mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 19:24:42 +02:00
Merge pull request #1004 from dgarske/fix_qat_dh
Fixes for QAT with DH and HMAC
This commit is contained in:
toddouska
GitHub
@@ -2673,7 +2673,7 @@ static INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsType)
|
||||
|
||||
#if !defined(NO_DH) || defined(HAVE_ECC)
|
||||
|
||||
static enum wc_HashType HashType(int hashAlgo)
|
||||
static enum wc_HashType HashAlgoToType(int hashAlgo)
|
||||
{
|
||||
switch (hashAlgo) {
|
||||
#ifdef WOLFSSL_SHA512
|
||||
@@ -17070,7 +17070,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
|
||||
DecodeSigAlg(&input[args->idx], &args->hashAlgo,
|
||||
&args->sigAlgo);
|
||||
args->idx += 2;
|
||||
hashType = HashType(args->hashAlgo);
|
||||
hashType = HashAlgoToType(args->hashAlgo);
|
||||
if (hashType == WC_HASH_TYPE_NONE) {
|
||||
ERROR_OUT(ALGO_ID_E, exit_dske);
|
||||
}
|
||||
@@ -17343,10 +17343,10 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
|
||||
#ifdef WC_RSA_PSS
|
||||
case rsa_pss_sa_algo:
|
||||
ret = wc_RsaPSS_CheckPadding(
|
||||
ssl->buffers.digest.buffer,
|
||||
ssl->buffers.digest.length,
|
||||
args->output, args->sigSz,
|
||||
HashType(args->hashAlgo));
|
||||
ssl->buffers.digest.buffer,
|
||||
ssl->buffers.digest.length,
|
||||
args->output, args->sigSz,
|
||||
HashAlgoToType(args->hashAlgo));
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
break;
|
||||
@@ -18190,6 +18190,9 @@ int SendClientKeyExchange(WOLFSSL* ssl)
|
||||
ret = DhGenKeyPair(ssl, ssl->buffers.serverDH_Key,
|
||||
ssl->buffers.sig.buffer, &ssl->buffers.sig.length,
|
||||
args->encSecret, &args->encSz);
|
||||
|
||||
/* set the max agree result size */
|
||||
ssl->arrays->preMasterSz = ENCRYPT_LEN;
|
||||
break;
|
||||
}
|
||||
#endif /* !NO_DH */
|
||||
@@ -20547,7 +20550,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
&args->output[args->idx]);
|
||||
args->idx += 2;
|
||||
|
||||
hashType = HashType(ssl->suites->hashAlgo);
|
||||
hashType = HashAlgoToType(ssl->suites->hashAlgo);
|
||||
if (hashType == WC_HASH_TYPE_NONE) {
|
||||
ERROR_OUT(ALGO_ID_E, exit_sske);
|
||||
}
|
||||
@@ -20790,7 +20793,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
&args->output[args->idx]);
|
||||
args->idx += 2;
|
||||
|
||||
hashType = HashType(ssl->suites->hashAlgo);
|
||||
hashType = HashAlgoToType(ssl->suites->hashAlgo);
|
||||
if (hashType == WC_HASH_TYPE_NONE) {
|
||||
ERROR_OUT(ALGO_ID_E, exit_sske);
|
||||
}
|
||||
@@ -22385,10 +22388,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
SetDigest(ssl, args->hashAlgo);
|
||||
|
||||
ret = wc_RsaPSS_CheckPadding(
|
||||
ssl->buffers.digest.buffer,
|
||||
ssl->buffers.digest.length,
|
||||
args->output, args->sigSz,
|
||||
HashType(args->hashAlgo));
|
||||
ssl->buffers.digest.buffer,
|
||||
ssl->buffers.digest.length,
|
||||
args->output, args->sigSz,
|
||||
HashAlgoToType(args->hashAlgo));
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
}
|
||||
@@ -23334,6 +23337,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
ssl->buffers.serverDH_P.length,
|
||||
ssl->buffers.serverDH_G.buffer,
|
||||
ssl->buffers.serverDH_G.length);
|
||||
|
||||
/* set the max agree result size */
|
||||
ssl->arrays->preMasterSz = ENCRYPT_LEN;
|
||||
break;
|
||||
}
|
||||
#endif /* !NO_DH */
|
||||
|
||||
@@ -711,7 +711,7 @@ static void* benchmarks_do(void* args)
|
||||
int rngRet;
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
rngRet = wc_InitRng_ex(&rng, HEAP_HINT, INVALID_DEVID);
|
||||
rngRet = wc_InitRng_ex(&rng, HEAP_HINT, devId);
|
||||
#else
|
||||
rngRet = wc_InitRng(&rng);
|
||||
#endif
|
||||
|
||||
@@ -261,18 +261,18 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
|
||||
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
|
||||
if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
|
||||
#if defined(HAVE_CAVIUM) || defined(HAVE_INTEL_QA)
|
||||
#if defined(HAVE_CAVIUM)
|
||||
if (length > HMAC_BLOCK_SIZE) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
if (key != NULL) {
|
||||
XMEMCPY(hmac->keyRaw, key, length);
|
||||
XMEMCPY(hmac->ipad, key, length);
|
||||
}
|
||||
hmac->keyLen = (word16)length;
|
||||
|
||||
return 0; /* nothing to do here */
|
||||
#endif /* HAVE_CAVIUM || HAVE_INTEL_QA */
|
||||
#endif /* HAVE_CAVIUM */
|
||||
}
|
||||
#endif /* WOLFSSL_ASYNC_CRYPT */
|
||||
|
||||
@@ -440,6 +440,18 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
|
||||
if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
|
||||
if (length > hmac_block_size)
|
||||
length = hmac_block_size;
|
||||
/* update key length */
|
||||
hmac->keyLen = (word16)length;
|
||||
|
||||
return ret;
|
||||
/* no need to pad below */
|
||||
}
|
||||
#endif
|
||||
|
||||
if (ret == 0) {
|
||||
if (length < hmac_block_size)
|
||||
XMEMSET(ip + length, 0, hmac_block_size - length);
|
||||
@@ -532,7 +544,7 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
|
||||
return NitroxHmacUpdate(hmac, msg, length);
|
||||
#elif defined(HAVE_INTEL_QA)
|
||||
return IntelQaHmac(&hmac->asyncDev, hmac->macType,
|
||||
hmac->keyRaw, hmac->keyLen, NULL, msg, length);
|
||||
(byte*)hmac->ipad, hmac->keyLen, NULL, msg, length);
|
||||
#endif
|
||||
}
|
||||
#endif /* WOLFSSL_ASYNC_CRYPT */
|
||||
@@ -611,7 +623,7 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
|
||||
return NitroxHmacFinal(hmac, hmac->macType, hash, hashLen);
|
||||
#elif defined(HAVE_INTEL_QA)
|
||||
return IntelQaHmac(&hmac->asyncDev, hmac->macType,
|
||||
hmac->keyRaw, hmac->keyLen, hash, NULL, hashLen);
|
||||
(byte*)hmac->ipad, hmac->keyLen, hash, NULL, hashLen);
|
||||
#endif
|
||||
}
|
||||
#endif /* WOLFSSL_ASYNC_CRYPT */
|
||||
|
||||
@@ -80,7 +80,7 @@ int wolfCrypt_Init(void)
|
||||
ret = wolfAsync_HardwareStart();
|
||||
if (ret != 0) {
|
||||
WOLFSSL_MSG("Async hardware start failed");
|
||||
return ret;
|
||||
/* don't return failure, allow operation to continue */
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
@@ -4314,7 +4314,6 @@ int aes192_test(void)
|
||||
return -4231;
|
||||
#endif
|
||||
|
||||
|
||||
ret = wc_AesSetKey(&enc, key, (int) sizeof(key), iv, AES_ENCRYPTION);
|
||||
if (ret != 0)
|
||||
return -4232;
|
||||
@@ -4344,6 +4343,12 @@ int aes192_test(void)
|
||||
|
||||
if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
|
||||
return -4237;
|
||||
|
||||
wc_AesFree(&enc);
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
wc_AesFree(&dec);
|
||||
#endif
|
||||
|
||||
#endif /* HAVE_AES_CBC */
|
||||
|
||||
return ret;
|
||||
@@ -4394,7 +4399,6 @@ int aes256_test(void)
|
||||
return -4241;
|
||||
#endif
|
||||
|
||||
|
||||
ret = wc_AesSetKey(&enc, key, (int) sizeof(key), iv, AES_ENCRYPTION);
|
||||
if (ret != 0)
|
||||
return -4242;
|
||||
@@ -4424,7 +4428,14 @@ int aes256_test(void)
|
||||
|
||||
if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
|
||||
return -4247;
|
||||
|
||||
wc_AesFree(&enc);
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
wc_AesFree(&dec);
|
||||
#endif
|
||||
|
||||
#endif /* HAVE_AES_CBC */
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@@ -157,8 +157,7 @@ typedef struct Hmac {
|
||||
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
WC_ASYNC_DEV asyncDev;
|
||||
byte keyRaw[HMAC_BLOCK_SIZE];
|
||||
word16 keyLen; /* hmac key length */
|
||||
word16 keyLen; /* hmac key length (key in ipad) */
|
||||
#ifdef HAVE_CAVIUM
|
||||
byte* data; /* buffered input data for one call */
|
||||
word16 dataLen;
|
||||
|
||||
Reference in New Issue
Block a user