feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #6783 from bandi13/more_async_cb

Browse Source 
More async cb
This commit is contained in:
David Garske
2023-09-20 10:16:08 -07:00
committed by GitHub
parent e91b6230a8 9ed19cddfa
commit f7ca923b4b
9 changed files with 79 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
configure.ac
View File

@ -7004,7 +7004,7 @@ AC_ARG_WITH([cavium-v],
ENABLED_CAVIUM_V=yes
],
[
ENABLED_CAVIUM_=no
ENABLED_CAVIUM=no
ENABLED_CAVIUM_V=no
]
)
@ -7804,6 +7804,30 @@ then
AC_MSG_ERROR([please use --with-libz if enabling mcapi.])
fi
# cryptodev is old name, replaced with cryptocb
AC_ARG_ENABLE([cryptodev],
[AS_HELP_STRING([--enable-cryptodev],[DEPRECATED, use cryptocb instead])],
[ ENABLED_CRYPTOCB=$enableval ],[ ENABLED_CRYPTOCB=no ])
# Support for crypto callbacks
AC_ARG_ENABLE([cryptocb],
[AS_HELP_STRING([--enable-cryptocb],[Enable crypto callbacks (default: disabled)])],
[ ENABLED_CRYPTOCB=$enableval ],
[ ENABLED_CRYPTOCB=no ]
)
if test "x$ENABLED_PKCS11" = "xyes" || test "x$ENABLED_WOLFTPM" = "xyes" || test "$ENABLED_CAAM" != "no"
then
ENABLED_CRYPTOCB=yes
fi
if test "$ENABLED_CRYPTOCB" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB"
fi
# Asynchronous Crypto
AC_ARG_ENABLE([asynccrypt],
[AS_HELP_STRING([--enable-asynccrypt],[Enable Asynchronous Crypto (default: disabled)])],
@ -7826,6 +7850,7 @@ fi
if test "$ENABLED_ASYNCCRYPT" = "yes"
then
AC_MSG_NOTICE([Enabling asynchronous support])
if ! test -f ${srcdir}/wolfcrypt/src/async.c || ! test -f ${srcdir}/wolfssl/wolfcrypt/async.h
then
AC_MSG_ERROR([--enable-asynccrypt requested, but WOLFSSL_ASYNC_CRYPT source files are missing.])
@ -7835,15 +7860,14 @@ then
# If no async backend (hardware or software) has been explicitly enabled,
# use the software backend for testing.
if test "x$ENABLED_CAVIUM" = "xno" && test "x$ENABLED_INTEL_QA" = "xno" &&
test "x$ENABLED_ASYNCCRYPT_SW" = "xno"
if test "x$ENABLED_CAVIUM" != "xyes" && test "x$ENABLED_INTEL_QA" != "xyes" && test "x$ENABLED_CRYPTOCB" != "xyes" && test "x$ENABLED_PKCALLBACKS" != "xyes" && test "x$ENABLED_ASYNCCRYPT_SW" != "xyes"
then
# Async threading is Linux specific
AC_MSG_NOTICE([Enabling asynchronous software simulator])
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT_SW"
ENABLED_ASYNCCRYPT_SW=yes
fi
fi
# check for async if using Intel QuckAssist or Cavium
if test "x$ENABLED_INTEL_QA" = "xyes" || test "x$ENABLED_CAVIUM" = "xyes" ; then
if test "x$ENABLED_ASYNCCRYPT" = "xno" ; then
@ -7851,8 +7875,7 @@ if test "x$ENABLED_INTEL_QA" = "xyes" || test "x$ENABLED_CAVIUM" = "xyes" ; then
fi
fi
# Asynchronous threading
# Asynchronous threading (Linux specific)
AC_ARG_ENABLE([asyncthreads],
[AS_HELP_STRING([--enable-asyncthreads],[Enable Asynchronous Threading (default: enabled)])],
[ ENABLED_ASYNCTHREADS=$enableval ],
@ -7875,28 +7898,6 @@ else
fi
# cryptodev is old name, replaced with cryptocb
AC_ARG_ENABLE([cryptodev],
[AS_HELP_STRING([--enable-cryptodev],[DEPRECATED, use cryptocb instead])],
[ ENABLED_CRYPTOCB=$enableval ],[ ENABLED_CRYPTOCB=no ])
# Support for crypto callbacks
AC_ARG_ENABLE([cryptocb],
[AS_HELP_STRING([--enable-cryptocb],[Enable crypto callbacks (default: disabled)])],
[ ENABLED_CRYPTOCB=$enableval ],
[ ENABLED_CRYPTOCB=no ]
)
if test "x$ENABLED_PKCS11" = "xyes" || test "x$ENABLED_WOLFTPM" = "xyes" || test "$ENABLED_CAAM" != "no"
then
ENABLED_CRYPTOCB=yes
fi
if test "$ENABLED_CRYPTOCB" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB"
fi
# Session Export
AC_ARG_ENABLE([sessionexport],
[AS_HELP_STRING([--enable-sessionexport],[Enable export and import of sessions (default: disabled)])],
@ -9515,7 +9516,8 @@ echo " * Stack sizes in tests: $ENABLED_STACKSIZE"
echo " * Heap stats in tests: $ENABLED_TRACKMEMORY"
echo " * User Crypto: $ENABLED_USER_CRYPTO"
echo " * Fast RSA: $ENABLED_FAST_RSA"
echo " * Async Crypto: $ENABLED_ASYNCCRYPT"
echo " * Asynchronous Crypto: $ENABLED_ASYNCCRYPT"
echo " * Asynchronous Crypto (sim): $ENABLED_ASYNCCRYPT_SW"
echo " * PKCS#8: $ENABLED_PKCS8"
echo " * PKCS#11: $ENABLED_PKCS11"
echo " * PKCS#12: $ENABLED_PKCS12"
@ -9536,6 +9538,7 @@ echo " * Inline Code: $ENABLED_INLINE"
echo " * Linux AF_ALG: $ENABLED_AFALG"
echo " * Linux KCAPI: $ENABLED_KCAPI"
echo " * Linux devcrypto: $ENABLED_DEVCRYPTO"
echo " * PK callbacks: $ENABLED_PKCALLBACKS"
echo " * Crypto callbacks: $ENABLED_CRYPTOCB"
echo " * i.MX CAAM: $ENABLED_CAAM"
echo " * IoT-Safe: $ENABLED_IOTSAFE"

16
src/internal.c
View File

@ -38733,18 +38733,24 @@ int wolfSSL_AsyncPop(WOLFSSL* ssl, byte* state)
ret = wolfAsync_EventPop(event, WOLF_EVENT_TYPE_ASYNC_WOLFSSL);
if (ret != WC_NO_PENDING_E && ret != WC_PENDING_E) {
/* advance key share state if doesn't need called again */
if (state && (asyncDev->event.flags & WC_ASYNC_FLAG_CALL_AGAIN) == 0) {
(*state)++;
}
/* clear event */
/* clear event and async device */
XMEMSET(&asyncDev->event, 0, sizeof(WOLF_EVENT));
/* clear async dev */
ssl->asyncDev = NULL;
}
#if !defined(WOLFSSL_ASYNC_CRYPT_SW) && \
(defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS))
else if (ret == WC_PENDING_E) {
/* Allow the underlying crypto API to be called again to trigger the
* crypto or PK callback. The actual callback must be called, since
* the completion is not detected in the poll like Intel QAT or
* Nitrox */
ret = wolfEventQueue_Remove(&ssl->ctx->event_queue, event);
}
#endif
}
else {
ret = WC_NO_PENDING_E;

31
src/tls.c
View File

@ -7392,7 +7392,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
word16 curveId = (word16) ECC_CURVE_INVALID;
ecc_key* eccKey = (ecc_key*)kse->key;
/* TODO: [TLS13] The key sizes should come from wolfcrypt. */
/* TODO: [TLS13] Get key sizes using wc_ecc_get_curve_size_from_id. */
/* Translate named group to a curve id. */
switch (kse->group) {
#if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
@ -7431,9 +7431,6 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
}
if (kse->key == NULL) {
kse->keyLen = keySize;
kse->pubKeyLen = keySize * 2 + 1;
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13GenEccKeyPair(ssl, kse);
if (ret != CRYPTOCB_UNAVAILABLE) {
@ -7447,9 +7444,13 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
return MEMORY_E;
}
/* Make an ECC key */
/* Initialize an ECC key struct for the ephemeral key */
ret = wc_ecc_init_ex((ecc_key*)kse->key, ssl->heap, ssl->devId);
if (ret == 0) {
kse->keyLen = keySize;
kse->pubKeyLen = keySize * 2 + 1;
/* setting eccKey means okay to call wc_ecc_free */
eccKey = (ecc_key*)kse->key;
@ -7461,11 +7462,21 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
/* set curve info for EccMakeKey "peer" info */
ret = wc_ecc_set_curve(eccKey, kse->keyLen, curveId);
if (ret == 0) {
/* Generate ephemeral ECC key */
/* For async this is called once and when event is done, the
* provided buffers in key be populated.
* Final processing is x963 key export below. */
ret = EccMakeKey(ssl, eccKey, eccKey);
#ifdef WOLFSSL_ASYNC_CRYPT
/* Detect when private key generation is done */
if (ssl->error == WC_PENDING_E &&
eccKey->type == ECC_PRIVATEKEY) {
ret = 0; /* ECC Key Generation is done */
}
else
#endif
{
/* Generate ephemeral ECC key */
/* For async this is called once and when event is done, the
* provided buffers in key be populated.
* Final processing is x963 key export below. */
ret = EccMakeKey(ssl, eccKey, eccKey);
}
}
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)

8
wolfcrypt/src/aes.c
View File

@ -4156,7 +4156,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
return IntelQaSymAesCbcEncrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->devKey, aes->keylen,
(byte*)aes->reg, AES_BLOCK_SIZE);
#else /* WOLFSSL_ASYNC_CRYPT_SW */
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_CBC_ENCRYPT)) {
WC_ASYNC_SW* sw = &aes->asyncDev.sw;
sw->aes.aes = aes;
@ -4321,7 +4321,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
return IntelQaSymAesCbcDecrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->devKey, aes->keylen,
(byte*)aes->reg, AES_BLOCK_SIZE);
#else /* WOLFSSL_ASYNC_CRYPT_SW */
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_CBC_DECRYPT)) {
WC_ASYNC_SW* sw = &aes->asyncDev.sw;
sw->aes.aes = aes;
@ -6896,7 +6896,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return IntelQaSymAesGcmEncrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->devKey, aes->keylen, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
#else /* WOLFSSL_ASYNC_CRYPT_SW */
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_GCM_ENCRYPT)) {
WC_ASYNC_SW* sw = &aes->asyncDev.sw;
sw->aes.aes = aes;
@ -7456,7 +7456,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return IntelQaSymAesGcmDecrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->devKey, aes->keylen, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
#else /* WOLFSSL_ASYNC_CRYPT_SW */
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_GCM_DECRYPT)) {
WC_ASYNC_SW* sw = &aes->asyncDev.sw;
sw->aes.aes = aes;

4
wolfcrypt/src/des3.c
View File

@ -1616,7 +1616,7 @@
#elif defined(HAVE_INTEL_QA)
return IntelQaSymDes3CbcEncrypt(&des->asyncDev, out, in, sz,
(const byte*)des->devKey, DES3_KEYLEN, (byte*)des->reg, DES3_IVLEN);
#else /* WOLFSSL_ASYNC_CRYPT_SW */
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&des->asyncDev, ASYNC_SW_DES3_CBC_ENCRYPT)) {
WC_ASYNC_SW* sw = &des->asyncDev.sw;
sw->des.des = des;
@ -1667,7 +1667,7 @@
#elif defined(HAVE_INTEL_QA)
return IntelQaSymDes3CbcDecrypt(&des->asyncDev, out, in, sz,
(const byte*)des->devKey, DES3_KEYLEN, (byte*)des->reg, DES3_IVLEN);
#else /* WOLFSSL_ASYNC_CRYPT_SW */
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&des->asyncDev, ASYNC_SW_DES3_CBC_DECRYPT)) {
WC_ASYNC_SW* sw = &des->asyncDev.sw;
sw->des.des = des;

4
wolfcrypt/src/dh.c
View File

@ -1433,7 +1433,7 @@ static int wc_DhGenerateKeyPair_Async(DhKey* key, WC_RNG* rng,
#elif defined(HAVE_CAVIUM)
/* TODO: Not implemented - use software for now */
#else /* WOLFSSL_ASYNC_CRYPT_SW */
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_DH_GEN)) {
WC_ASYNC_SW* sw = &key->asyncDev.sw;
sw->dhGen.key = key;
@ -2207,7 +2207,7 @@ static int wc_DhAgree_Async(DhKey* key, byte* agree, word32* agreeSz,
#elif defined(HAVE_CAVIUM)
/* TODO: Not implemented - use software for now */
#else /* WOLFSSL_ASYNC_CRYPT_SW */
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_DH_AGREE)) {
WC_ASYNC_SW* sw = &key->asyncDev.sw;
sw->dhAgree.key = key;

7
wolfcrypt/src/ecc.c
View File

@ -5006,11 +5006,6 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
if (private_key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
err = wc_ecc_shared_secret_gen_async(private_key, point,
out, outlen);
if (err == 0) {
/* exit early */
RESTORE_VECTOR_REGISTERS();
return err;
}
}
else
#endif
@ -5495,7 +5490,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
/* TODO: Not implemented */
#elif defined(HAVE_INTEL_QA)
/* Implemented in ecc_make_pub_ex for the pub calc */
#else
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_ECC_MAKE)) {
WC_ASYNC_SW* sw = &key->asyncDev.sw;
sw->eccMake.rng = rng;

8
wolfcrypt/src/rsa.c
View File

@ -2779,7 +2779,7 @@ static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,
}
#endif /* WOLFSSL_ASYNC_CRYPT_SW */
switch(type) {
switch (type) {
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
case RSA_PRIVATE_DECRYPT:
case RSA_PRIVATE_ENCRYPT:
@ -2801,7 +2801,7 @@ static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,
&key->u.raw,
out, outLen);
#endif
#else /* WOLFSSL_ASYNC_CRYPT_SW */
#else
ret = wc_RsaFunctionSync(in, inLen, out, outLen, type, key, rng);
#endif
break;
@ -2819,7 +2819,7 @@ static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,
ret = IntelQaRsaPublic(&key->asyncDev, in, inLen,
&key->e.raw, &key->n.raw,
out, outLen);
#else /* WOLFSSL_ASYNC_CRYPT_SW */
#else
ret = wc_RsaFunctionSync(in, inLen, out, outLen, type, key, rng);
#endif
break;
@ -4746,7 +4746,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
#elif defined(HAVE_INTEL_QA)
err = IntelQaRsaKeyGen(&key->asyncDev, key, size, e, rng);
goto out;
#else
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_RSA_MAKE)) {
WC_ASYNC_SW* sw = &key->asyncDev.sw;
sw->rsaMake.rng = rng;

1
wolfssl/wolfcrypt/settings.h
View File

@ -2473,6 +2473,7 @@ extern void uITRON4_free(void *p) ;
/* Asynchronous Crypto */
#ifdef WOLFSSL_ASYNC_CRYPT
#if !defined(HAVE_CAVIUM) && !defined(HAVE_INTEL_QA) && \
!defined(WOLF_CRYPTO_CB) && !defined(HAVE_PK_CALLBACKS) && \
!defined(WOLFSSL_ASYNC_CRYPT_SW)
#error No async backend defined with WOLFSSL_ASYNC_CRYPT!
#endif