wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 02:37:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added CryptoDev callback support for AES CBC and SHA1/SHA256.

Browse Source
This commit is contained in:
David Garske
2019-01-02 14:34:26 -08:00
parent 656c7951cd
commit 1201ffb13f
8 changed files with 336 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
wolfcrypt/src/aes.c
View File

@ -2904,6 +2904,14 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return BAD_FUNC_ARG;
}
#ifdef WOLF_CRYPTO_DEV
if (aes->devId != INVALID_DEVID) {
int ret = wc_CryptoDev_AesCbcEncrypt(aes, out, in, sz);
if (ret != NOT_COMPILED_IN)
return ret;
ret = 0; /* reset error code and try using software */
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
/* if async and byte count above threshold */
if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
@ -2995,6 +3003,13 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return BAD_FUNC_ARG;
}
#ifdef WOLF_CRYPTO_DEV
if (aes->devId != INVALID_DEVID) {
int ret = wc_CryptoDev_AesCbcDecrypt(aes, out, in, sz);
if (ret != NOT_COMPILED_IN)
return ret;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
/* if async and byte count above threshold */
if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
@ -8495,7 +8510,6 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
authTag, authTagSz, authIn, authInSz);
if (ret != NOT_COMPILED_IN)
return ret;
ret = 0; /* reset error code and try using software */
}
#endif

121
wolfcrypt/src/cryptodev.c
View File

@ -256,7 +256,8 @@ int wc_CryptoDev_EccVerify(const byte* sig, word32 siglen,
}
#endif /* HAVE_ECC */
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#ifndef NO_AES
#ifdef HAVE_AESGCM
int wc_CryptoDev_AesGcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
@ -328,15 +329,119 @@ int wc_CryptoDev_AesGcmDecrypt(Aes* aes, byte* out,
return ret;
}
#endif /* !NO_AES && HAVE_AESGCM */
#endif /* HAVE_AESGCM */
/* call to support callback for entire buffer hash */
int wc_CryptoDev_Sha256Hash(const byte* data, word32 len, byte* hash)
#ifdef HAVE_AES_CBC
int wc_CryptoDev_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz)
{
(void)data;
(void)len;
(void)hash;
return NOT_COMPILED_IN;
int ret = NOT_COMPILED_IN;
CryptoDev* dev;
/* locate registered callback */
dev = wc_CryptoDev_FindDevice(aes->devId);
if (dev) {
if (dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER;
cryptoInfo.cipher.type = WC_CIPHER_AES_CBC;
cryptoInfo.cipher.enc = 1;
cryptoInfo.cipher.aescbc_enc.aes = aes;
cryptoInfo.cipher.aescbc_enc.out = out;
cryptoInfo.cipher.aescbc_enc.in = in;
cryptoInfo.cipher.aescbc_enc.sz = sz;
ret = dev->cb(aes->devId, &cryptoInfo, dev->ctx);
}
}
return ret;
}
int wc_CryptoDev_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz)
{
int ret = NOT_COMPILED_IN;
CryptoDev* dev;
/* locate registered callback */
dev = wc_CryptoDev_FindDevice(aes->devId);
if (dev) {
if (dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER;
cryptoInfo.cipher.type = WC_CIPHER_AES_CBC;
cryptoInfo.cipher.enc = 0;
cryptoInfo.cipher.aescbc_dec.aes = aes;
cryptoInfo.cipher.aescbc_dec.out = out;
cryptoInfo.cipher.aescbc_dec.in = in;
cryptoInfo.cipher.aescbc_dec.sz = sz;
ret = dev->cb(aes->devId, &cryptoInfo, dev->ctx);
}
}
return ret;
}
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES */
#ifndef NO_SHA
int wc_CryptoDev_ShaHash(wc_Sha* sha, const byte* in,
word32 inSz, byte* digest)
{
int ret = NOT_COMPILED_IN;
CryptoDev* dev;
/* locate registered callback */
dev = wc_CryptoDev_FindDevice(sha->devId);
if (dev) {
if (dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_HASH;
cryptoInfo.hash.type = WC_HASH_TYPE_SHA;
cryptoInfo.hash.sha1 = sha;
cryptoInfo.hash.in = in;
cryptoInfo.hash.inSz = inSz;
cryptoInfo.hash.digest = digest;
ret = dev->cb(sha->devId, &cryptoInfo, dev->ctx);
}
}
return ret;
}
#endif /* !NO_SHA */
#ifndef NO_SHA256
int wc_CryptoDev_Sha256Hash(wc_Sha256* sha256, const byte* in,
word32 inSz, byte* digest)
{
int ret = NOT_COMPILED_IN;
CryptoDev* dev;
/* locate registered callback */
dev = wc_CryptoDev_FindDevice(sha256->devId);
if (dev) {
if (dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_HASH;
cryptoInfo.hash.type = WC_HASH_TYPE_SHA256;
cryptoInfo.hash.sha256 = sha256;
cryptoInfo.hash.in = in;
cryptoInfo.hash.inSz = inSz;
cryptoInfo.hash.digest = digest;
ret = dev->cb(sha256->devId, &cryptoInfo, dev->ctx);
}
}
return ret;
}
#endif /* !NO_SHA256 */
#endif /* WOLF_CRYPTO_DEV */

22
wolfcrypt/src/sha.c
View File

@ -43,6 +43,10 @@
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef WOLF_CRYPTO_DEV
#include <wolfssl/wolfcrypt/cryptodev.h>
#endif
/* fips wrapper calls, user can call direct */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
@ -430,6 +434,10 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
return BAD_FUNC_ARG;
sha->heap = heap;
#ifdef WOLF_CRYPTO_DEV
sha->devId = devId;
#endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
sha->ctx.mode = ESP32_SHA_INIT;
@ -460,6 +468,13 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
/* do block size increments */
local = (byte*)sha->buffer;
#ifdef WOLF_CRYPTO_DEV
if (sha->devId != INVALID_DEVID) {
int ret = wc_CryptoDev_ShaHash(sha, data, len, NULL);
if (ret != NOT_COMPILED_IN)
return ret;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) {
#if defined(HAVE_INTEL_QA)
@ -535,6 +550,13 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
local = (byte*)sha->buffer;
#ifdef WOLF_CRYPTO_DEV
if (sha->devId != INVALID_DEVID) {
int ret = wc_CryptoDev_ShaHash(sha, NULL, 0, hash);
if (ret != NOT_COMPILED_IN)
return ret;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) {
#if defined(HAVE_INTEL_QA)

24
wolfcrypt/src/sha256.c
View File

@ -46,6 +46,10 @@
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/cpuid.h>
#ifdef WOLF_CRYPTO_DEV
#include <wolfssl/wolfcrypt/cryptodev.h>
#endif
/* fips wrapper calls, user can call direct */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
@ -308,6 +312,9 @@ static int InitSha256(wc_Sha256* sha256)
return BAD_FUNC_ARG;
sha256->heap = heap;
#ifdef WOLF_CRYPTO_DEV
sha256->devId = devId;
#endif
ret = InitSha256(sha256);
if (ret != 0)
@ -675,6 +682,14 @@ static int InitSha256(wc_Sha256* sha256)
return 0;
}
#ifdef WOLF_CRYPTO_DEV
if (sha256->devId != INVALID_DEVID) {
ret = wc_CryptoDev_Sha256Hash(sha256, data, len, NULL);
if (ret != NOT_COMPILED_IN)
return ret;
ret = 0; /* reset error code and try using software */
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
if (sha256->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA256) {
#if defined(HAVE_INTEL_QA)
@ -939,6 +954,15 @@ static int InitSha256(wc_Sha256* sha256)
return BAD_FUNC_ARG;
}
#ifdef WOLF_CRYPTO_DEV
if (sha256->devId != INVALID_DEVID) {
ret = wc_CryptoDev_Sha256Hash(sha256, NULL, 0, hash);
if (ret != NOT_COMPILED_IN)
return ret;
ret = 0; /* reset error code and try using software */
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
if (sha256->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA256) {
#if defined(HAVE_INTEL_QA)

102
wolfcrypt/test/test.c
View File

@ -22918,9 +22918,9 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
#endif /* HAVE_ECC */
}
else if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#ifndef NO_AES
#ifdef HAVE_AESGCM
if (info->cipher.type == WC_CIPHER_AES_GCM) {
if (info->cipher.enc) {
/* set devId to invalid, so software is used */
info->cipher.aesgcm_enc.aes->devId = INVALID_DEVID;
@ -22960,8 +22960,86 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->cipher.aesgcm_dec.aes->devId = devIdArg;
}
}
#endif /* !NO_AES && HAVE_AESGCM */
#endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
if (info->cipher.type == WC_CIPHER_AES_CBC) {
if (info->cipher.enc) {
/* set devId to invalid, so software is used */
info->cipher.aescbc_enc.aes->devId = INVALID_DEVID;
ret = wc_AesCbcEncrypt(
info->cipher.aescbc_enc.aes,
info->cipher.aescbc_enc.out,
info->cipher.aescbc_enc.in,
info->cipher.aescbc_enc.sz);
/* reset devId */
info->cipher.aescbc_enc.aes->devId = devIdArg;
}
else {
/* set devId to invalid, so software is used */
info->cipher.aescbc_dec.aes->devId = INVALID_DEVID;
ret = wc_AesCbcDecrypt(
info->cipher.aescbc_dec.aes,
info->cipher.aescbc_dec.out,
info->cipher.aescbc_dec.in,
info->cipher.aescbc_dec.sz);
/* reset devId */
info->cipher.aescbc_dec.aes->devId = devIdArg;
}
}
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES */
}
#if !defined(NO_SHA) || !defined(NO_SHA256)
else if (info->algo_type == WC_ALGO_TYPE_HASH) {
#if !defined(NO_SHA)
if (info->hash.type == WC_HASH_TYPE_SHA) {
/* set devId to invalid, so software is used */
info->hash.sha1->devId = INVALID_DEVID;
if (info->hash.in != NULL) {
ret = wc_ShaUpdate(
info->hash.sha1,
info->hash.in,
info->hash.inSz);
}
else if (info->hash.digest != NULL) {
ret = wc_ShaFinal(
info->hash.sha1,
info->hash.digest);
}
/* reset devId */
info->hash.sha1->devId = devIdArg;
}
else
#endif
#if !defined(NO_SHA256)
if (info->hash.type == WC_HASH_TYPE_SHA256) {
/* set devId to invalid, so software is used */
info->hash.sha256->devId = INVALID_DEVID;
if (info->hash.in != NULL) {
ret = wc_Sha256Update(
info->hash.sha256,
info->hash.in,
info->hash.inSz);
}
else if (info->hash.digest != NULL) {
ret = wc_Sha256Final(
info->hash.sha256,
info->hash.digest);
}
/* reset devId */
info->hash.sha256->devId = devIdArg;
}
#endif
}
#endif /* !NO_SHA || !NO_SHA256 */
(void)devIdArg;
(void)myCtx;
@ -22989,9 +23067,25 @@ int cryptodev_test(void)
if (ret == 0)
ret = ecc_test();
#endif
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#ifndef NO_AES
#ifdef HAVE_AESGCM
if (ret == 0)
ret = aesgcm_test();
#endif
#ifdef HAVE_AES_CBC
if (ret == 0)
ret = aes_cbc_test();
#endif
#endif /* !NO_AES */
#if !defined(NO_SHA) || !defined(NO_SHA256)
#ifndef NO_SHA
if (ret == 0)
ret = sha_test();
#endif
#ifndef NO_SHA256
if (ret == 0)
ret = sha256_test();
#endif
#endif
/* reset devId */

64
wolfssl/wolfcrypt/cryptodev.h
View File

@ -38,6 +38,12 @@
#ifndef NO_AES
#include <wolfssl/wolfcrypt/aes.h>
#endif
#ifndef NO_SHA
#include <wolfssl/wolfcrypt/sha.h>
#endif
#ifndef NO_SHA256
#include <wolfssl/wolfcrypt/sha256.h>
#endif
/* Crypto Information Structure for callbacks */
typedef struct wc_CryptoInfo {
@ -96,11 +102,12 @@ typedef struct wc_CryptoInfo {
#endif
};
} pk;
#ifndef NO_AES
struct {
int type; /* enum wc_CipherType */
int enc;
union {
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#ifdef HAVE_AESGCM
struct {
Aes* aes;
byte* out;
@ -125,9 +132,40 @@ typedef struct wc_CryptoInfo {
const byte* authIn;
word32 authInSz;
} aesgcm_dec;
#endif
#endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
} aescbc_enc;
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
} aescbc_dec;
#endif /* HAVE_AES_CBC */
};
} cipher;
#endif
#if !defined(NO_SHA) || !defined(NO_SHA256)
struct {
int type; /* enum wc_HashType */
const byte* in;
word32 inSz;
byte* digest;
union {
#ifndef NO_SHA
wc_Sha* sha1;
#endif
#ifndef NO_SHA256
wc_Sha256* sha256;
#endif
};
} hash;
#endif /* !NO_SHA || !NO_SHA256 */
} wc_CryptoInfo;
typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
@ -162,8 +200,8 @@ WOLFSSL_LOCAL int wc_CryptoDev_EccVerify(const byte* sig, word32 siglen,
const byte* hash, word32 hashlen, int* res, ecc_key* key);
#endif /* HAVE_ECC */
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#ifndef NO_AES
#ifdef HAVE_AESGCM
WOLFSSL_LOCAL int wc_CryptoDev_AesGcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz, const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz);
@ -172,10 +210,24 @@ WOLFSSL_LOCAL int wc_CryptoDev_AesGcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz, const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
WOLFSSL_LOCAL int wc_CryptoDev_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_LOCAL int wc_CryptoDev_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES */
#endif /* !NO_AES && HAVE_AESGCM */
#ifndef NO_SHA
WOLFSSL_LOCAL int wc_CryptoDev_ShaHash(wc_Sha* sha, const byte* in,
word32 inSz, byte* digest);
#endif /* !NO_SHA */
WOLFSSL_LOCAL int wc_CryptoDev_Sha256Hash(const byte* data, word32 len, byte* hash);
#ifndef NO_SHA256
WOLFSSL_LOCAL int wc_CryptoDev_Sha256Hash(wc_Sha256* sha256, const byte* in,
word32 inSz, byte* digest);
#endif /* !NO_SHA256 */
#endif /* WOLF_CRYPTO_DEV */

3
wolfssl/wolfcrypt/sha.h
View File

@ -123,6 +123,9 @@ typedef struct wc_Sha {
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLF_CRYPTO_DEV
int devId;
#endif
#endif
#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)

3
wolfssl/wolfcrypt/sha256.h
View File

@ -158,6 +158,9 @@ typedef struct wc_Sha256 {
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
WC_ESP32SHA ctx;
#endif
#ifdef WOLF_CRYPTO_DEV
int devId;
#endif
#endif
} wc_Sha256;