wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 15:02:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9309 from night1rider/CryptoCbCopy

Browse Source 
Add crypto callback support for copy/free operations (SHA-256)
This commit is contained in:
Brett Nicholas
2025-10-21 09:45:18 -06:00
committed by GitHub
parent 818d1e37eb f1faefed91
commit 1134d246f7
12 changed files with 956 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.wolfssl_known_macro_extras
View File

@@ -917,7 +917,9 @@ WOLFSSL_XMSS_LARGE_SECRET_KEY
WOLFSSL_ZEPHYR
WOLF_ALLOW_BUILTIN
WOLF_CRYPTO_CB_CMD
WOLF_CRYPTO_CB_COPY
WOLF_CRYPTO_CB_FIND
WOLF_CRYPTO_CB_FREE
WOLF_CRYPTO_CB_ONLY_ECC
WOLF_CRYPTO_CB_ONLY_RSA
WOLF_CRYPTO_DEV

38
configure.ac
View File

@@ -9448,6 +9448,44 @@ then
AM_CFLAGS="$AM_CFLAGS -DWC_TEST_NO_CRYPTOCB_SW_TEST"
fi
# Crypto Callbacks Utils (Copy/Free/etc)
AC_ARG_ENABLE([cryptocbutils],
[AS_HELP_STRING([--enable-cryptocbutils@<:@=copy,free,...@:>@],
[Enable crypto callback utilities (default: all)])],
[ ENABLED_CRYPTOCB_UTILS=$enableval ],
[ ENABLED_CRYPTOCB_UTILS=no ]
)
if test "$ENABLED_CRYPTOCB_UTILS" != "no"; then
if test "$ENABLED_CRYPTOCB" = "no"; then
AC_MSG_ERROR([--enable-cryptocbutils requires --enable-cryptocb])
fi
if test "$ENABLED_CRYPTOCB_UTILS" = "yes"; then
# Enable all utilities
AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB_COPY -DWOLF_CRYPTO_CB_FREE"
# Future utilities go here when added
else
# Parse comma-separated list
OIFS="$IFS"
IFS=','
for util in $ENABLED_CRYPTOCB_UTILS; do
case "$util" in
copy)
AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB_COPY"
;;
free)
AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB_FREE"
;;
# Add future options here (e.g., malloc, realloc, etc)
*)
AC_MSG_ERROR([Unknown cryptocbutils option: $util. Valid options: copy, free])
;;
esac
done
IFS="$OIFS"
fi
fi
# Asynchronous Crypto

265
tests/api.c
View File

@@ -44807,6 +44807,271 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx)
}
#endif /* HAVE_ED25519 */
}
#ifdef WOLF_CRYPTO_CB_COPY
else if (info->algo_type == WC_ALGO_TYPE_COPY) {
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "test_CryptoCb_Func: Copy Algo=%d Type=%d\n",
info->copy.algo, info->copy.type);
#endif
if (info->copy.algo == WC_ALGO_TYPE_HASH) {
switch (info->copy.type) {
#ifndef NO_SHA
case WC_HASH_TYPE_SHA:
{
wc_Sha* src = (wc_Sha*)info->copy.src;
wc_Sha* dst = (wc_Sha*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_ShaCopy(src, dst);
src->devId = thisDevId;
if (ret == 0) {
dst->devId = thisDevId;
}
break;
}
#endif
#ifdef WOLFSSL_SHA224
case WC_HASH_TYPE_SHA224:
{
wc_Sha224* src = (wc_Sha224*)info->copy.src;
wc_Sha224* dst = (wc_Sha224*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha224Copy(src, dst);
src->devId = thisDevId;
if (ret == 0) {
dst->devId = thisDevId;
}
break;
}
#endif
#ifndef NO_SHA256
case WC_HASH_TYPE_SHA256:
{
wc_Sha256* src = (wc_Sha256*)info->copy.src;
wc_Sha256* dst = (wc_Sha256*)info->copy.dst;
/* set devId to invalid, so software is used */
src->devId = INVALID_DEVID;
ret = wc_Sha256Copy(src, dst);
/* reset devId */
src->devId = thisDevId;
if (ret == 0) {
/* Set the devId of the destination to the same */
/* since we used the software implementation of copy */
/* so dst would have been set to INVALID_DEVID */
dst->devId = thisDevId;
}
break;
}
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
case WC_HASH_TYPE_SHA384:
{
wc_Sha384* src = (wc_Sha384*)info->copy.src;
wc_Sha384* dst = (wc_Sha384*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha384Copy(src, dst);
src->devId = thisDevId;
if (ret == 0) {
dst->devId = thisDevId;
}
break;
}
#endif
#ifdef WOLFSSL_SHA512
case WC_HASH_TYPE_SHA512:
{
wc_Sha512* src = (wc_Sha512*)info->copy.src;
wc_Sha512* dst = (wc_Sha512*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha512Copy(src, dst);
src->devId = thisDevId;
if (ret == 0) {
dst->devId = thisDevId;
}
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
case WC_HASH_TYPE_SHA3_224:
{
wc_Sha3* src = (wc_Sha3*)info->copy.src;
wc_Sha3* dst = (wc_Sha3*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha3_224_Copy(src, dst);
src->devId = thisDevId;
if (ret == 0) {
dst->devId = thisDevId;
}
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
case WC_HASH_TYPE_SHA3_256:
{
wc_Sha3* src = (wc_Sha3*)info->copy.src;
wc_Sha3* dst = (wc_Sha3*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha3_256_Copy(src, dst);
src->devId = thisDevId;
if (ret == 0) {
dst->devId = thisDevId;
}
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
case WC_HASH_TYPE_SHA3_384:
{
wc_Sha3* src = (wc_Sha3*)info->copy.src;
wc_Sha3* dst = (wc_Sha3*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha3_384_Copy(src, dst);
src->devId = thisDevId;
if (ret == 0) {
dst->devId = thisDevId;
}
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
case WC_HASH_TYPE_SHA3_512:
{
wc_Sha3* src = (wc_Sha3*)info->copy.src;
wc_Sha3* dst = (wc_Sha3*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha3_512_Copy(src, dst);
src->devId = thisDevId;
if (ret == 0) {
dst->devId = thisDevId;
}
break;
}
#endif
default:
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
break;
}
}
else {
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
}
}
#endif /* WOLF_CRYPTO_CB_COPY */
#ifdef WOLF_CRYPTO_CB_FREE
else if (info->algo_type == WC_ALGO_TYPE_FREE) {
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "test_CryptoCb_Func: Free Algo=%d Type=%d\n",
info->free.algo, info->free.type);
#endif
if (info->free.algo == WC_ALGO_TYPE_HASH) {
switch (info->free.type) {
#ifndef NO_SHA
case WC_HASH_TYPE_SHA:
{
wc_Sha* sha = (wc_Sha*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_ShaFree(sha);
ret = 0;
break;
}
#endif
#ifdef WOLFSSL_SHA224
case WC_HASH_TYPE_SHA224:
{
wc_Sha224* sha = (wc_Sha224*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha224Free(sha);
ret = 0;
break;
}
#endif
#ifndef NO_SHA256
case WC_HASH_TYPE_SHA256:
{
wc_Sha256* sha = (wc_Sha256*)info->free.obj;
/* set devId to invalid, so software is used */
sha->devId = INVALID_DEVID;
/* Call the actual free function */
wc_Sha256Free(sha);
/* Note: devId doesn't need to be restored as object is freed */
ret = 0;
break;
}
#endif
#ifdef WOLFSSL_SHA384
case WC_HASH_TYPE_SHA384:
{
wc_Sha384* sha = (wc_Sha384*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha384Free(sha);
ret = 0;
break;
}
#endif
#ifdef WOLFSSL_SHA512
case WC_HASH_TYPE_SHA512:
{
wc_Sha512* sha = (wc_Sha512*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha512Free(sha);
ret = 0;
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
case WC_HASH_TYPE_SHA3_224:
{
wc_Sha3* sha = (wc_Sha3*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha3_224_Free(sha);
ret = 0;
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
case WC_HASH_TYPE_SHA3_256:
{
wc_Sha3* sha = (wc_Sha3*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha3_256_Free(sha);
ret = 0;
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
case WC_HASH_TYPE_SHA3_384:
{
wc_Sha3* sha = (wc_Sha3*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha3_384_Free(sha);
ret = 0;
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
case WC_HASH_TYPE_SHA3_512:
{
wc_Sha3* sha = (wc_Sha3*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha3_512_Free(sha);
ret = 0;
break;
}
#endif
default:
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
break;
}
}
else {
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
}
}
#endif /* WOLF_CRYPTO_CB_FREE */
(void)thisDevId;
(void)keyFormat;

92
wolfcrypt/src/cryptocb.c
View File

@@ -80,8 +80,13 @@ static const char* GetAlgoTypeStr(int algo)
case WC_ALGO_TYPE_HMAC: return "HMAC";
case WC_ALGO_TYPE_CMAC: return "CMAC";
case WC_ALGO_TYPE_CERT: return "Cert";
case WC_ALGO_TYPE_KDF:
return "KDF";
case WC_ALGO_TYPE_KDF: return "KDF";
#ifdef WOLF_CRYPTO_CB_COPY
case WC_ALGO_TYPE_COPY: return "Copy";
#endif /* WOLF_CRYPTO_CB_COPY */
#ifdef WOLF_CRYPTO_CB_FREE
case WC_ALGO_TYPE_FREE: return "Free";
#endif /* WOLF_CRYPTO_CB_FREE */
}
return NULL;
}
@@ -174,6 +179,7 @@ static const char* GetCryptoCbCmdTypeStr(int type)
}
#endif
#if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || defined(HAVE_CMAC_KDF)
static const char* GetKdfTypeStr(int type)
{
@@ -253,6 +259,20 @@ void wc_CryptoCb_InfoString(wc_CryptoInfo* info)
GetCryptoCbCmdTypeStr(info->cmd.type), info->cmd.type);
}
#endif
#ifdef WOLF_CRYPTO_CB_COPY
else if (info->algo_type == WC_ALGO_TYPE_COPY) {
printf("Crypto CB: %s %s Type=%d\n",
GetAlgoTypeStr(info->algo_type),
GetAlgoTypeStr(info->copy.algo), info->copy.type);
}
#endif /* WOLF_CRYPTO_CB_COPY */
#ifdef WOLF_CRYPTO_CB_FREE
else if (info->algo_type == WC_ALGO_TYPE_FREE) {
printf("Crypto CB: %s %s Type=%d\n",
GetAlgoTypeStr(info->algo_type),
GetAlgoTypeStr(info->free.algo), info->free.type);
}
#endif /* WOLF_CRYPTO_CB_FREE */
#if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || \
defined(HAVE_CMAC_KDF)
else if (info->algo_type == WC_ALGO_TYPE_KDF) {
@@ -2028,6 +2048,74 @@ int wc_CryptoCb_Hkdf(int hashType, const byte* inKey, word32 inKeySz,
}
#endif /* HAVE_HKDF && !NO_HMAC */
#ifdef WOLF_CRYPTO_CB_COPY
/* General copy callback function for algorithm structures
* devId: The device ID to use for the callback
* algo: Algorithm type (enum wc_AlgoType) - WC_ALGO_TYPE_HASH,
* WC_ALGO_TYPE_CIPHER, etc
* type: Specific type - for HASH: enum wc_HashType, for CIPHER:
* enum wc_CipherType
* src: Pointer to source structure
* dst: Pointer to destination structure
* Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not
* handled
*/
int wc_CryptoCb_Copy(int devId, int algo, int type, void* src, void* dst)
{
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* Find registered callback device */
dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_COPY);
if (dev && dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_COPY;
cryptoInfo.copy.algo = algo;
cryptoInfo.copy.type = type;
cryptoInfo.copy.src = src;
cryptoInfo.copy.dst = dst;
ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx);
}
return wc_CryptoCb_TranslateErrorCode(ret);
}
#endif /* WOLF_CRYPTO_CB_COPY */
#ifdef WOLF_CRYPTO_CB_FREE
/* General free callback function for algorithm structures
* devId: The device ID to use for the callback
* algo: Algorithm type (enum wc_AlgoType) - WC_ALGO_TYPE_HASH,
* WC_ALGO_TYPE_CIPHER, etc
* type: Specific type - for HASH: enum wc_HashType, for CIPHER:
* enum wc_CipherType
* obj: Pointer to object structure to free
* Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not
* handled
*/
int wc_CryptoCb_Free(int devId, int algo, int type, void* obj)
{
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* Find registered callback device */
dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_FREE);
if (dev && dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_FREE;
cryptoInfo.free.algo = algo;
cryptoInfo.free.type = type;
cryptoInfo.free.obj = obj;
ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx);
}
return wc_CryptoCb_TranslateErrorCode(ret);
}
#endif /* WOLF_CRYPTO_CB_FREE */
#if defined(HAVE_CMAC_KDF)
/* Crypto callback for NIST SP 800 56C two-step CMAC KDF. See software

38
wolfcrypt/src/sha.c
View File

@@ -1049,9 +1049,33 @@ int wc_InitSha(wc_Sha* sha)
void wc_ShaFree(wc_Sha* sha)
{
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
int ret = 0;
#endif
if (sha == NULL)
return;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
#ifndef WOLF_CRYPTO_CB_FIND
if (sha->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Free(sha->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA, (void*)sha);
/* If they want the standard free, they can call it themselves */
/* via their callback setting devId to INVALID_DEVID */
/* otherwise assume the callback handled it */
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return;
/* fall-through when unavailable */
}
/* silence compiler warning */
(void)ret;
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
#if defined(WOLFSSL_ESP32) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
esp_sha_release_unfinished_lock(&sha->ctx);
#endif
@@ -1133,6 +1157,20 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
if (src == NULL || dst == NULL)
return BAD_FUNC_ARG;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
#ifndef WOLF_CRYPTO_CB_FIND
if (src->devId != INVALID_DEVID)
#endif
{
/* Cast the source and destination to be void to keep the abstraction */
ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA, (void*)src, (void*)dst);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
XMEMCPY(dst, src, sizeof(wc_Sha));
#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3)

77
wolfcrypt/src/sha256.c
View File

@@ -2224,9 +2224,33 @@ static int Transform_Sha256(wc_Sha256* sha256, const byte* data)
void wc_Sha224Free(wc_Sha224* sha224)
{
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
int ret = 0;
#endif
if (sha224 == NULL)
return;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
#ifndef WOLF_CRYPTO_CB_FIND
if (sha224->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Free(sha224->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA224, (void*)sha224);
/* If they want the standard free, they can call it themselves */
/* via their callback setting devId to INVALID_DEVID */
/* otherwise assume the callback handled it */
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return;
/* fall-through when unavailable */
}
/* silence compiler warning */
(void)ret;
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha224->W != NULL) {
ForceZero(sha224->W, sizeof(word32) * WC_SHA224_BLOCK_SIZE);
@@ -2276,9 +2300,34 @@ int wc_InitSha256(wc_Sha256* sha256)
void wc_Sha256Free(wc_Sha256* sha256)
{
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
int ret = 0;
#endif
if (sha256 == NULL)
return;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
#ifndef WOLF_CRYPTO_CB_FIND
if (sha256->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Free(sha256->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA256, (void*)sha256);
/* If they want the standard free, they can call it themselves */
/* via their callback setting devId to INVALID_DEVID */
/* otherwise assume the callback handled it */
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return;
/* fall-through when unavailable */
}
/* silence compiler warning */
(void)ret;
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
#if defined(WOLFSSL_ESP32) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
@@ -2450,6 +2499,20 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz)
return BAD_FUNC_ARG;
}
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
#ifndef WOLF_CRYPTO_CB_FIND
if (src->devId != INVALID_DEVID)
#endif
{
/* Cast the source and destination to be void to keep the abstraction */
ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA224, (void*)src, (void*)dst);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
XMEMCPY(dst, src, sizeof(wc_Sha224));
#ifdef WOLFSSL_SMALL_STACK_CACHE
@@ -2576,6 +2639,20 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
return BAD_FUNC_ARG;
}
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
#ifndef WOLF_CRYPTO_CB_FIND
if (src->devId != INVALID_DEVID)
#endif
{
/* Cast the source and destination to be void to keep the abstraction */
ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA256, (void*)src, (void*)dst);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
XMEMCPY(dst, src, sizeof(wc_Sha256));
#ifdef WOLFSSL_MAXQ10XX_CRYPTO

90
wolfcrypt/src/sha3.c
View File

@@ -1016,6 +1016,9 @@ static int wc_InitSha3(wc_Sha3* sha3, void* heap, int devId)
#endif
#if defined(WOLF_CRYPTO_CB)
sha3->devId = devId;
/* Set to none to determine the hash type later */
/* in the update/final functions based on the p value */
sha3->hashType = WC_HASH_TYPE_NONE;
#endif
(void)devId;
@@ -1048,15 +1051,22 @@ static int wc_Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
if (sha3->devId != INVALID_DEVID)
#endif
{
int hash_type = WC_HASH_TYPE_NONE;
switch (p) {
case WC_SHA3_224_COUNT: hash_type = WC_HASH_TYPE_SHA3_224; break;
case WC_SHA3_256_COUNT: hash_type = WC_HASH_TYPE_SHA3_256; break;
case WC_SHA3_384_COUNT: hash_type = WC_HASH_TYPE_SHA3_384; break;
case WC_SHA3_512_COUNT: hash_type = WC_HASH_TYPE_SHA3_512; break;
default: return BAD_FUNC_ARG;
/* If the hash type is not set, determine it based on the p value */
/* We can skip the switch statement if the hash type set already */
if (sha3->hashType == WC_HASH_TYPE_NONE) {
switch (p) {
case WC_SHA3_224_COUNT:
sha3->hashType = WC_HASH_TYPE_SHA3_224; break;
case WC_SHA3_256_COUNT:
sha3->hashType = WC_HASH_TYPE_SHA3_256; break;
case WC_SHA3_384_COUNT:
sha3->hashType = WC_HASH_TYPE_SHA3_384; break;
case WC_SHA3_512_COUNT:
sha3->hashType = WC_HASH_TYPE_SHA3_512; break;
default: return BAD_FUNC_ARG;
}
}
ret = wc_CryptoCb_Sha3Hash(sha3, hash_type, data, len, NULL);
ret = wc_CryptoCb_Sha3Hash(sha3, sha3->hashType, data, len, NULL);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
@@ -1102,15 +1112,22 @@ static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len)
if (sha3->devId != INVALID_DEVID)
#endif
{
int hash_type = WC_HASH_TYPE_NONE;
switch (p) {
case WC_SHA3_224_COUNT: hash_type = WC_HASH_TYPE_SHA3_224; break;
case WC_SHA3_256_COUNT: hash_type = WC_HASH_TYPE_SHA3_256; break;
case WC_SHA3_384_COUNT: hash_type = WC_HASH_TYPE_SHA3_384; break;
case WC_SHA3_512_COUNT: hash_type = WC_HASH_TYPE_SHA3_512; break;
default: return BAD_FUNC_ARG;
/* If the hash type is not set, determine it based on the p value */
/* We can skip the switch statement if the hash type is set already */
if (sha3->hashType == WC_HASH_TYPE_NONE) {
switch (p) {
case WC_SHA3_224_COUNT:
sha3->hashType = WC_HASH_TYPE_SHA3_224; break;
case WC_SHA3_256_COUNT:
sha3->hashType = WC_HASH_TYPE_SHA3_256; break;
case WC_SHA3_384_COUNT:
sha3->hashType = WC_HASH_TYPE_SHA3_384; break;
case WC_SHA3_512_COUNT:
sha3->hashType = WC_HASH_TYPE_SHA3_512; break;
default: return BAD_FUNC_ARG;
}
}
ret = wc_CryptoCb_Sha3Hash(sha3, hash_type, NULL, 0, hash);
ret = wc_CryptoCb_Sha3Hash(sha3, sha3->hashType, NULL, 0, hash);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
@@ -1147,8 +1164,35 @@ static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len)
*/
static void wc_Sha3Free(wc_Sha3* sha3)
{
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
int ret = 0;
#endif
(void)sha3;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
if (sha3 == NULL)
return;
#ifndef WOLF_CRYPTO_CB_FIND
if (sha3->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Free(sha3->devId, WC_ALGO_TYPE_HASH,
sha3->hashType, (void*)sha3);
/* If they want the standard free, they can call it themselves */
/* via their callback setting devId to INVALID_DEVID */
/* otherwise assume the callback handled it */
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return;
/* fall-through when unavailable */
}
/* silence compiler warning */
(void)ret;
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA3)
if (sha3 == NULL)
return;
@@ -1174,6 +1218,20 @@ static int wc_Sha3Copy(wc_Sha3* src, wc_Sha3* dst)
if (src == NULL || dst == NULL)
return BAD_FUNC_ARG;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
#ifndef WOLF_CRYPTO_CB_FIND
if (src->devId != INVALID_DEVID)
#endif
{
/* Cast the source and destination to be void to keep the abstraction */
ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
src->hashType, (void*)src, (void*)dst);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
XMEMCPY(dst, src, sizeof(wc_Sha3));
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA3)

76
wolfcrypt/src/sha512.c
View File

@@ -1489,9 +1489,33 @@ int wc_InitSha512(wc_Sha512* sha512)
void wc_Sha512Free(wc_Sha512* sha512)
{
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
int ret = 0;
#endif
if (sha512 == NULL)
return;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
#ifndef WOLF_CRYPTO_CB_FIND
if (sha512->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Free(sha512->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA512, (void*)sha512);
/* If they want the standard free, they can call it themselves */
/* via their callback setting devId to INVALID_DEVID */
/* otherwise assume the callback handled it */
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return;
/* fall-through when unavailable */
}
/* silence compiler warning */
(void)ret;
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
#if defined(WOLFSSL_ESP32) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
@@ -1919,9 +1943,33 @@ int wc_InitSha384(wc_Sha384* sha384)
void wc_Sha384Free(wc_Sha384* sha384)
{
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
int ret = 0;
#endif
if (sha384 == NULL)
return;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
#ifndef WOLF_CRYPTO_CB_FIND
if (sha384->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Free(sha384->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA384, (void*)sha384);
/* If they want the standard free, they can call it themselves */
/* via their callback setting devId to INVALID_DEVID */
/* otherwise assume the callback handled it */
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return;
/* fall-through when unavailable */
}
/* silence compiler warning */
(void)ret;
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
#if defined(WOLFSSL_ESP32) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
esp_sha_release_unfinished_lock(&sha384->ctx);
@@ -2025,6 +2073,20 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
return BAD_FUNC_ARG;
}
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
#ifndef WOLF_CRYPTO_CB_FIND
if (src->devId != INVALID_DEVID)
#endif
{
/* Cast the source and destination to be void to keep the abstraction */
ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA512, (void*)src, (void*)dst);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
XMEMCPY(dst, src, sizeof(wc_Sha512));
#ifdef WOLFSSL_SMALL_STACK_CACHE
dst->W = NULL;
@@ -2439,6 +2501,20 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
return BAD_FUNC_ARG;
}
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
#ifndef WOLF_CRYPTO_CB_FIND
if (src->devId != INVALID_DEVID)
#endif
{
/* Cast the source and destination to be void to keep the abstraction */
ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA384, (void*)src, (void*)dst);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
XMEMCPY(dst, src, sizeof(wc_Sha384));
#ifdef WOLFSSL_SMALL_STACK_CACHE

267
wolfcrypt/test/test.c
View File

@@ -61299,6 +61299,273 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
}
}
#endif /* !NO_SHA || !NO_SHA256 */
#ifdef WOLF_CRYPTO_CB_COPY
else if (info->algo_type == WC_ALGO_TYPE_COPY) {
#ifdef DEBUG_WOLFSSL
WOLFSSL_MSG_EX("CryptoDevCb: Copy Algo=%d Type=%d\n",
info->copy.algo, info->copy.type);
#endif
if (info->copy.algo == WC_ALGO_TYPE_HASH) {
switch (info->copy.type) {
#ifndef NO_SHA
case WC_HASH_TYPE_SHA:
{
wc_Sha* src = (wc_Sha*)info->copy.src;
wc_Sha* dst = (wc_Sha*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_ShaCopy(src, dst);
src->devId = devIdArg;
if (ret == 0) {
dst->devId = devIdArg;
}
break;
}
#endif
#ifdef WOLFSSL_SHA224
case WC_HASH_TYPE_SHA224:
{
wc_Sha224* src = (wc_Sha224*)info->copy.src;
wc_Sha224* dst = (wc_Sha224*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha224Copy(src, dst);
src->devId = devIdArg;
if (ret == 0) {
dst->devId = devIdArg;
}
break;
}
#endif
#ifndef NO_SHA256
case WC_HASH_TYPE_SHA256:
{
/* Cast the source and destination to the correct type */
/* Given as a void pointer initially for abstraction */
wc_Sha256* src = (wc_Sha256*)info->copy.src;
wc_Sha256* dst = (wc_Sha256*)info->copy.dst;
/* set devId to invalid, so software is used */
src->devId = INVALID_DEVID;
ret = wc_Sha256Copy(src, dst);
/* reset devId */
src->devId = devIdArg;
if (ret == 0) {
/* Set the devId of the destination to the same as the */
/* since we used the software implementation of copy */
/* so dst would have been set to INVALID_DEVID */
dst->devId = devIdArg;
}
break;
}
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
case WC_HASH_TYPE_SHA384:
{
wc_Sha384* src = (wc_Sha384*)info->copy.src;
wc_Sha384* dst = (wc_Sha384*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha384Copy(src, dst);
src->devId = devIdArg;
if (ret == 0) {
dst->devId = devIdArg;
}
break;
}
#endif
#ifdef WOLFSSL_SHA512
case WC_HASH_TYPE_SHA512:
{
wc_Sha512* src = (wc_Sha512*)info->copy.src;
wc_Sha512* dst = (wc_Sha512*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha512Copy(src, dst);
src->devId = devIdArg;
if (ret == 0) {
dst->devId = devIdArg;
}
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
case WC_HASH_TYPE_SHA3_224:
{
wc_Sha3* src = (wc_Sha3*)info->copy.src;
wc_Sha3* dst = (wc_Sha3*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha3_224_Copy(src, dst);
src->devId = devIdArg;
if (ret == 0) {
dst->devId = devIdArg;
}
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
case WC_HASH_TYPE_SHA3_256:
{
wc_Sha3* src = (wc_Sha3*)info->copy.src;
wc_Sha3* dst = (wc_Sha3*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha3_256_Copy(src, dst);
src->devId = devIdArg;
if (ret == 0) {
dst->devId = devIdArg;
}
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
case WC_HASH_TYPE_SHA3_384:
{
wc_Sha3* src = (wc_Sha3*)info->copy.src;
wc_Sha3* dst = (wc_Sha3*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha3_384_Copy(src, dst);
src->devId = devIdArg;
if (ret == 0) {
dst->devId = devIdArg;
}
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
case WC_HASH_TYPE_SHA3_512:
{
wc_Sha3* src = (wc_Sha3*)info->copy.src;
wc_Sha3* dst = (wc_Sha3*)info->copy.dst;
src->devId = INVALID_DEVID;
ret = wc_Sha3_512_Copy(src, dst);
src->devId = devIdArg;
if (ret == 0) {
dst->devId = devIdArg;
}
break;
}
#endif
default:
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
break;
}
}
else {
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
}
}
#endif /* WOLF_CRYPTO_CB_COPY */
#ifdef WOLF_CRYPTO_CB_FREE
else if (info->algo_type == WC_ALGO_TYPE_FREE) {
#ifdef DEBUG_WOLFSSL
WOLFSSL_MSG_EX("CryptoDevCb: Free Algo=%d Type=%d\n",
info->free.algo, info->free.type);
#endif
if (info->free.algo == WC_ALGO_TYPE_HASH) {
switch (info->free.type) {
#ifndef NO_SHA
case WC_HASH_TYPE_SHA:
{
wc_Sha* sha = (wc_Sha*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_ShaFree(sha);
ret = 0;
break;
}
#endif
#ifdef WOLFSSL_SHA224
case WC_HASH_TYPE_SHA224:
{
wc_Sha224* sha = (wc_Sha224*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha224Free(sha);
ret = 0;
break;
}
#endif
#ifndef NO_SHA256
case WC_HASH_TYPE_SHA256:
{
wc_Sha256* sha = (wc_Sha256*)info->free.obj;
/* set devId to invalid, so software is used */
sha->devId = INVALID_DEVID;
/* Call the actual free function */
wc_Sha256Free(sha);
/* Note: devId doesn't need to be restored as object is freed */
ret = 0;
break;
}
#endif
#ifdef WOLFSSL_SHA384
case WC_HASH_TYPE_SHA384:
{
wc_Sha384* sha = (wc_Sha384*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha384Free(sha);
ret = 0;
break;
}
#endif
#ifdef WOLFSSL_SHA512
case WC_HASH_TYPE_SHA512:
{
wc_Sha512* sha = (wc_Sha512*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha512Free(sha);
ret = 0;
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
case WC_HASH_TYPE_SHA3_224:
{
wc_Sha3* sha = (wc_Sha3*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha3_224_Free(sha);
ret = 0;
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
case WC_HASH_TYPE_SHA3_256:
{
wc_Sha3* sha = (wc_Sha3*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha3_256_Free(sha);
ret = 0;
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
case WC_HASH_TYPE_SHA3_384:
{
wc_Sha3* sha = (wc_Sha3*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha3_384_Free(sha);
ret = 0;
break;
}
#endif
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
case WC_HASH_TYPE_SHA3_512:
{
wc_Sha3* sha = (wc_Sha3*)info->free.obj;
sha->devId = INVALID_DEVID;
wc_Sha3_512_Free(sha);
ret = 0;
break;
}
#endif
default:
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
break;
}
}
else {
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
}
}
#endif /* WOLF_CRYPTO_CB_FREE */
#ifndef NO_HMAC
else if (info->algo_type == WC_ALGO_TYPE_HMAC) {
if (info->hmac.hmac == NULL)

24
wolfssl/wolfcrypt/cryptocb.h
View File

@@ -102,6 +102,7 @@ enum wc_CryptoCbCmdType {
#endif
#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
typedef struct {
Aes* aes;
@@ -468,6 +469,21 @@ typedef struct wc_CryptoInfo {
void *ctx;
} cmd;
#endif
#ifdef WOLF_CRYPTO_CB_COPY
struct { /* uses wc_AlgoType=WC_ALGO_TYPE_COPY */
int algo; /* enum wc_AlgoType - HASH, CIPHER, etc */
int type; /* For HASH: wc_HashType, CIPHER: wc_CipherType */
void *src; /* Source structure to copy from */
void *dst; /* Destination structure to copy to */
} copy;
#endif /* WOLF_CRYPTO_CB_COPY */
#ifdef WOLF_CRYPTO_CB_FREE
struct { /* uses wc_AlgoType=WC_ALGO_TYPE_FREE */
int algo; /* enum wc_AlgoType - HASH, CIPHER, etc */
int type; /* For HASH: wc_HashType, CIPHER: wc_CipherType */
void *obj; /* Object structure to free */
} free;
#endif /* WOLF_CRYPTO_CB_FREE */
#if defined(HAVE_HKDF) || defined(HAVE_CMAC_KDF)
struct {
int type; /* enum wc_KdfType */
@@ -737,6 +753,14 @@ WOLFSSL_LOCAL int wc_CryptoCb_GetCert(int devId, const char *label,
word32* outSz, int *format, void *heap);
#endif
#ifdef WOLF_CRYPTO_CB_COPY
WOLFSSL_LOCAL int wc_CryptoCb_Copy(int devId, int algo, int type, void* src,
void* dst);
#endif /* WOLF_CRYPTO_CB_COPY */
#ifdef WOLF_CRYPTO_CB_FREE
WOLFSSL_LOCAL int wc_CryptoCb_Free(int devId, int algo, int type, void* obj);
#endif /* WOLF_CRYPTO_CB_FREE */
#endif /* WOLF_CRYPTO_CB */
#ifdef __cplusplus

2
wolfssl/wolfcrypt/sha3.h
View File

@@ -144,6 +144,8 @@ struct wc_Sha3 {
#ifdef WOLF_CRYPTO_CB
int devId;
void* devCtx;
int hashType;
#endif
#ifdef WC_C_DYNAMIC_FALLBACK

5
wolfssl/wolfcrypt/types.h
View File

@@ -1309,8 +1309,9 @@ enum wc_AlgoType {
WC_ALGO_TYPE_CMAC = 7,
WC_ALGO_TYPE_CERT = 8,
WC_ALGO_TYPE_KDF = 9,
WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_KDF
WC_ALGO_TYPE_COPY = 10,
WC_ALGO_TYPE_FREE = 11,
WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_FREE
};
/* KDF types */