ERROR_OUT(-2703 - i, exit);
if (XMEMCMP(hash, test_sha[i].output, WC_SHA3_384_DIGEST_SIZE) != 0)
ERROR_OUT(-2704 - i, exit);
#ifndef NO_INTM_HASH_TEST
if (XMEMCMP(hash, hashcopy, WC_SHA3_384_DIGEST_SIZE) != 0)
ERROR_OUT(-2705 - i, exit);
#endif
}
/* BEGIN LARGE HASH TEST */ {
@@ -3761,7 +3783,9 @@ int hmac_sha512_test(void)
#endif
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA3)
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA3) && \
!defined(WOLFSSL_NOSHA3_224) && !defined(WOLFSSL_NOSHA3_256) && \
!defined(WOLFSSL_NOSHA3_384) && !defined(WOLFSSL_NOSHA3_512)
int hmac_sha3_test(void)
{
Hmac hmac;
@@ -6763,7 +6787,7 @@ int aesgcm_default_test(void)
0xe4, 0xed, 0x2f, 0x6d
};
byte plain1[] = {
ALIGN64 byte plain1[] = {
0xcc, 0x38, 0xbc, 0xcd, 0x6b, 0xc5, 0x36, 0xad,
0x91, 0x9b, 0x13, 0x95, 0xf5, 0xd6, 0x38, 0x01,
0xf9, 0x9f, 0x80, 0x68, 0xd6, 0x5c, 0xa5, 0xac,
@@ -6775,7 +6799,7 @@ int aesgcm_default_test(void)
0xff, 0xe8, 0x02, 0x56, 0xe5, 0xb1, 0xc6, 0xb1
};
byte cipher1[] = {
ALIGN64 byte cipher1[] = {
0xdf, 0xce, 0x4e, 0x9c, 0xd2, 0x91, 0x10, 0x3d,
0x7f, 0xe4, 0xe6, 0x33, 0x51, 0xd9, 0xe7, 0x9d,
0x3d, 0xfd, 0x39, 0x1e, 0x32, 0x67, 0x10, 0x46,
@@ -6798,12 +6822,12 @@ int aesgcm_default_test(void)
0xc9, 0x8a, 0xff, 0xe3
};
byte plain2[] = {
ALIGN64 byte plain2[] = {
0x4b, 0x34, 0xa9, 0xec, 0x57, 0x63, 0x52, 0x4b,
0x19, 0x1d, 0x56, 0x16, 0xc5, 0x47, 0xf6, 0xb7
};
byte cipher2[] = {
ALIGN64 byte cipher2[] = {
0x60, 0x9a, 0xa3, 0xf4, 0x54, 0x1b, 0xc0, 0xfe,
0x99, 0x31, 0xda, 0xad, 0x2e, 0xe1, 0x5d, 0x0c
};
@@ -6855,6 +6879,7 @@ int aesgcm_default_test(void)
int aesgcm_test(void)
{
Aes enc;
Aes dec;
/*
* This is Test Case 16 from the document Galois/
@@ -6918,7 +6943,7 @@ int aesgcm_test(void)
#if !defined(HAVE_FIPS) && \
!defined(STM32_CRYPTO) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
!defined(FREESCALE_LTC) && !defined(FREESCALE_MMCAU) && \
!defined(WOLFSSL_XILINX_CRYPT)
!defined(WOLFSSL_XILINX_CRYPT) && !defined(WOLFSSL_AFALG_XILINX_AES)
#define ENABLE_NON_12BYTE_IV_TEST
#ifdef WOLFSSL_AES_192
@@ -7004,11 +7029,14 @@ int aesgcm_test(void)
#endif
byte resultT[sizeof(t1)];
byte resultP[sizeof(p)];
byte resultC[sizeof(p)];
byte resultP[sizeof(p) + AES_BLOCK_SIZE];
byte resultC[sizeof(p) + AES_BLOCK_SIZE];
int result;
#ifdef WOLFSSL_AES_256
int alen, plen;
int alen;
#ifndef WOLFSSL_AFALG_XILINX_AES
int plen;
#endif
#endif
#if !defined(BENCH_EMBEDDED)
@@ -7031,6 +7059,9 @@ int aesgcm_test(void)
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0) {
return -5700;
}
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0) {
return -5700;
}
#ifdef WOLFSSL_AES_256
result = wc_AesGcmSetKey(&enc, k1, sizeof(k1));
@@ -7045,20 +7076,24 @@ int aesgcm_test(void)
#endif
if (result != 0)
return -5702;
if (XMEMCMP(c1, resultC, sizeof(resultC)))
if (XMEMCMP(c1, resultC, sizeof(c1)))
return -5703;
if (XMEMCMP(t1, resultT, sizeof(resultT)))
return -5704;
#ifdef HAVE_AES_DECRYPT
result = wc_AesGcmDecrypt(&enc, resultP, resultC, sizeof(resultC),
result = wc_AesGcmSetKey(&dec, k1, sizeof(k1));
if (result != 0)
return -5701;
result = wc_AesGcmDecrypt(&dec, resultP, resultC, sizeof(c1),
iv1, sizeof(iv1), resultT, sizeof(resultT), a, sizeof(a));
#if defined(WOLFSSL_ASYNC_CRYPT)
result = wc_AsyncWait(result, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (result != 0)
return -5705;
if (XMEMCMP(p, resultP, sizeof(resultP)))
if (XMEMCMP(p, resultP, sizeof(p)))
return -5706;
#endif /* HAVE_AES_DECRYPT */
@@ -7079,7 +7114,7 @@ int aesgcm_test(void)
return -5707;
#ifdef HAVE_AES_DECRYPT
result = wc_AesGcmDecrypt(&enc, large_outdec, large_output,
result = wc_AesGcmDecrypt(&dec, large_outdec, large_output,
BENCH_AESGCM_LARGE, iv1, sizeof(iv1), resultT,
sizeof(resultT), a, sizeof(a));
#if defined(WOLFSSL_ASYNC_CRYPT)
@@ -7103,10 +7138,10 @@ int aesgcm_test(void)
if (result != 0)
return -5710;
#ifdef HAVE_AES_DECRYPT
result = wc_AesGcmDecrypt(&enc, resultP, resultC, sizeof(resultC), k1,
result = wc_AesGcmDecrypt(&dec, resultP, resultC, sizeof(c1), k1,
(word32)ivlen, resultT, sizeof(resultT), a, sizeof(a));
#if defined(WOLFSSL_ASYNC_CRYPT)
result = wc_AsyncWait(result, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
result = wc_AsyncWait(result, &dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (result != 0)
return -5711;
@@ -7125,16 +7160,17 @@ int aesgcm_test(void)
if (result != 0)
return -5712;
#ifdef HAVE_AES_DECRYPT
result = wc_AesGcmDecrypt(&enc, resultP, resultC, sizeof(resultC), iv1,
result = wc_AesGcmDecrypt(&dec, resultP, resultC, sizeof(c1), iv1,
sizeof(iv1), resultT, sizeof(resultT), p, (word32)alen);
#if defined(WOLFSSL_ASYNC_CRYPT)
result = wc_AsyncWait(result, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
result = wc_AsyncWait(result, &dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (result != 0)
return -5713;
#endif /* HAVE_AES_DECRYPT */
}
#ifndef WOLFSSL_AFALG_XILINX_AES
#ifdef BENCH_AESGCM_LARGE
/* Variable plain text length test */
for (plen=1; plen<BENCH_AESGCM_LARGE; plen++) {
@@ -7149,11 +7185,11 @@ int aesgcm_test(void)
return -5714;
#ifdef HAVE_AES_DECRYPT
result = wc_AesGcmDecrypt(&enc, large_outdec, large_output,
result = wc_AesGcmDecrypt(&dec, large_outdec, large_output,
plen, iv1, sizeof(iv1), resultT,
sizeof(resultT), a, sizeof(a));
#if defined(WOLFSSL_ASYNC_CRYPT)
result = wc_AsyncWait(result, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
result = wc_AsyncWait(result, &dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (result != 0)
return -5715;
@@ -7171,16 +7207,17 @@ int aesgcm_test(void)
if (result != 0)
return -5716;
#ifdef HAVE_AES_DECRYPT
result = wc_AesGcmDecrypt(&enc, resultP, resultC, (word32)plen, iv1,
result = wc_AesGcmDecrypt(&dec, resultP, resultC, (word32)plen, iv1,
sizeof(iv1), resultT, sizeof(resultT), a, sizeof(a));
#if defined(WOLFSSL_ASYNC_CRYPT)
result = wc_AsyncWait(result, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
result = wc_AsyncWait(result, &dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (result != 0)
return -5717;
#endif /* HAVE_AES_DECRYPT */
}
#endif /* BENCH_AESGCM_LARGE */
#endif
#endif /* WOLFSSL_AES_256 */
/* test with IV != 12 bytes */
@@ -7199,20 +7236,20 @@ int aesgcm_test(void)
#endif
if (result != 0)
return -5718;
if (XMEMCMP(c2, resultC, sizeof(resultC)))
if (XMEMCMP(c2, resultC, sizeof(c2)))
return -5719;
if (XMEMCMP(t2, resultT, sizeof(resultT)))
return -5720;
#ifdef HAVE_AES_DECRYPT
result = wc_AesGcmDecrypt(&enc, resultP, resultC, sizeof(resultC),
result = wc_AesGcmDecrypt(&enc, resultP, resultC, sizeof(c1),
iv2, sizeof(iv2), resultT, sizeof(resultT), a, sizeof(a));
#if defined(WOLFSSL_ASYNC_CRYPT)
result = wc_AsyncWait(result, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (result != 0)
return -5721;
if (XMEMCMP(p, resultP, sizeof(resultP)))
if (XMEMCMP(p, resultP, sizeof(p)))
return -5722;
#endif /* HAVE_AES_DECRYPT */
@@ -7249,7 +7286,7 @@ int aesgcm_test(void)
#endif /* WOLFSSL_AES_128 */
#endif /* ENABLE_NON_12BYTE_IV_TEST */
#ifdef WOLFSSL_AES_256
#if defined(WOLFSSL_AES_256) && !defined(WOLFSSL_AFALG_XILINX_AES)
XMEMSET(resultT, 0, sizeof(resultT));
XMEMSET(resultC, 0, sizeof(resultC));
XMEMSET(resultP, 0, sizeof(resultP));
@@ -7263,20 +7300,20 @@ int aesgcm_test(void)
#endif
if (result != 0)
return -5728;
if (XMEMCMP(c1, resultC, sizeof(resultC)))
if (XMEMCMP(c1, resultC, sizeof(c1)))
return -5729;
if (XMEMCMP(t1, resultT + 1, sizeof(resultT) - 1))
return -5730;
#ifdef HAVE_AES_DECRYPT
result = wc_AesGcmDecrypt(&enc, resultP, resultC, sizeof(resultC),
result = wc_AesGcmDecrypt(&enc, resultP, resultC, sizeof(p),
iv1, sizeof(iv1), resultT + 1, sizeof(resultT) - 1, a, sizeof(a));
#if defined(WOLFSSL_ASYNC_CRYPT)
result = wc_AsyncWait(result, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (result != 0)
return -5731;
if (XMEMCMP(p, resultP, sizeof(resultP)))
if (XMEMCMP(p, resultP, sizeof(p)))
return -5732;
#endif /* HAVE_AES_DECRYPT */
#endif /* WOLFSSL_AES_256 */
@@ -7325,17 +7362,22 @@ int aesgcm_test(void)
}
#ifdef HAVE_AES_DECRYPT
result = wc_AesGcmDecrypt(&enc,
resultP, resultC, sizeof(resultC),
wc_AesGcmSetKey(&dec, k1, sizeof(k1));
result = wc_AesGcmSetIV(&dec, sizeof(randIV), NULL, 0, &rng);
if (result != 0)
return -8213;
result = wc_AesGcmDecrypt(&dec,
resultP, resultC, sizeof(c1),
randIV, sizeof(randIV),
resultT, sizeof(resultT),
a, sizeof(a));
#if defined(WOLFSSL_ASYNC_CRYPT)
result = wc_AsyncWait(result, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
#if defined(WOLFSSL_ASYNC_CRYPT)
result = wc_AsyncWait(result, &dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (result != 0)
return -8211;
if (XMEMCMP(p, resultP, sizeof(resultP)))
if (XMEMCMP(p, resultP, sizeof(p)))
return -8212;
#endif /* HAVE_AES_DECRYPT */
@@ -7345,6 +7387,7 @@ int aesgcm_test(void)
#endif /* HAVE_FIPS_VERSION >= 2 */
wc_AesFree(&enc);
wc_AesFree(&dec);
return 0;
}
@@ -9260,6 +9303,9 @@ static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
* -101 = USER_CRYPTO_ERROR
*/
if (ret == 0)
#elif defined(WOLFSSL_AFALG_XILINX)
/* blinding / rng handled with hardware acceleration */
if (ret != 0)
#elif defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
/* async may not require RNG */
if (ret != 0 && ret != MISSING_RNG_E)
@@ -9320,6 +9366,7 @@ static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
sigSz = (word32)ret;
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
XMEMSET(out, 0, sizeof(out));
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
inLen, out, &sigSz, key, keyLen, rng);
if (ret != 0)

13
wolfssl/wolfcrypt/aes.h
View File

@@ -68,9 +68,9 @@
#include "xsecure_aes.h"
#endif
#ifdef WOLFSSL_AFALG
#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
/* included for struct msghdr */
#include <sys/socket.h>
#include <wolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
#endif
#if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)
@@ -172,11 +172,15 @@ typedef struct Aes {
word32 key_init[8];
word32 kup;
#endif
#ifdef WOLFSSL_AFALG
#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
int alFd; /* server socket to bind to */
int rdFd; /* socket to read from */
struct msghdr msg;
int dir; /* flag for encrpyt or decrypt */
#ifdef WOLFSSL_AFALG_XILINX_AES
word32 msgBuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) +
GCM_NONCE_MID_SZ)];
#endif
#endif
#if defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
@@ -258,6 +262,9 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
#ifdef WOLFSSL_XILINX_CRYPT
WOLFSSL_API int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
word32 kup);
#elif defined(WOLFSSL_AFALG_XILINX_AES)
WOLFSSL_LOCAL int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
word32 kup);
#endif
WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out,

5
wolfssl/wolfcrypt/port/af_alg/afalg_hash.h
View File

@@ -39,9 +39,12 @@ typedef struct {
#if !defined(NO_SHA256)
#if !defined(NO_SHA256) && defined(WOLFSSL_AFALG_HASH)
typedef wolfssl_AFALG_Hash wc_Sha256;
#endif
#if defined(WOLFSSL_SHA3) && defined(WOLFSSL_AFALG_XILINX)
typedef wolfssl_AFALG_Hash wc_Sha3;
#endif
#endif /* WOLF_CRYPT_AFALG_HASH_H */

4
wolfssl/wolfcrypt/rsa.h
View File

@@ -179,6 +179,10 @@ struct RsaKey {
#ifdef WC_RSA_NONBLOCK
RsaNb* nb;
#endif
#ifdef WOLFSSL_AFALG_XILINX
int alFd;
int rdFd;
#endif
};
#ifndef WC_RSAKEY_TYPE_DEFINED

6
wolfssl/wolfcrypt/settings.h
View File

@@ -1272,7 +1272,7 @@ extern void uITRON4_free(void *p) ;
#define HAVE_AESGCM
#endif
#if defined(WOLFSSL_XILINX_CRYPT)
#if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_AFALG_XILINX)
#if defined(WOLFSSL_ARMASM)
#error can not use both ARMv8 instructions and XILINX hardened crypto
#endif
@@ -1285,6 +1285,10 @@ extern void uITRON4_free(void *p) ;
#define WOLFSSL_NOSHA3_256
#define WOLFSSL_NOSHA3_512
#endif
#ifdef WOLFSSL_AFALG_XILINX_AES
#undef WOLFSSL_AES_DIRECT
#define WOLFSSL_AES_DIRECT
#endif
#endif /*(WOLFSSL_XILINX_CRYPT)*/
#if defined(WOLFSSL_APACHE_MYNEWT)

3
wolfssl/wolfcrypt/sha3.h
View File

@@ -81,8 +81,11 @@ enum {
#endif
#ifdef WOLFSSL_XILINX_CRYPT
#include "wolfssl/wolfcrypt/port/xilinx/xil-sha3.h"
#elif defined(WOLFSSL_AFALG_XILINX)
#include <wolfssl/wolfcrypt/port/af_alg/afalg_hash.h>
#else
/* Sha3 digest */
typedef struct Sha3 {

21
wolfssl/wolfcrypt/types.h
View File

@@ -640,8 +640,10 @@
#define INVALID_DEVID -2
/* AESNI requires alignment and ARMASM gains some performance from it */
#if defined(WOLFSSL_AESNI) || defined(WOLFSSL_ARMASM) || defined(USE_INTEL_SPEEDUP)
/* AESNI requires alignment and ARMASM gains some performance from it
* Xilinx RSA operations require alignment */
#if defined(WOLFSSL_AESNI) || defined(WOLFSSL_ARMASM) || \
defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_AFALG_XILINX)
#if !defined(ALIGN16)
#if defined(__GNUC__)
#define ALIGN16 __attribute__ ( (aligned (16)))
@@ -664,19 +666,19 @@
#else
#define ALIGN32
#endif
#endif
#endif /* !ALIGN32 */
#if !defined(ALIGN32)
#if !defined(ALIGN64)
#if defined(__GNUC__)
#define ALIGN32 __attribute__ ( (aligned (32)))
#define ALIGN64 __attribute__ ( (aligned (64)))
#elif defined(_MSC_VER)
/* disable align warning, we want alignment ! */
#pragma warning(disable: 4324)
#define ALIGN32 __declspec (align (32))
#define ALIGN64 __declspec (align (64))
#else
#define ALIGN32
#define ALIGN64
#endif
#endif /* !ALIGN32 */
#endif /* !ALIGN64 */
#if defined(__GNUC__)
#define ALIGN128 __attribute__ ( (aligned (128)))
@@ -705,6 +707,9 @@
#ifndef ALIGN32
#define ALIGN32
#endif
#ifndef ALIGN64
#define ALIGN64
#endif
#ifndef ALIGN128
#define ALIGN128
#endif