From 4d6418f31aeb753190c6681f83d3b023a93fd441 Mon Sep 17 00:00:00 2001 From: night1rider Date: Wed, 15 Oct 2025 15:15:13 -0600 Subject: [PATCH 1/3] Add crypto callback support for copy operations (SHA-256) --- wolfcrypt/src/cryptocb.c | 56 ++++++++++++++++++++++++++++++++++-- wolfcrypt/src/sha256.c | 14 +++++++++ wolfcrypt/test/test.c | 37 ++++++++++++++++++++++++ wolfssl/wolfcrypt/cryptocb.h | 21 ++++++++++++++ wolfssl/wolfcrypt/types.h | 3 +- 5 files changed, 128 insertions(+), 3 deletions(-) diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index 15f86be5e..7be31cab9 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -80,8 +80,8 @@ static const char* GetAlgoTypeStr(int algo) case WC_ALGO_TYPE_HMAC: return "HMAC"; case WC_ALGO_TYPE_CMAC: return "CMAC"; case WC_ALGO_TYPE_CERT: return "Cert"; - case WC_ALGO_TYPE_KDF: - return "KDF"; + case WC_ALGO_TYPE_KDF: return "KDF"; + case WC_ALGO_TYPE_COPY: return "Copy"; } return NULL; } @@ -174,6 +174,16 @@ static const char* GetCryptoCbCmdTypeStr(int type) } #endif +#ifndef NO_COPY_CB +static const char* GetCryptoCbCopyTypeStr(int type) +{ + switch (type) { + case WC_CRYPTOCB_COPY_TYPE_SHA256: return "SHA256-Copy"; + } + return NULL; +} +#endif /* !NO_COPY_CB */ + #if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || defined(HAVE_CMAC_KDF) static const char* GetKdfTypeStr(int type) { @@ -253,6 +263,13 @@ void wc_CryptoCb_InfoString(wc_CryptoInfo* info) GetCryptoCbCmdTypeStr(info->cmd.type), info->cmd.type); } #endif +#ifndef NO_COPY_CB + else if (info->algo_type == WC_ALGO_TYPE_COPY) { + printf("Crypto CB: %s %s (%d)\n", + GetAlgoTypeStr(info->algo_type), + GetCryptoCbCopyTypeStr(info->copy.type), info->copy.type); + } +#endif #if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || \ defined(HAVE_CMAC_KDF) else if (info->algo_type == WC_ALGO_TYPE_KDF) { @@ -2028,6 +2045,41 @@ int wc_CryptoCb_Hkdf(int hashType, const byte* inKey, word32 inKeySz, } #endif /* HAVE_HKDF && !NO_HMAC */ +#ifndef NO_COPY_CB +/* General copy callback function for algorithm structures + * devId: The device ID to use for the callback + * copyType: The type of structure being copied (enum wc_CryptoCbCopyType) + * src: Pointer to source structure + * dst: Pointer to destination structure + * Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not handled + */ +int wc_CryptoCb_Copy(int devId, int copyType, void* src, void* dst) +{ + int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); + CryptoCb* dev; + + /* Validate inputs */ + if (src == NULL || dst == NULL) { + return BAD_FUNC_ARG; + } + + /* Find registered callback device */ + dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_COPY); + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_COPY; + cryptoInfo.copy.type = copyType; + cryptoInfo.copy.src = src; + cryptoInfo.copy.dst = dst; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); + } + + return wc_CryptoCb_TranslateErrorCode(ret); +} +#endif /* !NO_COPY_CB */ + #if defined(HAVE_CMAC_KDF) /* Crypto callback for NIST SP 800 56C two-step CMAC KDF. See software diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index df747a143..8817c7ef4 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -2576,6 +2576,20 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst) return BAD_FUNC_ARG; } +#if defined(WOLF_CRYPTO_CB) && !defined(NO_COPY_CB) + #ifndef WOLF_CRYPTO_CB_FIND + if (src->devId != INVALID_DEVID) + #endif + { + /* Cast the source and destination to be void to keep the abstraction */ + ret = wc_CryptoCb_Copy(src->devId, WC_CRYPTOCB_COPY_TYPE_SHA256, + (void*)src, (void*)dst); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif + XMEMCPY(dst, src, sizeof(wc_Sha256)); #ifdef WOLFSSL_MAXQ10XX_CRYPTO diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 6cc5dae7c..633506aa1 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -61295,6 +61295,43 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) } } #endif /* !NO_SHA || !NO_SHA256 */ +#ifndef NO_COPY_CB + else if (info->algo_type == WC_ALGO_TYPE_COPY) { +#ifdef DEBUG_WOLFSSL + WOLFSSL_MSG_EX("CryptoDevCb: Copy Type %d\n", info->copy.type); +#endif + switch (info->copy.type) { +#ifndef NO_SHA256 + case WC_CRYPTOCB_COPY_TYPE_SHA256: + { + /* Cast the source and destination to the correct type */ + /* Given as a void pointer initally for abstraction */ + wc_Sha256* src = (wc_Sha256*)info->copy.src; + wc_Sha256* dst = (wc_Sha256*)info->copy.dst; + + /* set devId to invalid, so software is used */ + src->devId = INVALID_DEVID; + + ret = wc_Sha256Copy(src, dst); + + /* reset devId */ + src->devId = devIdArg; + if (ret == 0) { + /* Set the devId of the destination to the same as the */ + /* since we used the software implementation of copy */ + /* so dst would have been set to INVALID_DEVID */ + dst->devId = devIdArg; + } + + break; + } +#endif /* !NO_SHA256 */ + default: + ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); + break; + } + } +#endif /* !NO_COPY_CB */ #ifndef NO_HMAC else if (info->algo_type == WC_ALGO_TYPE_HMAC) { if (info->hmac.hmac == NULL) diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h index 3ab67e779..6052bd567 100644 --- a/wolfssl/wolfcrypt/cryptocb.h +++ b/wolfssl/wolfcrypt/cryptocb.h @@ -101,6 +101,15 @@ enum wc_CryptoCbCmdType { }; #endif +#ifndef NO_COPY_CB +/* CryptoCb Copy Types - for copy operations on algorithm structures */ +enum wc_CryptoCbCopyType { + WC_CRYPTOCB_COPY_TYPE_NONE = 0, + WC_CRYPTOCB_COPY_TYPE_SHA256, + WC_CRYPTOCB_COPY_TYPE_MAX = WC_CRYPTOCB_COPY_TYPE_SHA256 +}; +#endif /* !NO_COPY_CB */ + #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) typedef struct { @@ -468,6 +477,13 @@ typedef struct wc_CryptoInfo { void *ctx; } cmd; #endif +#ifndef NO_COPY_CB + struct { /* uses wc_AlgoType=WC_ALGO_TYPE_COPY */ + int type; /* enum wc_CryptoCbCopyType */ + void *src; /* Source structure to copy from */ + void *dst; /* Destination structure to copy to */ + } copy; +#endif #if defined(HAVE_HKDF) || defined(HAVE_CMAC_KDF) struct { int type; /* enum wc_KdfType */ @@ -737,6 +753,11 @@ WOLFSSL_LOCAL int wc_CryptoCb_GetCert(int devId, const char *label, word32* outSz, int *format, void *heap); #endif +#ifndef NO_COPY_CB +WOLFSSL_LOCAL int wc_CryptoCb_Copy(int devId, int copyType, void* src, + void* dst); +#endif + #endif /* WOLF_CRYPTO_CB */ #ifdef __cplusplus diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index c5ecb168d..e44d60244 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -1309,8 +1309,9 @@ enum wc_AlgoType { WC_ALGO_TYPE_CMAC = 7, WC_ALGO_TYPE_CERT = 8, WC_ALGO_TYPE_KDF = 9, + WC_ALGO_TYPE_COPY = 10, - WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_KDF + WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_COPY }; /* KDF types */ From 0dca3bc24d224e5edcb827e79d1a69e0bf73447d Mon Sep 17 00:00:00 2001 From: night1rider Date: Thu, 16 Oct 2025 13:43:24 -0600 Subject: [PATCH 2/3] Setup to be opt-in for copy callback, and also added a outline for a free callback --- .wolfssl_known_macro_extras | 1 + tests/api.c | 71 ++++++++++++++++++++++++++++ wolfcrypt/src/cryptocb.c | 74 +++++++++++++++++++---------- wolfcrypt/src/sha256.c | 33 +++++++++++-- wolfcrypt/test/test.c | 90 +++++++++++++++++++++++++----------- wolfssl/wolfcrypt/cryptocb.h | 27 ++++++----- wolfssl/wolfcrypt/types.h | 4 +- 7 files changed, 228 insertions(+), 72 deletions(-) diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras index ca514a928..bbc74ade9 100644 --- a/.wolfssl_known_macro_extras +++ b/.wolfssl_known_macro_extras @@ -731,6 +731,7 @@ WOLFSSL_HARDEN_TLS_ALLOW_OLD_TLS WOLFSSL_HARDEN_TLS_ALLOW_TRUNCATED_HMAC WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK WOLFSSL_HARDEN_TLS_NO_SCR_CHECK +WOLFSSL_HAVE_COPY_FREE_CB WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY WOLFSSL_I2D_ECDSA_SIG_ALLOC WOLFSSL_IAR_ARM_TIME diff --git a/tests/api.c b/tests/api.c index fe32649b1..d92c5e022 100644 --- a/tests/api.c +++ b/tests/api.c @@ -44807,6 +44807,77 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx) } #endif /* HAVE_ED25519 */ } +#ifdef WOLFSSL_HAVE_COPY_FREE_CB + else if (info->algo_type == WC_ALGO_TYPE_COPY) { + #ifdef DEBUG_WOLFSSL + fprintf(stderr, "test_CryptoCb_Func: Copy Algo=%d Type=%d\n", + info->copy.algo, info->copy.type); + #endif + if (info->copy.algo == WC_ALGO_TYPE_HASH) { + switch (info->copy.type) { + #ifndef NO_SHA256 + case WC_HASH_TYPE_SHA256: + { + wc_Sha256* src = (wc_Sha256*)info->copy.src; + wc_Sha256* dst = (wc_Sha256*)info->copy.dst; + /* set devId to invalid, so software is used */ + src->devId = INVALID_DEVID; + ret = wc_Sha256Copy(src, dst); + + /* reset devId */ + src->devId = thisDevId; + if (ret == 0) { + /* Set the devId of the destination to the same */ + /* since we used the software implementation of copy */ + /* so dst would have been set to INVALID_DEVID */ + dst->devId = thisDevId; + } + break; + } + #endif /* !NO_SHA256 */ + default: + ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); + break; + } + } + else { + ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); + } + } + else if (info->algo_type == WC_ALGO_TYPE_FREE) { + #ifdef DEBUG_WOLFSSL + fprintf(stderr, "test_CryptoCb_Func: Free Algo=%d Type=%d\n", + info->free.algo, info->free.type); + #endif + + if (info->free.algo == WC_ALGO_TYPE_HASH) { + switch (info->free.type) { + #ifndef NO_SHA256 + case WC_HASH_TYPE_SHA256: + { + wc_Sha256* sha = (wc_Sha256*)info->free.obj; + + /* set devId to invalid, so software is used */ + sha->devId = INVALID_DEVID; + + /* Call the actual free function */ + wc_Sha256Free(sha); + + /* Note: devId doesn't need to be restored as object is freed */ + ret = 0; + break; + } + #endif + default: + ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); + break; + } + } + else { + ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); + } + } +#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ (void)thisDevId; (void)keyFormat; diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index 7be31cab9..38c6bb898 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -81,7 +81,10 @@ static const char* GetAlgoTypeStr(int algo) case WC_ALGO_TYPE_CMAC: return "CMAC"; case WC_ALGO_TYPE_CERT: return "Cert"; case WC_ALGO_TYPE_KDF: return "KDF"; +#ifdef WOLFSSL_HAVE_COPY_FREE_CB case WC_ALGO_TYPE_COPY: return "Copy"; + case WC_ALGO_TYPE_FREE: return "Free"; +#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ } return NULL; } @@ -174,15 +177,6 @@ static const char* GetCryptoCbCmdTypeStr(int type) } #endif -#ifndef NO_COPY_CB -static const char* GetCryptoCbCopyTypeStr(int type) -{ - switch (type) { - case WC_CRYPTOCB_COPY_TYPE_SHA256: return "SHA256-Copy"; - } - return NULL; -} -#endif /* !NO_COPY_CB */ #if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || defined(HAVE_CMAC_KDF) static const char* GetKdfTypeStr(int type) @@ -263,13 +257,18 @@ void wc_CryptoCb_InfoString(wc_CryptoInfo* info) GetCryptoCbCmdTypeStr(info->cmd.type), info->cmd.type); } #endif -#ifndef NO_COPY_CB +#ifdef WOLFSSL_HAVE_COPY_FREE_CB else if (info->algo_type == WC_ALGO_TYPE_COPY) { - printf("Crypto CB: %s %s (%d)\n", + printf("Crypto CB: %s %s Type=%d\n", GetAlgoTypeStr(info->algo_type), - GetCryptoCbCopyTypeStr(info->copy.type), info->copy.type); + GetAlgoTypeStr(info->copy.algo), info->copy.type); } -#endif + else if (info->algo_type == WC_ALGO_TYPE_FREE) { + printf("Crypto CB: %s %s Type=%d\n", + GetAlgoTypeStr(info->algo_type), + GetAlgoTypeStr(info->free.algo), info->free.type); + } +#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ #if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || \ defined(HAVE_CMAC_KDF) else if (info->algo_type == WC_ALGO_TYPE_KDF) { @@ -2045,40 +2044,65 @@ int wc_CryptoCb_Hkdf(int hashType, const byte* inKey, word32 inKeySz, } #endif /* HAVE_HKDF && !NO_HMAC */ -#ifndef NO_COPY_CB +#ifdef WOLFSSL_HAVE_COPY_FREE_CB /* General copy callback function for algorithm structures * devId: The device ID to use for the callback - * copyType: The type of structure being copied (enum wc_CryptoCbCopyType) + * algo: Algorithm type (enum wc_AlgoType) - WC_ALGO_TYPE_HASH, WC_ALGO_TYPE_CIPHER, etc + * type: Specific type - for HASH: enum wc_HashType, for CIPHER: enum wc_CipherType * src: Pointer to source structure * dst: Pointer to destination structure * Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not handled */ -int wc_CryptoCb_Copy(int devId, int copyType, void* src, void* dst) +int wc_CryptoCb_Copy(int devId, int algo, int type, void* src, void* dst) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; - /* Validate inputs */ - if (src == NULL || dst == NULL) { - return BAD_FUNC_ARG; - } - /* Find registered callback device */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_COPY); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_COPY; - cryptoInfo.copy.type = copyType; + cryptoInfo.copy.algo = algo; + cryptoInfo.copy.type = type; cryptoInfo.copy.src = src; cryptoInfo.copy.dst = dst; - + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } - + return wc_CryptoCb_TranslateErrorCode(ret); } -#endif /* !NO_COPY_CB */ + +/* General free callback function for algorithm structures + * devId: The device ID to use for the callback + * algo: Algorithm type (enum wc_AlgoType) - WC_ALGO_TYPE_HASH, WC_ALGO_TYPE_CIPHER, etc + * type: Specific type - for HASH: enum wc_HashType, for CIPHER: enum wc_CipherType + * obj: Pointer to object structure to free + * Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not handled + */ +int wc_CryptoCb_Free(int devId, int algo, int type, void* obj) +{ + int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); + CryptoCb* dev; + + /* Find registered callback device */ + dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_FREE); + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_FREE; + cryptoInfo.free.algo = algo; + cryptoInfo.free.type = type; + cryptoInfo.free.obj = obj; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); + } + + return wc_CryptoCb_TranslateErrorCode(ret); +} +#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ #if defined(HAVE_CMAC_KDF) diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index 8817c7ef4..de9480c97 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -2276,9 +2276,34 @@ int wc_InitSha256(wc_Sha256* sha256) void wc_Sha256Free(wc_Sha256* sha256) { + +#if defined(WOLF_CRYPTO_CB) && defined(WOLFSSL_HAVE_COPY_FREE_CB) + int ret = 0; +#endif + if (sha256 == NULL) return; +#if defined(WOLF_CRYPTO_CB) && defined(WOLFSSL_HAVE_COPY_FREE_CB) + #ifndef WOLF_CRYPTO_CB_FIND + if (sha256->devId != INVALID_DEVID) + #endif + { + ret = wc_CryptoCb_Free(sha256->devId, WC_ALGO_TYPE_HASH, + WC_HASH_TYPE_SHA256, (void*)sha256); + /* If they want the standard free, they can call it themselves */ + /* via their callback setting devId to INVALID_DEVID */ + /* otherwise assume the callback handled it */ + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return; + /* fall-through when unavailable */ + } + + /* silence compiler warning */ + (void)ret; + +#endif /* WOLF_CRYPTO_CB && WOLFSSL_HAVE_COPY_FREE_CB */ + #if defined(WOLFSSL_ESP32) && \ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) @@ -2576,19 +2601,19 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst) return BAD_FUNC_ARG; } -#if defined(WOLF_CRYPTO_CB) && !defined(NO_COPY_CB) +#if defined(WOLF_CRYPTO_CB) && defined(WOLFSSL_HAVE_COPY_FREE_CB) #ifndef WOLF_CRYPTO_CB_FIND if (src->devId != INVALID_DEVID) #endif { /* Cast the source and destination to be void to keep the abstraction */ - ret = wc_CryptoCb_Copy(src->devId, WC_CRYPTOCB_COPY_TYPE_SHA256, - (void*)src, (void*)dst); + ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH, + WC_HASH_TYPE_SHA256, (void*)src, (void*)dst); if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) return ret; /* fall-through when unavailable */ } -#endif +#endif /* WOLF_CRYPTO_CB && WOLFSSL_HAVE_COPY_FREE_CB */ XMEMCPY(dst, src, sizeof(wc_Sha256)); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 633506aa1..1a19b5b17 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -61295,43 +61295,79 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) } } #endif /* !NO_SHA || !NO_SHA256 */ -#ifndef NO_COPY_CB +#ifdef WOLFSSL_HAVE_COPY_FREE_CB else if (info->algo_type == WC_ALGO_TYPE_COPY) { #ifdef DEBUG_WOLFSSL - WOLFSSL_MSG_EX("CryptoDevCb: Copy Type %d\n", info->copy.type); + WOLFSSL_MSG_EX("CryptoDevCb: Copy Algo=%d Type=%d\n", + info->copy.algo, info->copy.type); #endif - switch (info->copy.type) { + if (info->copy.algo == WC_ALGO_TYPE_HASH) { + switch (info->copy.type) { #ifndef NO_SHA256 - case WC_CRYPTOCB_COPY_TYPE_SHA256: - { - /* Cast the source and destination to the correct type */ - /* Given as a void pointer initally for abstraction */ - wc_Sha256* src = (wc_Sha256*)info->copy.src; - wc_Sha256* dst = (wc_Sha256*)info->copy.dst; - - /* set devId to invalid, so software is used */ - src->devId = INVALID_DEVID; + case WC_HASH_TYPE_SHA256: + { + /* Cast the source and destination to the correct type */ + /* Given as a void pointer initially for abstraction */ + wc_Sha256* src = (wc_Sha256*)info->copy.src; + wc_Sha256* dst = (wc_Sha256*)info->copy.dst; + /* set devId to invalid, so software is used */ + src->devId = INVALID_DEVID; + ret = wc_Sha256Copy(src, dst); - ret = wc_Sha256Copy(src, dst); + /* reset devId */ + src->devId = devIdArg; + if (ret == 0) { + /* Set the devId of the destination to the same as the */ + /* since we used the software implementation of copy */ + /* so dst would have been set to INVALID_DEVID */ + dst->devId = devIdArg; + } - /* reset devId */ - src->devId = devIdArg; - if (ret == 0) { - /* Set the devId of the destination to the same as the */ - /* since we used the software implementation of copy */ - /* so dst would have been set to INVALID_DEVID */ - dst->devId = devIdArg; + break; } - - break; - } #endif /* !NO_SHA256 */ - default: - ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); - break; + default: + ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); + break; + } + } + else { + ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); } } -#endif /* !NO_COPY_CB */ + else if (info->algo_type == WC_ALGO_TYPE_FREE) { +#ifdef DEBUG_WOLFSSL + WOLFSSL_MSG_EX("CryptoDevCb: Free Algo=%d Type=%d\n", + info->free.algo, info->free.type); +#endif + + if (info->free.algo == WC_ALGO_TYPE_HASH) { + switch (info->free.type) { +#ifndef NO_SHA256 + case WC_HASH_TYPE_SHA256: + { + wc_Sha256* sha = (wc_Sha256*)info->free.obj; + /* set devId to invalid, so software is used */ + sha->devId = INVALID_DEVID; + + /* Call the actual free function */ + wc_Sha256Free(sha); + + /* Note: devId doesn't need to be restored as object is freed */ + ret = 0; + break; + } +#endif + default: + ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); + break; + } + } + else { + ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); + } + } +#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ #ifndef NO_HMAC else if (info->algo_type == WC_ALGO_TYPE_HMAC) { if (info->hmac.hmac == NULL) diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h index 6052bd567..8e52c152e 100644 --- a/wolfssl/wolfcrypt/cryptocb.h +++ b/wolfssl/wolfcrypt/cryptocb.h @@ -101,14 +101,6 @@ enum wc_CryptoCbCmdType { }; #endif -#ifndef NO_COPY_CB -/* CryptoCb Copy Types - for copy operations on algorithm structures */ -enum wc_CryptoCbCopyType { - WC_CRYPTOCB_COPY_TYPE_NONE = 0, - WC_CRYPTOCB_COPY_TYPE_SHA256, - WC_CRYPTOCB_COPY_TYPE_MAX = WC_CRYPTOCB_COPY_TYPE_SHA256 -}; -#endif /* !NO_COPY_CB */ #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) @@ -477,13 +469,19 @@ typedef struct wc_CryptoInfo { void *ctx; } cmd; #endif -#ifndef NO_COPY_CB +#ifdef WOLFSSL_HAVE_COPY_FREE_CB struct { /* uses wc_AlgoType=WC_ALGO_TYPE_COPY */ - int type; /* enum wc_CryptoCbCopyType */ + int algo; /* enum wc_AlgoType - WC_ALGO_TYPE_HASH, WC_ALGO_TYPE_CIPHER, etc */ + int type; /* For HASH: enum wc_HashType, For CIPHER: enum wc_CipherType */ void *src; /* Source structure to copy from */ void *dst; /* Destination structure to copy to */ } copy; -#endif + struct { /* uses wc_AlgoType=WC_ALGO_TYPE_FREE */ + int algo; /* enum wc_AlgoType - WC_ALGO_TYPE_HASH, WC_ALGO_TYPE_CIPHER, etc */ + int type; /* For HASH: enum wc_HashType, For CIPHER: enum wc_CipherType */ + void *obj; /* Object structure to free */ + } free; +#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ #if defined(HAVE_HKDF) || defined(HAVE_CMAC_KDF) struct { int type; /* enum wc_KdfType */ @@ -753,10 +751,11 @@ WOLFSSL_LOCAL int wc_CryptoCb_GetCert(int devId, const char *label, word32* outSz, int *format, void *heap); #endif -#ifndef NO_COPY_CB -WOLFSSL_LOCAL int wc_CryptoCb_Copy(int devId, int copyType, void* src, +#ifdef WOLFSSL_HAVE_COPY_FREE_CB +WOLFSSL_LOCAL int wc_CryptoCb_Copy(int devId, int algo, int type, void* src, void* dst); -#endif +WOLFSSL_LOCAL int wc_CryptoCb_Free(int devId, int algo, int type, void* obj); +#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ #endif /* WOLF_CRYPTO_CB */ diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index e44d60244..f423be296 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -1310,8 +1310,8 @@ enum wc_AlgoType { WC_ALGO_TYPE_CERT = 8, WC_ALGO_TYPE_KDF = 9, WC_ALGO_TYPE_COPY = 10, - - WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_COPY + WC_ALGO_TYPE_FREE = 11, + WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_FREE }; /* KDF types */ From f1faefed914e113db26a7a9bd96807b34a04afbb Mon Sep 17 00:00:00 2001 From: night1rider Date: Fri, 17 Oct 2025 14:04:25 -0600 Subject: [PATCH 3/3] Added callbacks for copy and free to SHA, 224, 384, 512, and SHA3. Also split macros for FREE and COPY Callbacks, and add configure.ac option. --- .wolfssl_known_macro_extras | 3 +- configure.ac | 38 +++++++ tests/api.c | 198 ++++++++++++++++++++++++++++++++++- wolfcrypt/src/cryptocb.c | 36 ++++--- wolfcrypt/src/sha.c | 38 +++++++ wolfcrypt/src/sha256.c | 48 ++++++++- wolfcrypt/src/sha3.c | 90 +++++++++++++--- wolfcrypt/src/sha512.c | 76 ++++++++++++++ wolfcrypt/test/test.c | 198 ++++++++++++++++++++++++++++++++++- wolfssl/wolfcrypt/cryptocb.h | 20 ++-- wolfssl/wolfcrypt/sha3.h | 2 + 11 files changed, 701 insertions(+), 46 deletions(-) diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras index bbc74ade9..70c943788 100644 --- a/.wolfssl_known_macro_extras +++ b/.wolfssl_known_macro_extras @@ -731,7 +731,6 @@ WOLFSSL_HARDEN_TLS_ALLOW_OLD_TLS WOLFSSL_HARDEN_TLS_ALLOW_TRUNCATED_HMAC WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK WOLFSSL_HARDEN_TLS_NO_SCR_CHECK -WOLFSSL_HAVE_COPY_FREE_CB WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY WOLFSSL_I2D_ECDSA_SIG_ALLOC WOLFSSL_IAR_ARM_TIME @@ -918,7 +917,9 @@ WOLFSSL_XMSS_LARGE_SECRET_KEY WOLFSSL_ZEPHYR WOLF_ALLOW_BUILTIN WOLF_CRYPTO_CB_CMD +WOLF_CRYPTO_CB_COPY WOLF_CRYPTO_CB_FIND +WOLF_CRYPTO_CB_FREE WOLF_CRYPTO_CB_ONLY_ECC WOLF_CRYPTO_CB_ONLY_RSA WOLF_CRYPTO_DEV diff --git a/configure.ac b/configure.ac index 2c026c91d..d6f435406 100644 --- a/configure.ac +++ b/configure.ac @@ -9448,6 +9448,44 @@ then AM_CFLAGS="$AM_CFLAGS -DWC_TEST_NO_CRYPTOCB_SW_TEST" fi +# Crypto Callbacks Utils (Copy/Free/etc) +AC_ARG_ENABLE([cryptocbutils], + [AS_HELP_STRING([--enable-cryptocbutils@<:@=copy,free,...@:>@], + [Enable crypto callback utilities (default: all)])], + [ ENABLED_CRYPTOCB_UTILS=$enableval ], + [ ENABLED_CRYPTOCB_UTILS=no ] +) + +if test "$ENABLED_CRYPTOCB_UTILS" != "no"; then + if test "$ENABLED_CRYPTOCB" = "no"; then + AC_MSG_ERROR([--enable-cryptocbutils requires --enable-cryptocb]) + fi + + if test "$ENABLED_CRYPTOCB_UTILS" = "yes"; then + # Enable all utilities + AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB_COPY -DWOLF_CRYPTO_CB_FREE" + # Future utilities go here when added + else + # Parse comma-separated list + OIFS="$IFS" + IFS=',' + for util in $ENABLED_CRYPTOCB_UTILS; do + case "$util" in + copy) + AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB_COPY" + ;; + free) + AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB_FREE" + ;; + # Add future options here (e.g., malloc, realloc, etc) + *) + AC_MSG_ERROR([Unknown cryptocbutils option: $util. Valid options: copy, free]) + ;; + esac + done + IFS="$OIFS" + fi +fi # Asynchronous Crypto diff --git a/tests/api.c b/tests/api.c index d92c5e022..18d768e57 100644 --- a/tests/api.c +++ b/tests/api.c @@ -44807,7 +44807,7 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx) } #endif /* HAVE_ED25519 */ } -#ifdef WOLFSSL_HAVE_COPY_FREE_CB +#ifdef WOLF_CRYPTO_CB_COPY else if (info->algo_type == WC_ALGO_TYPE_COPY) { #ifdef DEBUG_WOLFSSL fprintf(stderr, "test_CryptoCb_Func: Copy Algo=%d Type=%d\n", @@ -44815,6 +44815,34 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx) #endif if (info->copy.algo == WC_ALGO_TYPE_HASH) { switch (info->copy.type) { + #ifndef NO_SHA + case WC_HASH_TYPE_SHA: + { + wc_Sha* src = (wc_Sha*)info->copy.src; + wc_Sha* dst = (wc_Sha*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_ShaCopy(src, dst); + src->devId = thisDevId; + if (ret == 0) { + dst->devId = thisDevId; + } + break; + } + #endif + #ifdef WOLFSSL_SHA224 + case WC_HASH_TYPE_SHA224: + { + wc_Sha224* src = (wc_Sha224*)info->copy.src; + wc_Sha224* dst = (wc_Sha224*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha224Copy(src, dst); + src->devId = thisDevId; + if (ret == 0) { + dst->devId = thisDevId; + } + break; + } + #endif #ifndef NO_SHA256 case WC_HASH_TYPE_SHA256: { @@ -44835,6 +44863,90 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx) break; } #endif /* !NO_SHA256 */ + #ifdef WOLFSSL_SHA384 + case WC_HASH_TYPE_SHA384: + { + wc_Sha384* src = (wc_Sha384*)info->copy.src; + wc_Sha384* dst = (wc_Sha384*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha384Copy(src, dst); + src->devId = thisDevId; + if (ret == 0) { + dst->devId = thisDevId; + } + break; + } + #endif + #ifdef WOLFSSL_SHA512 + case WC_HASH_TYPE_SHA512: + { + wc_Sha512* src = (wc_Sha512*)info->copy.src; + wc_Sha512* dst = (wc_Sha512*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha512Copy(src, dst); + src->devId = thisDevId; + if (ret == 0) { + dst->devId = thisDevId; + } + break; + } + #endif + #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) + case WC_HASH_TYPE_SHA3_224: + { + wc_Sha3* src = (wc_Sha3*)info->copy.src; + wc_Sha3* dst = (wc_Sha3*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha3_224_Copy(src, dst); + src->devId = thisDevId; + if (ret == 0) { + dst->devId = thisDevId; + } + break; + } + #endif + #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) + case WC_HASH_TYPE_SHA3_256: + { + wc_Sha3* src = (wc_Sha3*)info->copy.src; + wc_Sha3* dst = (wc_Sha3*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha3_256_Copy(src, dst); + src->devId = thisDevId; + if (ret == 0) { + dst->devId = thisDevId; + } + break; + } + #endif + #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384) + case WC_HASH_TYPE_SHA3_384: + { + wc_Sha3* src = (wc_Sha3*)info->copy.src; + wc_Sha3* dst = (wc_Sha3*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha3_384_Copy(src, dst); + src->devId = thisDevId; + if (ret == 0) { + dst->devId = thisDevId; + } + break; + } + #endif + #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) + case WC_HASH_TYPE_SHA3_512: + { + wc_Sha3* src = (wc_Sha3*)info->copy.src; + wc_Sha3* dst = (wc_Sha3*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha3_512_Copy(src, dst); + src->devId = thisDevId; + if (ret == 0) { + dst->devId = thisDevId; + } + break; + } + #endif default: ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); break; @@ -44844,6 +44956,8 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx) ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); } } +#endif /* WOLF_CRYPTO_CB_COPY */ +#ifdef WOLF_CRYPTO_CB_FREE else if (info->algo_type == WC_ALGO_TYPE_FREE) { #ifdef DEBUG_WOLFSSL fprintf(stderr, "test_CryptoCb_Func: Free Algo=%d Type=%d\n", @@ -44852,6 +44966,26 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx) if (info->free.algo == WC_ALGO_TYPE_HASH) { switch (info->free.type) { + #ifndef NO_SHA + case WC_HASH_TYPE_SHA: + { + wc_Sha* sha = (wc_Sha*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_ShaFree(sha); + ret = 0; + break; + } + #endif + #ifdef WOLFSSL_SHA224 + case WC_HASH_TYPE_SHA224: + { + wc_Sha224* sha = (wc_Sha224*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha224Free(sha); + ret = 0; + break; + } + #endif #ifndef NO_SHA256 case WC_HASH_TYPE_SHA256: { @@ -44867,6 +45001,66 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx) ret = 0; break; } + #endif + #ifdef WOLFSSL_SHA384 + case WC_HASH_TYPE_SHA384: + { + wc_Sha384* sha = (wc_Sha384*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha384Free(sha); + ret = 0; + break; + } + #endif + #ifdef WOLFSSL_SHA512 + case WC_HASH_TYPE_SHA512: + { + wc_Sha512* sha = (wc_Sha512*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha512Free(sha); + ret = 0; + break; + } + #endif + #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) + case WC_HASH_TYPE_SHA3_224: + { + wc_Sha3* sha = (wc_Sha3*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha3_224_Free(sha); + ret = 0; + break; + } + #endif + #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) + case WC_HASH_TYPE_SHA3_256: + { + wc_Sha3* sha = (wc_Sha3*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha3_256_Free(sha); + ret = 0; + break; + } + #endif + #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384) + case WC_HASH_TYPE_SHA3_384: + { + wc_Sha3* sha = (wc_Sha3*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha3_384_Free(sha); + ret = 0; + break; + } + #endif + #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) + case WC_HASH_TYPE_SHA3_512: + { + wc_Sha3* sha = (wc_Sha3*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha3_512_Free(sha); + ret = 0; + break; + } #endif default: ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); @@ -44877,7 +45071,7 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx) ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); } } -#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ +#endif /* WOLF_CRYPTO_CB_FREE */ (void)thisDevId; (void)keyFormat; diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index 38c6bb898..04051041b 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -81,10 +81,12 @@ static const char* GetAlgoTypeStr(int algo) case WC_ALGO_TYPE_CMAC: return "CMAC"; case WC_ALGO_TYPE_CERT: return "Cert"; case WC_ALGO_TYPE_KDF: return "KDF"; -#ifdef WOLFSSL_HAVE_COPY_FREE_CB +#ifdef WOLF_CRYPTO_CB_COPY case WC_ALGO_TYPE_COPY: return "Copy"; +#endif /* WOLF_CRYPTO_CB_COPY */ +#ifdef WOLF_CRYPTO_CB_FREE case WC_ALGO_TYPE_FREE: return "Free"; -#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ +#endif /* WOLF_CRYPTO_CB_FREE */ } return NULL; } @@ -257,18 +259,20 @@ void wc_CryptoCb_InfoString(wc_CryptoInfo* info) GetCryptoCbCmdTypeStr(info->cmd.type), info->cmd.type); } #endif -#ifdef WOLFSSL_HAVE_COPY_FREE_CB +#ifdef WOLF_CRYPTO_CB_COPY else if (info->algo_type == WC_ALGO_TYPE_COPY) { printf("Crypto CB: %s %s Type=%d\n", GetAlgoTypeStr(info->algo_type), GetAlgoTypeStr(info->copy.algo), info->copy.type); } +#endif /* WOLF_CRYPTO_CB_COPY */ +#ifdef WOLF_CRYPTO_CB_FREE else if (info->algo_type == WC_ALGO_TYPE_FREE) { printf("Crypto CB: %s %s Type=%d\n", GetAlgoTypeStr(info->algo_type), GetAlgoTypeStr(info->free.algo), info->free.type); } -#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ +#endif /* WOLF_CRYPTO_CB_FREE */ #if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || \ defined(HAVE_CMAC_KDF) else if (info->algo_type == WC_ALGO_TYPE_KDF) { @@ -2044,14 +2048,17 @@ int wc_CryptoCb_Hkdf(int hashType, const byte* inKey, word32 inKeySz, } #endif /* HAVE_HKDF && !NO_HMAC */ -#ifdef WOLFSSL_HAVE_COPY_FREE_CB +#ifdef WOLF_CRYPTO_CB_COPY /* General copy callback function for algorithm structures * devId: The device ID to use for the callback - * algo: Algorithm type (enum wc_AlgoType) - WC_ALGO_TYPE_HASH, WC_ALGO_TYPE_CIPHER, etc - * type: Specific type - for HASH: enum wc_HashType, for CIPHER: enum wc_CipherType + * algo: Algorithm type (enum wc_AlgoType) - WC_ALGO_TYPE_HASH, + * WC_ALGO_TYPE_CIPHER, etc + * type: Specific type - for HASH: enum wc_HashType, for CIPHER: + * enum wc_CipherType * src: Pointer to source structure * dst: Pointer to destination structure - * Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not handled + * Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not + * handled */ int wc_CryptoCb_Copy(int devId, int algo, int type, void* src, void* dst) { @@ -2074,13 +2081,18 @@ int wc_CryptoCb_Copy(int devId, int algo, int type, void* src, void* dst) return wc_CryptoCb_TranslateErrorCode(ret); } +#endif /* WOLF_CRYPTO_CB_COPY */ +#ifdef WOLF_CRYPTO_CB_FREE /* General free callback function for algorithm structures * devId: The device ID to use for the callback - * algo: Algorithm type (enum wc_AlgoType) - WC_ALGO_TYPE_HASH, WC_ALGO_TYPE_CIPHER, etc - * type: Specific type - for HASH: enum wc_HashType, for CIPHER: enum wc_CipherType + * algo: Algorithm type (enum wc_AlgoType) - WC_ALGO_TYPE_HASH, + * WC_ALGO_TYPE_CIPHER, etc + * type: Specific type - for HASH: enum wc_HashType, for CIPHER: + * enum wc_CipherType * obj: Pointer to object structure to free - * Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not handled + * Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not + * handled */ int wc_CryptoCb_Free(int devId, int algo, int type, void* obj) { @@ -2102,7 +2114,7 @@ int wc_CryptoCb_Free(int devId, int algo, int type, void* obj) return wc_CryptoCb_TranslateErrorCode(ret); } -#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ +#endif /* WOLF_CRYPTO_CB_FREE */ #if defined(HAVE_CMAC_KDF) diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c index 030296ebb..d53bb296c 100644 --- a/wolfcrypt/src/sha.c +++ b/wolfcrypt/src/sha.c @@ -1049,9 +1049,33 @@ int wc_InitSha(wc_Sha* sha) void wc_ShaFree(wc_Sha* sha) { +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) + int ret = 0; +#endif + if (sha == NULL) return; +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) + #ifndef WOLF_CRYPTO_CB_FIND + if (sha->devId != INVALID_DEVID) + #endif + { + ret = wc_CryptoCb_Free(sha->devId, WC_ALGO_TYPE_HASH, + WC_HASH_TYPE_SHA, (void*)sha); + /* If they want the standard free, they can call it themselves */ + /* via their callback setting devId to INVALID_DEVID */ + /* otherwise assume the callback handled it */ + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return; + /* fall-through when unavailable */ + } + + /* silence compiler warning */ + (void)ret; + +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */ + #if defined(WOLFSSL_ESP32) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) esp_sha_release_unfinished_lock(&sha->ctx); #endif @@ -1133,6 +1157,20 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst) if (src == NULL || dst == NULL) return BAD_FUNC_ARG; +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY) + #ifndef WOLF_CRYPTO_CB_FIND + if (src->devId != INVALID_DEVID) + #endif + { + /* Cast the source and destination to be void to keep the abstraction */ + ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH, + WC_HASH_TYPE_SHA, (void*)src, (void*)dst); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */ + XMEMCPY(dst, src, sizeof(wc_Sha)); #if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3) diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index de9480c97..61ec24cca 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -2224,9 +2224,33 @@ static int Transform_Sha256(wc_Sha256* sha256, const byte* data) void wc_Sha224Free(wc_Sha224* sha224) { +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) + int ret = 0; +#endif + if (sha224 == NULL) return; +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) + #ifndef WOLF_CRYPTO_CB_FIND + if (sha224->devId != INVALID_DEVID) + #endif + { + ret = wc_CryptoCb_Free(sha224->devId, WC_ALGO_TYPE_HASH, + WC_HASH_TYPE_SHA224, (void*)sha224); + /* If they want the standard free, they can call it themselves */ + /* via their callback setting devId to INVALID_DEVID */ + /* otherwise assume the callback handled it */ + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return; + /* fall-through when unavailable */ + } + + /* silence compiler warning */ + (void)ret; + +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */ + #ifdef WOLFSSL_SMALL_STACK_CACHE if (sha224->W != NULL) { ForceZero(sha224->W, sizeof(word32) * WC_SHA224_BLOCK_SIZE); @@ -2277,14 +2301,14 @@ int wc_InitSha256(wc_Sha256* sha256) void wc_Sha256Free(wc_Sha256* sha256) { -#if defined(WOLF_CRYPTO_CB) && defined(WOLFSSL_HAVE_COPY_FREE_CB) +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) int ret = 0; #endif if (sha256 == NULL) return; -#if defined(WOLF_CRYPTO_CB) && defined(WOLFSSL_HAVE_COPY_FREE_CB) +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) #ifndef WOLF_CRYPTO_CB_FIND if (sha256->devId != INVALID_DEVID) #endif @@ -2302,7 +2326,7 @@ void wc_Sha256Free(wc_Sha256* sha256) /* silence compiler warning */ (void)ret; -#endif /* WOLF_CRYPTO_CB && WOLFSSL_HAVE_COPY_FREE_CB */ +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */ #if defined(WOLFSSL_ESP32) && \ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \ @@ -2475,6 +2499,20 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz) return BAD_FUNC_ARG; } +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY) + #ifndef WOLF_CRYPTO_CB_FIND + if (src->devId != INVALID_DEVID) + #endif + { + /* Cast the source and destination to be void to keep the abstraction */ + ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH, + WC_HASH_TYPE_SHA224, (void*)src, (void*)dst); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */ + XMEMCPY(dst, src, sizeof(wc_Sha224)); #ifdef WOLFSSL_SMALL_STACK_CACHE @@ -2601,7 +2639,7 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst) return BAD_FUNC_ARG; } -#if defined(WOLF_CRYPTO_CB) && defined(WOLFSSL_HAVE_COPY_FREE_CB) +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY) #ifndef WOLF_CRYPTO_CB_FIND if (src->devId != INVALID_DEVID) #endif @@ -2613,7 +2651,7 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst) return ret; /* fall-through when unavailable */ } -#endif /* WOLF_CRYPTO_CB && WOLFSSL_HAVE_COPY_FREE_CB */ +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */ XMEMCPY(dst, src, sizeof(wc_Sha256)); diff --git a/wolfcrypt/src/sha3.c b/wolfcrypt/src/sha3.c index e6a80e3b0..ee20a43fc 100644 --- a/wolfcrypt/src/sha3.c +++ b/wolfcrypt/src/sha3.c @@ -1016,6 +1016,9 @@ static int wc_InitSha3(wc_Sha3* sha3, void* heap, int devId) #endif #if defined(WOLF_CRYPTO_CB) sha3->devId = devId; + /* Set to none to determine the hash type later */ + /* in the update/final functions based on the p value */ + sha3->hashType = WC_HASH_TYPE_NONE; #endif (void)devId; @@ -1048,15 +1051,22 @@ static int wc_Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p) if (sha3->devId != INVALID_DEVID) #endif { - int hash_type = WC_HASH_TYPE_NONE; - switch (p) { - case WC_SHA3_224_COUNT: hash_type = WC_HASH_TYPE_SHA3_224; break; - case WC_SHA3_256_COUNT: hash_type = WC_HASH_TYPE_SHA3_256; break; - case WC_SHA3_384_COUNT: hash_type = WC_HASH_TYPE_SHA3_384; break; - case WC_SHA3_512_COUNT: hash_type = WC_HASH_TYPE_SHA3_512; break; - default: return BAD_FUNC_ARG; + /* If the hash type is not set, determine it based on the p value */ + /* We can skip the switch statement if the hash type set already */ + if (sha3->hashType == WC_HASH_TYPE_NONE) { + switch (p) { + case WC_SHA3_224_COUNT: + sha3->hashType = WC_HASH_TYPE_SHA3_224; break; + case WC_SHA3_256_COUNT: + sha3->hashType = WC_HASH_TYPE_SHA3_256; break; + case WC_SHA3_384_COUNT: + sha3->hashType = WC_HASH_TYPE_SHA3_384; break; + case WC_SHA3_512_COUNT: + sha3->hashType = WC_HASH_TYPE_SHA3_512; break; + default: return BAD_FUNC_ARG; + } } - ret = wc_CryptoCb_Sha3Hash(sha3, hash_type, data, len, NULL); + ret = wc_CryptoCb_Sha3Hash(sha3, sha3->hashType, data, len, NULL); if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) return ret; /* fall-through when unavailable */ @@ -1102,15 +1112,22 @@ static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len) if (sha3->devId != INVALID_DEVID) #endif { - int hash_type = WC_HASH_TYPE_NONE; - switch (p) { - case WC_SHA3_224_COUNT: hash_type = WC_HASH_TYPE_SHA3_224; break; - case WC_SHA3_256_COUNT: hash_type = WC_HASH_TYPE_SHA3_256; break; - case WC_SHA3_384_COUNT: hash_type = WC_HASH_TYPE_SHA3_384; break; - case WC_SHA3_512_COUNT: hash_type = WC_HASH_TYPE_SHA3_512; break; - default: return BAD_FUNC_ARG; + /* If the hash type is not set, determine it based on the p value */ + /* We can skip the switch statement if the hash type is set already */ + if (sha3->hashType == WC_HASH_TYPE_NONE) { + switch (p) { + case WC_SHA3_224_COUNT: + sha3->hashType = WC_HASH_TYPE_SHA3_224; break; + case WC_SHA3_256_COUNT: + sha3->hashType = WC_HASH_TYPE_SHA3_256; break; + case WC_SHA3_384_COUNT: + sha3->hashType = WC_HASH_TYPE_SHA3_384; break; + case WC_SHA3_512_COUNT: + sha3->hashType = WC_HASH_TYPE_SHA3_512; break; + default: return BAD_FUNC_ARG; + } } - ret = wc_CryptoCb_Sha3Hash(sha3, hash_type, NULL, 0, hash); + ret = wc_CryptoCb_Sha3Hash(sha3, sha3->hashType, NULL, 0, hash); if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) return ret; /* fall-through when unavailable */ @@ -1147,8 +1164,35 @@ static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len) */ static void wc_Sha3Free(wc_Sha3* sha3) { +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) + int ret = 0; +#endif + (void)sha3; +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) + if (sha3 == NULL) + return; + + #ifndef WOLF_CRYPTO_CB_FIND + if (sha3->devId != INVALID_DEVID) + #endif + { + ret = wc_CryptoCb_Free(sha3->devId, WC_ALGO_TYPE_HASH, + sha3->hashType, (void*)sha3); + /* If they want the standard free, they can call it themselves */ + /* via their callback setting devId to INVALID_DEVID */ + /* otherwise assume the callback handled it */ + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return; + /* fall-through when unavailable */ + } + + /* silence compiler warning */ + (void)ret; + +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */ + #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA3) if (sha3 == NULL) return; @@ -1174,6 +1218,20 @@ static int wc_Sha3Copy(wc_Sha3* src, wc_Sha3* dst) if (src == NULL || dst == NULL) return BAD_FUNC_ARG; +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY) + #ifndef WOLF_CRYPTO_CB_FIND + if (src->devId != INVALID_DEVID) + #endif + { + /* Cast the source and destination to be void to keep the abstraction */ + ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH, + src->hashType, (void*)src, (void*)dst); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */ + XMEMCPY(dst, src, sizeof(wc_Sha3)); #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA3) diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index 4c9d48957..5914582fb 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -1489,9 +1489,33 @@ int wc_InitSha512(wc_Sha512* sha512) void wc_Sha512Free(wc_Sha512* sha512) { +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) + int ret = 0; +#endif + if (sha512 == NULL) return; +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) + #ifndef WOLF_CRYPTO_CB_FIND + if (sha512->devId != INVALID_DEVID) + #endif + { + ret = wc_CryptoCb_Free(sha512->devId, WC_ALGO_TYPE_HASH, + WC_HASH_TYPE_SHA512, (void*)sha512); + /* If they want the standard free, they can call it themselves */ + /* via their callback setting devId to INVALID_DEVID */ + /* otherwise assume the callback handled it */ + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return; + /* fall-through when unavailable */ + } + + /* silence compiler warning */ + (void)ret; + +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */ + #if defined(WOLFSSL_ESP32) && \ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512) @@ -1919,9 +1943,33 @@ int wc_InitSha384(wc_Sha384* sha384) void wc_Sha384Free(wc_Sha384* sha384) { +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) + int ret = 0; +#endif + if (sha384 == NULL) return; +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) + #ifndef WOLF_CRYPTO_CB_FIND + if (sha384->devId != INVALID_DEVID) + #endif + { + ret = wc_CryptoCb_Free(sha384->devId, WC_ALGO_TYPE_HASH, + WC_HASH_TYPE_SHA384, (void*)sha384); + /* If they want the standard free, they can call it themselves */ + /* via their callback setting devId to INVALID_DEVID */ + /* otherwise assume the callback handled it */ + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return; + /* fall-through when unavailable */ + } + + /* silence compiler warning */ + (void)ret; + +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */ + #if defined(WOLFSSL_ESP32) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384) esp_sha_release_unfinished_lock(&sha384->ctx); @@ -2025,6 +2073,20 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst) return BAD_FUNC_ARG; } +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY) + #ifndef WOLF_CRYPTO_CB_FIND + if (src->devId != INVALID_DEVID) + #endif + { + /* Cast the source and destination to be void to keep the abstraction */ + ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH, + WC_HASH_TYPE_SHA512, (void*)src, (void*)dst); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */ + XMEMCPY(dst, src, sizeof(wc_Sha512)); #ifdef WOLFSSL_SMALL_STACK_CACHE dst->W = NULL; @@ -2439,6 +2501,20 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst) return BAD_FUNC_ARG; } +#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY) + #ifndef WOLF_CRYPTO_CB_FIND + if (src->devId != INVALID_DEVID) + #endif + { + /* Cast the source and destination to be void to keep the abstraction */ + ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH, + WC_HASH_TYPE_SHA384, (void*)src, (void*)dst); + if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) + return ret; + /* fall-through when unavailable */ + } +#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */ + XMEMCPY(dst, src, sizeof(wc_Sha384)); #ifdef WOLFSSL_SMALL_STACK_CACHE diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 1a19b5b17..710950665 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -61295,7 +61295,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) } } #endif /* !NO_SHA || !NO_SHA256 */ -#ifdef WOLFSSL_HAVE_COPY_FREE_CB +#ifdef WOLF_CRYPTO_CB_COPY else if (info->algo_type == WC_ALGO_TYPE_COPY) { #ifdef DEBUG_WOLFSSL WOLFSSL_MSG_EX("CryptoDevCb: Copy Algo=%d Type=%d\n", @@ -61303,6 +61303,34 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) #endif if (info->copy.algo == WC_ALGO_TYPE_HASH) { switch (info->copy.type) { +#ifndef NO_SHA + case WC_HASH_TYPE_SHA: + { + wc_Sha* src = (wc_Sha*)info->copy.src; + wc_Sha* dst = (wc_Sha*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_ShaCopy(src, dst); + src->devId = devIdArg; + if (ret == 0) { + dst->devId = devIdArg; + } + break; + } +#endif +#ifdef WOLFSSL_SHA224 + case WC_HASH_TYPE_SHA224: + { + wc_Sha224* src = (wc_Sha224*)info->copy.src; + wc_Sha224* dst = (wc_Sha224*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha224Copy(src, dst); + src->devId = devIdArg; + if (ret == 0) { + dst->devId = devIdArg; + } + break; + } +#endif #ifndef NO_SHA256 case WC_HASH_TYPE_SHA256: { @@ -61326,6 +61354,90 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) break; } #endif /* !NO_SHA256 */ +#ifdef WOLFSSL_SHA384 + case WC_HASH_TYPE_SHA384: + { + wc_Sha384* src = (wc_Sha384*)info->copy.src; + wc_Sha384* dst = (wc_Sha384*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha384Copy(src, dst); + src->devId = devIdArg; + if (ret == 0) { + dst->devId = devIdArg; + } + break; + } +#endif +#ifdef WOLFSSL_SHA512 + case WC_HASH_TYPE_SHA512: + { + wc_Sha512* src = (wc_Sha512*)info->copy.src; + wc_Sha512* dst = (wc_Sha512*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha512Copy(src, dst); + src->devId = devIdArg; + if (ret == 0) { + dst->devId = devIdArg; + } + break; + } +#endif +#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) + case WC_HASH_TYPE_SHA3_224: + { + wc_Sha3* src = (wc_Sha3*)info->copy.src; + wc_Sha3* dst = (wc_Sha3*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha3_224_Copy(src, dst); + src->devId = devIdArg; + if (ret == 0) { + dst->devId = devIdArg; + } + break; + } +#endif +#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) + case WC_HASH_TYPE_SHA3_256: + { + wc_Sha3* src = (wc_Sha3*)info->copy.src; + wc_Sha3* dst = (wc_Sha3*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha3_256_Copy(src, dst); + src->devId = devIdArg; + if (ret == 0) { + dst->devId = devIdArg; + } + break; + } +#endif +#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384) + case WC_HASH_TYPE_SHA3_384: + { + wc_Sha3* src = (wc_Sha3*)info->copy.src; + wc_Sha3* dst = (wc_Sha3*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha3_384_Copy(src, dst); + src->devId = devIdArg; + if (ret == 0) { + dst->devId = devIdArg; + } + break; + } +#endif +#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) + case WC_HASH_TYPE_SHA3_512: + { + wc_Sha3* src = (wc_Sha3*)info->copy.src; + wc_Sha3* dst = (wc_Sha3*)info->copy.dst; + src->devId = INVALID_DEVID; + ret = wc_Sha3_512_Copy(src, dst); + src->devId = devIdArg; + if (ret == 0) { + dst->devId = devIdArg; + } + break; + } +#endif default: ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); break; @@ -61335,6 +61447,8 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); } } +#endif /* WOLF_CRYPTO_CB_COPY */ +#ifdef WOLF_CRYPTO_CB_FREE else if (info->algo_type == WC_ALGO_TYPE_FREE) { #ifdef DEBUG_WOLFSSL WOLFSSL_MSG_EX("CryptoDevCb: Free Algo=%d Type=%d\n", @@ -61343,6 +61457,26 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) if (info->free.algo == WC_ALGO_TYPE_HASH) { switch (info->free.type) { +#ifndef NO_SHA + case WC_HASH_TYPE_SHA: + { + wc_Sha* sha = (wc_Sha*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_ShaFree(sha); + ret = 0; + break; + } +#endif +#ifdef WOLFSSL_SHA224 + case WC_HASH_TYPE_SHA224: + { + wc_Sha224* sha = (wc_Sha224*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha224Free(sha); + ret = 0; + break; + } +#endif #ifndef NO_SHA256 case WC_HASH_TYPE_SHA256: { @@ -61357,6 +61491,66 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) ret = 0; break; } +#endif +#ifdef WOLFSSL_SHA384 + case WC_HASH_TYPE_SHA384: + { + wc_Sha384* sha = (wc_Sha384*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha384Free(sha); + ret = 0; + break; + } +#endif +#ifdef WOLFSSL_SHA512 + case WC_HASH_TYPE_SHA512: + { + wc_Sha512* sha = (wc_Sha512*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha512Free(sha); + ret = 0; + break; + } +#endif +#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) + case WC_HASH_TYPE_SHA3_224: + { + wc_Sha3* sha = (wc_Sha3*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha3_224_Free(sha); + ret = 0; + break; + } +#endif +#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) + case WC_HASH_TYPE_SHA3_256: + { + wc_Sha3* sha = (wc_Sha3*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha3_256_Free(sha); + ret = 0; + break; + } +#endif +#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384) + case WC_HASH_TYPE_SHA3_384: + { + wc_Sha3* sha = (wc_Sha3*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha3_384_Free(sha); + ret = 0; + break; + } +#endif +#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) + case WC_HASH_TYPE_SHA3_512: + { + wc_Sha3* sha = (wc_Sha3*)info->free.obj; + sha->devId = INVALID_DEVID; + wc_Sha3_512_Free(sha); + ret = 0; + break; + } #endif default: ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); @@ -61367,7 +61561,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); } } -#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ +#endif /* WOLF_CRYPTO_CB_FREE */ #ifndef NO_HMAC else if (info->algo_type == WC_ALGO_TYPE_HMAC) { if (info->hmac.hmac == NULL) diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h index 8e52c152e..c3e483222 100644 --- a/wolfssl/wolfcrypt/cryptocb.h +++ b/wolfssl/wolfcrypt/cryptocb.h @@ -469,19 +469,21 @@ typedef struct wc_CryptoInfo { void *ctx; } cmd; #endif -#ifdef WOLFSSL_HAVE_COPY_FREE_CB +#ifdef WOLF_CRYPTO_CB_COPY struct { /* uses wc_AlgoType=WC_ALGO_TYPE_COPY */ - int algo; /* enum wc_AlgoType - WC_ALGO_TYPE_HASH, WC_ALGO_TYPE_CIPHER, etc */ - int type; /* For HASH: enum wc_HashType, For CIPHER: enum wc_CipherType */ + int algo; /* enum wc_AlgoType - HASH, CIPHER, etc */ + int type; /* For HASH: wc_HashType, CIPHER: wc_CipherType */ void *src; /* Source structure to copy from */ void *dst; /* Destination structure to copy to */ } copy; +#endif /* WOLF_CRYPTO_CB_COPY */ +#ifdef WOLF_CRYPTO_CB_FREE struct { /* uses wc_AlgoType=WC_ALGO_TYPE_FREE */ - int algo; /* enum wc_AlgoType - WC_ALGO_TYPE_HASH, WC_ALGO_TYPE_CIPHER, etc */ - int type; /* For HASH: enum wc_HashType, For CIPHER: enum wc_CipherType */ + int algo; /* enum wc_AlgoType - HASH, CIPHER, etc */ + int type; /* For HASH: wc_HashType, CIPHER: wc_CipherType */ void *obj; /* Object structure to free */ } free; -#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ +#endif /* WOLF_CRYPTO_CB_FREE */ #if defined(HAVE_HKDF) || defined(HAVE_CMAC_KDF) struct { int type; /* enum wc_KdfType */ @@ -751,11 +753,13 @@ WOLFSSL_LOCAL int wc_CryptoCb_GetCert(int devId, const char *label, word32* outSz, int *format, void *heap); #endif -#ifdef WOLFSSL_HAVE_COPY_FREE_CB +#ifdef WOLF_CRYPTO_CB_COPY WOLFSSL_LOCAL int wc_CryptoCb_Copy(int devId, int algo, int type, void* src, void* dst); +#endif /* WOLF_CRYPTO_CB_COPY */ +#ifdef WOLF_CRYPTO_CB_FREE WOLFSSL_LOCAL int wc_CryptoCb_Free(int devId, int algo, int type, void* obj); -#endif /* WOLFSSL_HAVE_COPY_FREE_CB */ +#endif /* WOLF_CRYPTO_CB_FREE */ #endif /* WOLF_CRYPTO_CB */ diff --git a/wolfssl/wolfcrypt/sha3.h b/wolfssl/wolfcrypt/sha3.h index 9fc32c06a..73f8345b4 100644 --- a/wolfssl/wolfcrypt/sha3.h +++ b/wolfssl/wolfcrypt/sha3.h @@ -144,6 +144,8 @@ struct wc_Sha3 { #ifdef WOLF_CRYPTO_CB int devId; + void* devCtx; + int hashType; #endif #ifdef WC_C_DYNAMIC_FALLBACK