Added CryptoDev callback support for AES CBC and SHA1/SHA256.

wolfcrypt/src/aes.c

@@ -2904,6 +2904,14 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             return BAD_FUNC_ARG;
         }
 
+    #ifdef WOLF_CRYPTO_DEV
+        if (aes->devId != INVALID_DEVID) {
+            int ret = wc_CryptoDev_AesCbcEncrypt(aes, out, in, sz);
+            if (ret != NOT_COMPILED_IN)
+                return ret;
+            ret = 0; /* reset error code and try using software */
+        }
+    #endif
     #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
         /* if async and byte count above threshold */
         if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
@@ -2995,6 +3003,13 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             return BAD_FUNC_ARG;
         }
 
+    #ifdef WOLF_CRYPTO_DEV
+        if (aes->devId != INVALID_DEVID) {
+            int ret = wc_CryptoDev_AesCbcDecrypt(aes, out, in, sz);
+            if (ret != NOT_COMPILED_IN)
+                return ret;
+        }
+    #endif
     #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
         /* if async and byte count above threshold */
         if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
@@ -8495,7 +8510,6 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
             authTag, authTagSz, authIn, authInSz);
         if (ret != NOT_COMPILED_IN)
             return ret;
-        ret = 0; /* reset error code and try using software */
     }
 #endif
 

wolfcrypt/src/cryptodev.c

@@ -256,7 +256,8 @@ int wc_CryptoDev_EccVerify(const byte* sig, word32 siglen,
 }
 #endif /* HAVE_ECC */
 
-#if !defined(NO_AES) && defined(HAVE_AESGCM)
+#ifndef NO_AES
+#ifdef HAVE_AESGCM
 int wc_CryptoDev_AesGcmEncrypt(Aes* aes, byte* out,
                                const byte* in, word32 sz,
                                const byte* iv, word32 ivSz,
@@ -328,15 +329,119 @@ int wc_CryptoDev_AesGcmDecrypt(Aes* aes, byte* out,
 
     return ret;
 }
-#endif /* !NO_AES && HAVE_AESGCM */
+#endif /* HAVE_AESGCM */
 
-/* call to support callback for entire buffer hash */
-int wc_CryptoDev_Sha256Hash(const byte* data, word32 len, byte* hash)
+#ifdef HAVE_AES_CBC
+int wc_CryptoDev_AesCbcEncrypt(Aes* aes, byte* out,
+                               const byte* in, word32 sz)
 {
-    (void)data;
-    (void)len;
-    (void)hash;
-    return NOT_COMPILED_IN;
+    int ret = NOT_COMPILED_IN;
+    CryptoDev* dev;
+
+    /* locate registered callback */
+    dev = wc_CryptoDev_FindDevice(aes->devId);
+    if (dev) {
+        if (dev->cb) {
+            wc_CryptoInfo cryptoInfo;
+            XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
+            cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER;
+            cryptoInfo.cipher.type = WC_CIPHER_AES_CBC;
+            cryptoInfo.cipher.enc = 1;
+            cryptoInfo.cipher.aescbc_enc.aes       = aes;
+            cryptoInfo.cipher.aescbc_enc.out       = out;
+            cryptoInfo.cipher.aescbc_enc.in        = in;
+            cryptoInfo.cipher.aescbc_enc.sz        = sz;
+
+            ret = dev->cb(aes->devId, &cryptoInfo, dev->ctx);
+        }
+    }
+
+    return ret;
 }
 
+int wc_CryptoDev_AesCbcDecrypt(Aes* aes, byte* out,
+                               const byte* in, word32 sz)
+{
+    int ret = NOT_COMPILED_IN;
+    CryptoDev* dev;
+
+    /* locate registered callback */
+    dev = wc_CryptoDev_FindDevice(aes->devId);
+    if (dev) {
+        if (dev->cb) {
+            wc_CryptoInfo cryptoInfo;
+            XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
+            cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER;
+            cryptoInfo.cipher.type = WC_CIPHER_AES_CBC;
+            cryptoInfo.cipher.enc = 0;
+            cryptoInfo.cipher.aescbc_dec.aes       = aes;
+            cryptoInfo.cipher.aescbc_dec.out       = out;
+            cryptoInfo.cipher.aescbc_dec.in        = in;
+            cryptoInfo.cipher.aescbc_dec.sz        = sz;
+
+            ret = dev->cb(aes->devId, &cryptoInfo, dev->ctx);
+        }
+    }
+
+    return ret;
+}
+#endif /* HAVE_AES_CBC */
+#endif /* !NO_AES */
+
+#ifndef NO_SHA
+int wc_CryptoDev_ShaHash(wc_Sha* sha, const byte* in,
+    word32 inSz, byte* digest)
+{
+    int ret = NOT_COMPILED_IN;
+    CryptoDev* dev;
+
+    /* locate registered callback */
+    dev = wc_CryptoDev_FindDevice(sha->devId);
+    if (dev) {
+        if (dev->cb) {
+            wc_CryptoInfo cryptoInfo;
+            XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
+            cryptoInfo.algo_type = WC_ALGO_TYPE_HASH;
+            cryptoInfo.hash.type = WC_HASH_TYPE_SHA;
+            cryptoInfo.hash.sha1 = sha;
+            cryptoInfo.hash.in = in;
+            cryptoInfo.hash.inSz = inSz;
+            cryptoInfo.hash.digest = digest;
+
+            ret = dev->cb(sha->devId, &cryptoInfo, dev->ctx);
+        }
+    }
+
+    return ret;
+}
+#endif /* !NO_SHA */
+
+#ifndef NO_SHA256
+int wc_CryptoDev_Sha256Hash(wc_Sha256* sha256, const byte* in,
+    word32 inSz, byte* digest)
+{
+    int ret = NOT_COMPILED_IN;
+    CryptoDev* dev;
+
+    /* locate registered callback */
+    dev = wc_CryptoDev_FindDevice(sha256->devId);
+    if (dev) {
+        if (dev->cb) {
+            wc_CryptoInfo cryptoInfo;
+            XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
+            cryptoInfo.algo_type = WC_ALGO_TYPE_HASH;
+            cryptoInfo.hash.type = WC_HASH_TYPE_SHA256;
+            cryptoInfo.hash.sha256 = sha256;
+            cryptoInfo.hash.in = in;
+            cryptoInfo.hash.inSz = inSz;
+            cryptoInfo.hash.digest = digest;
+
+            ret = dev->cb(sha256->devId, &cryptoInfo, dev->ctx);
+        }
+    }
+
+    return ret;
+}
+#endif /* !NO_SHA256 */
+
 #endif /* WOLF_CRYPTO_DEV */

wolfcrypt/src/sha.c

@@ -43,6 +43,10 @@
 #include <wolfssl/wolfcrypt/sha.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 
+#ifdef WOLF_CRYPTO_DEV
+    #include <wolfssl/wolfcrypt/cryptodev.h>
+#endif
+
 /* fips wrapper calls, user can call direct */
 #if defined(HAVE_FIPS) && \
     (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
@@ -430,6 +434,10 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
         return BAD_FUNC_ARG;
 
     sha->heap = heap;
+#ifdef WOLF_CRYPTO_DEV
+    sha->devId = devId;
+#endif
+
 #if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
     !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
     sha->ctx.mode = ESP32_SHA_INIT;
@@ -460,6 +468,13 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
     /* do block size increments */
     local = (byte*)sha->buffer;
 
+#ifdef WOLF_CRYPTO_DEV
+    if (sha->devId != INVALID_DEVID) {
+        int ret = wc_CryptoDev_ShaHash(sha, data, len, NULL);
+        if (ret != NOT_COMPILED_IN)
+            return ret;
+    }
+#endif
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
     if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) {
     #if defined(HAVE_INTEL_QA)
@@ -535,6 +550,13 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
 
     local = (byte*)sha->buffer;
 
+#ifdef WOLF_CRYPTO_DEV
+    if (sha->devId != INVALID_DEVID) {
+        int ret = wc_CryptoDev_ShaHash(sha, NULL, 0, hash);
+        if (ret != NOT_COMPILED_IN)
+            return ret;
+    }
+#endif
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
     if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) {
     #if defined(HAVE_INTEL_QA)

wolfcrypt/src/sha256.c

@@ -46,6 +46,10 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/cpuid.h>
 
+#ifdef WOLF_CRYPTO_DEV
+    #include <wolfssl/wolfcrypt/cryptodev.h>
+#endif
+
 /* fips wrapper calls, user can call direct */
 #if defined(HAVE_FIPS) && \
     (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
@@ -308,6 +312,9 @@ static int InitSha256(wc_Sha256* sha256)
             return BAD_FUNC_ARG;
 
         sha256->heap = heap;
+    #ifdef WOLF_CRYPTO_DEV
+        sha256->devId = devId;
+    #endif
 
         ret = InitSha256(sha256);
         if (ret != 0)
@@ -675,6 +682,14 @@ static int InitSha256(wc_Sha256* sha256)
             return 0;
         }
 
+    #ifdef WOLF_CRYPTO_DEV
+        if (sha256->devId != INVALID_DEVID) {
+            ret = wc_CryptoDev_Sha256Hash(sha256, data, len, NULL);
+            if (ret != NOT_COMPILED_IN)
+                return ret;
+            ret = 0; /* reset error code and try using software */
+        }
+    #endif
     #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
         if (sha256->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA256) {
         #if defined(HAVE_INTEL_QA)
@@ -939,6 +954,15 @@ static int InitSha256(wc_Sha256* sha256)
             return BAD_FUNC_ARG;
         }
 
+    #ifdef WOLF_CRYPTO_DEV
+        if (sha256->devId != INVALID_DEVID) {
+            ret = wc_CryptoDev_Sha256Hash(sha256, NULL, 0, hash);
+            if (ret != NOT_COMPILED_IN)
+                return ret;
+            ret = 0; /* reset error code and try using software */
+        }
+    #endif
+
     #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
         if (sha256->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA256) {
         #if defined(HAVE_INTEL_QA)