diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index 9440adbcc..bd2ee9d7e 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -82,7 +82,8 @@ bench_tls(args); #define NUM_THREAD_PAIRS 1 /* Thread pairs of server/client */ #define BENCH_RUNTIME_SEC 1 #define MEM_BUFFER_SZ ((16 * 1024) + 38 + 32) /* Must be large enough to handle max packet size plus max TLS header MAX_MSG_EXTRA */ -#define TEST_PACKET_SIZE (16 * 1024) /* max TLS packet size */ +#define TEST_PACKET_SIZE (16 * 1024) /* TLS packet size */ +#define TEST_MAX_SIZE (16 * 1024) /* Total bytes to benchmark */ #define SHOW_VERBOSE 0 /* Default output is tab delimited format */ static const char* kShutdown = "shutdown"; @@ -243,6 +244,7 @@ typedef struct { const char* host; word32 port; int packetSize; /* The data payload size in the packet */ + int maxSize; int runTimeSec; int showPeerInfo; int showVerbose; @@ -599,6 +601,7 @@ static int bench_tls_client(info_t* info) WOLFSSL* cli_ssl = NULL; int haveShownPeerInfo = 0; int tls13 = XSTRNCMP(info->cipher, "TLS13", 5) == 0; + int total_sz; total = gettime_secs(0); @@ -653,11 +656,7 @@ static int bench_tls_client(info_t* info) /* Allocate and initialize a packet sized buffer */ writeBuf = (unsigned char*)XMALLOC(info->packetSize, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (writeBuf != NULL) { - XMEMSET(writeBuf, 0, info->packetSize); - XSTRNCPY((char*)writeBuf, kTestStr, info->packetSize); - } - else { + if (writeBuf == NULL) { printf("failed to allocate write memory\n"); ret = MEMORY_E; goto exit; } @@ -677,17 +676,6 @@ static int bench_tls_client(info_t* info) int err; #endif - /* check for run time completion and issue shutdown */ - if (gettime_secs(0) - total >= info->runTimeSec) { - info->client.shutdown = 1; - - writeSz = (int)XSTRLEN(kShutdown) + 1; - XMEMCPY(writeBuf, kShutdown, writeSz); /* include null term */ - if (info->showVerbose) { - printf("Sending shutdown\n"); - } - } - #ifdef HAVE_PTHREAD if (!info->useLocalMem) #endif @@ -732,51 +720,79 @@ static int bench_tls_client(info_t* info) showPeer(cli_ssl); } - /* write test message to server */ - start = gettime_secs(1); - #ifndef BENCH_USE_NONBLOCK - ret = wolfSSL_write(cli_ssl, writeBuf, writeSz); - #else - do { + /* check for run time completion and issue shutdown */ + if (gettime_secs(0) - total >= info->runTimeSec) { + info->client.shutdown = 1; + + writeSz = (int)XSTRLEN(kShutdown) + 1; + XMEMCPY(writeBuf, kShutdown, writeSz); /* include null term */ + if (info->showVerbose) { + printf("Sending shutdown\n"); + } + ret = wolfSSL_write(cli_ssl, writeBuf, writeSz); - err = wolfSSL_get_error(cli_ssl, ret); + if (ret < 0) { + printf("error on client write\n"); + ret = wolfSSL_get_error(cli_ssl, ret); + goto exit; + } } - while (err == WOLFSSL_ERROR_WANT_WRITE); - #endif - info->client_stats.txTime += gettime_secs(0) - start; - if (ret < 0) { - printf("error on client write\n"); - ret = wolfSSL_get_error(cli_ssl, ret); - goto exit; + else { + XMEMSET(writeBuf, 0, info->packetSize); + XSTRNCPY((char*)writeBuf, kTestStr, info->packetSize); } - info->client_stats.txTotal += ret; - /* read echo of message from server */ - XMEMSET(readBuf, 0, readBufSz); - start = gettime_secs(1); - #ifndef BENCH_USE_NONBLOCK - ret = wolfSSL_read(cli_ssl, readBuf, readBufSz); - #else - do { + /* write / read echo loop */ + ret = 0; + total_sz = 0; + while (ret == 0 && total_sz < info->maxSize && !info->client.shutdown) { + /* write test message to server */ + start = gettime_secs(1); + #ifndef BENCH_USE_NONBLOCK + ret = wolfSSL_write(cli_ssl, writeBuf, writeSz); + #else + do { + ret = wolfSSL_write(cli_ssl, writeBuf, writeSz); + err = wolfSSL_get_error(cli_ssl, ret); + } + while (err == WOLFSSL_ERROR_WANT_WRITE); + #endif + info->client_stats.txTime += gettime_secs(0) - start; + if (ret < 0) { + printf("error on client write\n"); + ret = wolfSSL_get_error(cli_ssl, ret); + goto exit; + } + info->client_stats.txTotal += ret; + total_sz += ret; + + /* read echo of message from server */ + XMEMSET(readBuf, 0, readBufSz); + start = gettime_secs(1); + #ifndef BENCH_USE_NONBLOCK ret = wolfSSL_read(cli_ssl, readBuf, readBufSz); - err = wolfSSL_get_error(cli_ssl, ret); - } - while (err == WOLFSSL_ERROR_WANT_READ); - #endif - info->client_stats.rxTime += gettime_secs(0) - start; - if (ret < 0) { - printf("error on client read\n"); - ret = wolfSSL_get_error(cli_ssl, ret); - goto exit; - } - info->client_stats.rxTotal += ret; - ret = 0; /* reset return code */ + #else + do { + ret = wolfSSL_read(cli_ssl, readBuf, readBufSz); + err = wolfSSL_get_error(cli_ssl, ret); + } + while (err == WOLFSSL_ERROR_WANT_READ); + #endif + info->client_stats.rxTime += gettime_secs(0) - start; + if (ret < 0) { + printf("error on client read\n"); + ret = wolfSSL_get_error(cli_ssl, ret); + goto exit; + } + info->client_stats.rxTotal += ret; + ret = 0; /* reset return code */ - /* validate echo */ - if (XMEMCMP((char*)writeBuf, (char*)readBuf, writeSz) != 0) { - printf("echo check failed!\n"); - ret = wolfSSL_get_error(cli_ssl, ret); - goto exit; + /* validate echo */ + if (XMEMCMP((char*)writeBuf, (char*)readBuf, writeSz) != 0) { + printf("echo check failed!\n"); + ret = wolfSSL_get_error(cli_ssl, ret); + goto exit; + } } CloseAndCleanupSocket(&info->client.sockFd); @@ -906,6 +922,7 @@ static int bench_tls_server(info_t* info) WOLFSSL_CTX* srv_ctx = NULL; WOLFSSL* srv_ssl = NULL; int tls13 = XSTRNCMP(info->cipher, "TLS13", 5) == 0; + int total_sz; /* set up server */ #ifdef WOLFSSL_TLS13 @@ -1036,53 +1053,65 @@ static int bench_tls_server(info_t* info) info->server_stats.connTime += start; info->server_stats.connCount++; - /* read message from client */ - XMEMSET(readBuf, 0, readBufSz); - start = gettime_secs(1); - #ifndef BENCH_USE_NONBLOCK - ret = wolfSSL_read(srv_ssl, readBuf, readBufSz); - #else - do { + /* echo loop */ + ret = 0; + total_sz = 0; + while (ret == 0 && total_sz < info->maxSize) { + double rxTime; + + /* read message from client */ + XMEMSET(readBuf, 0, readBufSz); + start = gettime_secs(1); + #ifndef BENCH_USE_NONBLOCK ret = wolfSSL_read(srv_ssl, readBuf, readBufSz); - err = wolfSSL_get_error(srv_ssl, ret); - } - while (err == WOLFSSL_ERROR_WANT_READ); - #endif - info->server_stats.rxTime += gettime_secs(0) - start; - if (ret < 0) { - printf("error on server read\n"); - ret = wolfSSL_get_error(srv_ssl, ret); - goto exit; - } - info->server_stats.rxTotal += ret; - len = ret; - - /* write message back to client */ - start = gettime_secs(1); - #ifndef BENCH_USE_NONBLOCK - ret = wolfSSL_write(srv_ssl, readBuf, len); - #else - do { - ret = wolfSSL_write(srv_ssl, readBuf, len); - err = wolfSSL_get_error(srv_ssl, ret); - } - while (err == WOLFSSL_ERROR_WANT_WRITE); - #endif - info->server_stats.txTime += gettime_secs(0) - start; - if (ret < 0) { - printf("error on server write\n"); - ret = wolfSSL_get_error(srv_ssl, ret); - goto exit; - } - info->server_stats.txTotal += ret; - ret = 0; /* reset return code */ - - /* shutdown signals, no more connections for this cipher */ - if (XSTRSTR((const char*)readBuf, kShutdown) != NULL) { - info->server.shutdown = 1; - if (info->showVerbose) { - printf("Server shutdown done\n"); + #else + do { + ret = wolfSSL_read(srv_ssl, readBuf, readBufSz); + err = wolfSSL_get_error(srv_ssl, ret); } + while (err == WOLFSSL_ERROR_WANT_READ); + #endif + rxTime = gettime_secs(0) - start; + + /* shutdown signals, no more connections for this cipher */ + if (XSTRSTR((const char*)readBuf, kShutdown) != NULL) { + info->server.shutdown = 1; + if (info->showVerbose) { + printf("Server shutdown done\n"); + } + ret = 0; /* success */ + break; + } + + info->server_stats.rxTime += rxTime; + if (ret < 0) { + printf("error on server read\n"); + ret = wolfSSL_get_error(srv_ssl, ret); + goto exit; + } + info->server_stats.rxTotal += ret; + len = ret; + total_sz += ret; + + /* write message back to client */ + start = gettime_secs(1); + #ifndef BENCH_USE_NONBLOCK + ret = wolfSSL_write(srv_ssl, readBuf, len); + #else + do { + ret = wolfSSL_write(srv_ssl, readBuf, len); + err = wolfSSL_get_error(srv_ssl, ret); + } + while (err == WOLFSSL_ERROR_WANT_WRITE); + #endif + info->server_stats.txTime += gettime_secs(0) - start; + if (ret < 0) { + printf("error on server write\n"); + ret = wolfSSL_get_error(srv_ssl, ret); + goto exit; + } + info->server_stats.txTotal += ret; + ret = 0; /* reset return code */ } CloseAndCleanupSocket(&info->server.sockFd); @@ -1188,6 +1217,7 @@ static void Usage(void) printf("-l Cipher suite list (: delimited)\n"); printf("-t Time (seconds) to run each test (default %d)\n", BENCH_RUNTIME_SEC); printf("-p The packet size in bytes [1-16kB] (default %d)\n", TEST_PACKET_SIZE); + printf("-S The total size in bytes (default %d)\n", TEST_MAX_SIZE); printf("-v Show verbose output\n"); #ifdef DEBUG_WOLFSSL printf("-d Enable debug messages\n"); @@ -1227,6 +1257,7 @@ int bench_tls(void* args) int argRuntimeSec = BENCH_RUNTIME_SEC; char *argCipherList = NULL; int argTestPacketSize = TEST_PACKET_SIZE; + int argTestMaxSize = TEST_MAX_SIZE; int argThreadPairs = NUM_THREAD_PAIRS; int argShowVerbose = SHOW_VERBOSE; int argClientOnly = 0; @@ -1249,7 +1280,7 @@ int bench_tls(void* args) wolfSSL_Init(); /* Parse command line arguments */ - while ((ch = mygetopt(argc, argv, "?" "deil:p:t:vT:sch:P:m")) != -1) { + while ((ch = mygetopt(argc, argv, "?" "deil:p:t:vT:sch:P:mS:")) != -1) { switch (ch) { case '?' : Usage(); @@ -1298,6 +1329,10 @@ int bench_tls(void* args) } break; + case 'S' : + argTestMaxSize = atoi(myoptarg); + break; + case 't' : argRuntimeSec = atoi(myoptarg); break; @@ -1391,6 +1426,7 @@ int bench_tls(void* args) info->cipher = cipher; info->packetSize = argTestPacketSize; info->runTimeSec = argRuntimeSec; + info->maxSize = argTestMaxSize; info->showPeerInfo = argShowPeerInfo; info->showVerbose = argShowVerbose; #ifndef NO_WOLFSSL_SERVER diff --git a/src/internal.c b/src/internal.c index cbe49380d..16b35131b 100644 --- a/src/internal.c +++ b/src/internal.c @@ -4495,27 +4495,42 @@ int InitHandshakeHashes(WOLFSSL* ssl) ret = wc_InitMd5_ex(&ssl->hsHashes->hashMd5, ssl->heap, ssl->devId); if (ret != 0) return ret; + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + wc_Md5SetFlags(&ssl->hsHashes->hashMd5, WC_HASH_FLAG_WILLCOPY); + #endif #endif #ifndef NO_SHA ret = wc_InitSha_ex(&ssl->hsHashes->hashSha, ssl->heap, ssl->devId); if (ret != 0) return ret; + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + wc_ShaSetFlags(&ssl->hsHashes->hashSha, WC_HASH_FLAG_WILLCOPY); + #endif #endif #endif /* !NO_OLD_TLS */ #ifndef NO_SHA256 ret = wc_InitSha256_ex(&ssl->hsHashes->hashSha256, ssl->heap, ssl->devId); if (ret != 0) return ret; + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + wc_Sha256SetFlags(&ssl->hsHashes->hashSha256, WC_HASH_FLAG_WILLCOPY); + #endif #endif #ifdef WOLFSSL_SHA384 ret = wc_InitSha384_ex(&ssl->hsHashes->hashSha384, ssl->heap, ssl->devId); if (ret != 0) return ret; + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + wc_Sha384SetFlags(&ssl->hsHashes->hashSha384, WC_HASH_FLAG_WILLCOPY); + #endif #endif #ifdef WOLFSSL_SHA512 ret = wc_InitSha512_ex(&ssl->hsHashes->hashSha512, ssl->heap, ssl->devId); if (ret != 0) return ret; + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + wc_Sha512SetFlags(&ssl->hsHashes->hashSha512, WC_HASH_FLAG_WILLCOPY); + #endif #endif return ret; diff --git a/src/keys.c b/src/keys.c index e885537a8..56ab0786c 100644 --- a/src/keys.c +++ b/src/keys.c @@ -1433,7 +1433,7 @@ int SetCipherSpecs(WOLFSSL* ssl) ssl->options.usingPSK_cipher = 1; break; #endif - + #ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 case TLS_DH_anon_WITH_AES_256_GCM_SHA384: ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm; @@ -2931,17 +2931,13 @@ static void CacheStatusPP(SecureRenegotiation* cache) */ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side) { - int devId = INVALID_DEVID, ret, copy = 0; + int ret, copy = 0; Ciphers* wc_encrypt = NULL; Ciphers* wc_decrypt = NULL; Keys* keys = &ssl->keys; (void)copy; -#ifdef WOLFSSL_ASYNC_CRYPT - devId = ssl->devId; -#endif - #ifdef HAVE_SECURE_RENEGOTIATION if (ssl->secure_renegotiation && ssl->secure_renegotiation->cache_status) { keys = &ssl->secure_renegotiation->tmp_keys; @@ -3003,14 +2999,14 @@ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side) #ifdef HAVE_ONE_TIME_AUTH if (!ssl->auth.setup && ssl->specs.bulk_cipher_algorithm == wolfssl_chacha){ - ret = SetAuthKeys(&ssl->auth, keys, &ssl->specs, ssl->heap, devId); + ret = SetAuthKeys(&ssl->auth, keys, &ssl->specs, ssl->heap, ssl->devId); if (ret != 0) return ret; } #endif ret = SetKeys(wc_encrypt, wc_decrypt, keys, &ssl->specs, ssl->options.side, - ssl->heap, devId); + ssl->heap, ssl->devId); #ifdef HAVE_SECURE_RENEGOTIATION if (copy) { diff --git a/src/ssl.c b/src/ssl.c index 75cc1c572..fc3442a61 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -11167,10 +11167,11 @@ int wolfSSL_set_compression(WOLFSSL* ssl) int ret = WOLFSSL_FAILURE; FreeDer(&ctx->privateKey); - if (AllocDer(&ctx->privateKey, sz, PRIVATEKEY_TYPE, ctx->heap) == 0) { + if (AllocDer(&ctx->privateKey, (word32)sz, PRIVATEKEY_TYPE, + ctx->heap) == 0) { XMEMCPY(ctx->privateKey->buffer, id, sz); ctx->privateKeyId = 1; - ctx->privateKeySz = keySz; + ctx->privateKeySz = (word32)keySz; if (devId != INVALID_DEVID) ctx->privateKeyDevId = devId; else @@ -11324,11 +11325,12 @@ int wolfSSL_set_compression(WOLFSSL* ssl) int ret = WOLFSSL_FAILURE; FreeDer(&ssl->buffers.key); - if (AllocDer(&ssl->buffers.key, sz, PRIVATEKEY_TYPE, ssl->heap) == 0) { + if (AllocDer(&ssl->buffers.key, (word32)sz, PRIVATEKEY_TYPE, + ssl->heap) == 0) { XMEMCPY(ssl->buffers.key->buffer, id, sz); ssl->buffers.weOwnKey = 1; ssl->buffers.keyId = 1; - ssl->buffers.keySz = keySz; + ssl->buffers.keySz = (word32)keySz; if (devId != INVALID_DEVID) ssl->buffers.keyId = devId; else @@ -14671,24 +14673,50 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) if (ssl->hsHashes != NULL) { #ifndef NO_OLD_TLS #ifndef NO_MD5 - wc_InitMd5(&ssl->hsHashes->hashMd5); + if (wc_InitMd5_ex(&ssl->hsHashes->hashMd5, ssl->heap, + ssl->devId) != 0) { + return WOLFSSL_FAILURE; + } + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + wc_Md5SetFlags(&ssl->hsHashes->hashMd5, WC_HASH_FLAG_WILLCOPY); + #endif #endif #ifndef NO_SHA - if (wc_InitSha(&ssl->hsHashes->hashSha) != 0) + if (wc_InitSha_ex(&ssl->hsHashes->hashSha, ssl->heap, + ssl->devId) != 0) { return WOLFSSL_FAILURE; + } + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + wc_ShaSetFlags(&ssl->hsHashes->hashSha, WC_HASH_FLAG_WILLCOPY); + #endif #endif #endif #ifndef NO_SHA256 - if (wc_InitSha256(&ssl->hsHashes->hashSha256) != 0) + if (wc_InitSha256_ex(&ssl->hsHashes->hashSha256, ssl->heap, + ssl->devId) != 0) { return WOLFSSL_FAILURE; + } + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + wc_Sha256SetFlags(&ssl->hsHashes->hashSha256, WC_HASH_FLAG_WILLCOPY); + #endif #endif #ifdef WOLFSSL_SHA384 - if (wc_InitSha384(&ssl->hsHashes->hashSha384) != 0) + if (wc_InitSha384_ex(&ssl->hsHashes->hashSha384, ssl->heap, + ssl->devId) != 0) { return WOLFSSL_FAILURE; + } + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + wc_Sha384SetFlags(&ssl->hsHashes->hashSha384, WC_HASH_FLAG_WILLCOPY); + #endif #endif #ifdef WOLFSSL_SHA512 - if (wc_InitSha512(&ssl->hsHashes->hashSha512) != 0) + if (wc_InitSha512_ex(&ssl->hsHashes->hashSha512, ssl->heap, + ssl->devId) != 0) { return WOLFSSL_FAILURE; + } + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + wc_Sha512SetFlags(&ssl->hsHashes->hashSha512, WC_HASH_FLAG_WILLCOPY); + #endif #endif } #ifdef SESSION_CERTS diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 43bfe9e33..e865a9ad3 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -6528,6 +6528,7 @@ int wc_AesInit(Aes* aes, void* heap, int devId) #ifdef WOLF_CRYPTO_CB aes->devId = devId; + aes->devCtx = NULL; #else (void)devId; #endif @@ -6589,6 +6590,9 @@ void wc_AesFree(Aes* aes) #if defined(WOLFSSL_DEVCRYPTO) && \ (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)) wc_DevCryptoFree(&aes->ctx); +#endif +#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \ + (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) ForceZero((byte*)aes->devKey, AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE); #endif } diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 39d4cc46f..a8a055b10 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -102,6 +102,10 @@ ASN Options: #include #endif +#ifdef WOLF_CRYPTO_CB + #include +#endif + #ifdef WOLFSSL_DEBUG_ENCODING #if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) #if MQX_USE_IO_OLD @@ -4545,6 +4549,28 @@ WOLFSSL_LOCAL int OBJ_sn2nid(const char *sn) } #endif +/* Routine for calculating hashId */ +int CalcHashId(const byte* data, word32 len, byte* hash) +{ + int ret = NOT_COMPILED_IN; + +#ifdef WOLF_CRYPTO_CB + /* try to use a registered crypto callback */ + ret = wc_CryptoCb_Sha256Hash(NULL, data, len, hash); + if (ret != NOT_COMPILED_IN) + return ret; + /* for not compiled in case, use software method below */ +#endif + +#if defined(NO_SHA) && !defined(NO_SHA256) + ret = wc_Sha256Hash(data, len, hash); +#elif !defined(NO_SHA) + ret = wc_ShaHash(data, len, hash); +#endif + + return ret; +} + /* process NAME, either issuer or subject */ static int GetName(DecodedCert* cert, int nameType) { diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index 0c60a7b5e..c7b8602df 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -55,6 +55,15 @@ static CryptoCb* wc_CryptoCb_FindDevice(int devId) } return NULL; } +static CryptoCb* wc_CryptoCb_FindDeviceByIndex(int startIdx) +{ + int i; + for (i=startIdx; idevId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_PK; - cryptoInfo.pk.type = WC_PK_TYPE_RSA; - cryptoInfo.pk.rsa.in = in; - cryptoInfo.pk.rsa.inLen = inLen; - cryptoInfo.pk.rsa.out = out; - cryptoInfo.pk.rsa.outLen = outLen; - cryptoInfo.pk.rsa.type = type; - cryptoInfo.pk.rsa.key = key; - cryptoInfo.pk.rsa.rng = rng; + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_PK; + cryptoInfo.pk.type = WC_PK_TYPE_RSA; + cryptoInfo.pk.rsa.in = in; + cryptoInfo.pk.rsa.inLen = inLen; + cryptoInfo.pk.rsa.out = out; + cryptoInfo.pk.rsa.outLen = outLen; + cryptoInfo.pk.rsa.type = type; + cryptoInfo.pk.rsa.key = key; + cryptoInfo.pk.rsa.rng = rng; - ret = dev->cb(key->devId, &cryptoInfo, dev->ctx); - } + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -126,21 +136,22 @@ int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) int ret = NOT_COMPILED_IN; CryptoCb* dev; + if (key == NULL) + return ret; + /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_PK; - cryptoInfo.pk.type = WC_PK_TYPE_RSA_KEYGEN; - cryptoInfo.pk.rsakg.key = key; - cryptoInfo.pk.rsakg.size = size; - cryptoInfo.pk.rsakg.e = e; - cryptoInfo.pk.rsakg.rng = rng; + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_PK; + cryptoInfo.pk.type = WC_PK_TYPE_RSA_KEYGEN; + cryptoInfo.pk.rsakg.key = key; + cryptoInfo.pk.rsakg.size = size; + cryptoInfo.pk.rsakg.e = e; + cryptoInfo.pk.rsakg.rng = rng; - ret = dev->cb(key->devId, &cryptoInfo, dev->ctx); - } + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -154,21 +165,22 @@ int wc_CryptoCb_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId) int ret = NOT_COMPILED_IN; CryptoCb* dev; + if (key == NULL) + return ret; + /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_PK; - cryptoInfo.pk.type = WC_PK_TYPE_EC_KEYGEN; - cryptoInfo.pk.eckg.rng = rng; - cryptoInfo.pk.eckg.size = keySize; - cryptoInfo.pk.eckg.key = key; - cryptoInfo.pk.eckg.curveId = curveId; + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_PK; + cryptoInfo.pk.type = WC_PK_TYPE_EC_KEYGEN; + cryptoInfo.pk.eckg.rng = rng; + cryptoInfo.pk.eckg.size = keySize; + cryptoInfo.pk.eckg.key = key; + cryptoInfo.pk.eckg.curveId = curveId; - ret = dev->cb(key->devId, &cryptoInfo, dev->ctx); - } + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -180,21 +192,22 @@ int wc_CryptoCb_Ecdh(ecc_key* private_key, ecc_key* public_key, int ret = NOT_COMPILED_IN; CryptoCb* dev; + if (private_key == NULL) + return ret; + /* locate registered callback */ dev = wc_CryptoCb_FindDevice(private_key->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_PK; - cryptoInfo.pk.type = WC_PK_TYPE_ECDH; - cryptoInfo.pk.ecdh.private_key = private_key; - cryptoInfo.pk.ecdh.public_key = public_key; - cryptoInfo.pk.ecdh.out = out; - cryptoInfo.pk.ecdh.outlen = outlen; + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_PK; + cryptoInfo.pk.type = WC_PK_TYPE_ECDH; + cryptoInfo.pk.ecdh.private_key = private_key; + cryptoInfo.pk.ecdh.public_key = public_key; + cryptoInfo.pk.ecdh.out = out; + cryptoInfo.pk.ecdh.outlen = outlen; - ret = dev->cb(private_key->devId, &cryptoInfo, dev->ctx); - } + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -206,23 +219,24 @@ int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out, int ret = NOT_COMPILED_IN; CryptoCb* dev; + if (key == NULL) + return ret; + /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_PK; - cryptoInfo.pk.type = WC_PK_TYPE_ECDSA_SIGN; - cryptoInfo.pk.eccsign.in = in; - cryptoInfo.pk.eccsign.inlen = inlen; - cryptoInfo.pk.eccsign.out = out; - cryptoInfo.pk.eccsign.outlen = outlen; - cryptoInfo.pk.eccsign.rng = rng; - cryptoInfo.pk.eccsign.key = key; + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_PK; + cryptoInfo.pk.type = WC_PK_TYPE_ECDSA_SIGN; + cryptoInfo.pk.eccsign.in = in; + cryptoInfo.pk.eccsign.inlen = inlen; + cryptoInfo.pk.eccsign.out = out; + cryptoInfo.pk.eccsign.outlen = outlen; + cryptoInfo.pk.eccsign.rng = rng; + cryptoInfo.pk.eccsign.key = key; - ret = dev->cb(key->devId, &cryptoInfo, dev->ctx); - } + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -234,23 +248,24 @@ int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen, int ret = NOT_COMPILED_IN; CryptoCb* dev; + if (key == NULL) + return ret; + /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_PK; - cryptoInfo.pk.type = WC_PK_TYPE_ECDSA_VERIFY; - cryptoInfo.pk.eccverify.sig = sig; - cryptoInfo.pk.eccverify.siglen = siglen; - cryptoInfo.pk.eccverify.hash = hash; - cryptoInfo.pk.eccverify.hashlen = hashlen; - cryptoInfo.pk.eccverify.res = res; - cryptoInfo.pk.eccverify.key = key; + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_PK; + cryptoInfo.pk.type = WC_PK_TYPE_ECDSA_VERIFY; + cryptoInfo.pk.eccverify.sig = sig; + cryptoInfo.pk.eccverify.siglen = siglen; + cryptoInfo.pk.eccverify.hash = hash; + cryptoInfo.pk.eccverify.hashlen = hashlen; + cryptoInfo.pk.eccverify.res = res; + cryptoInfo.pk.eccverify.key = key; - ret = dev->cb(key->devId, &cryptoInfo, dev->ctx); - } + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -269,27 +284,32 @@ int wc_CryptoCb_AesGcmEncrypt(Aes* aes, byte* out, CryptoCb* dev; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(aes->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; - cryptoInfo.cipher.type = WC_CIPHER_AES_GCM; - cryptoInfo.cipher.enc = 1; - cryptoInfo.cipher.aesgcm_enc.aes = aes; - cryptoInfo.cipher.aesgcm_enc.out = out; - cryptoInfo.cipher.aesgcm_enc.in = in; - cryptoInfo.cipher.aesgcm_enc.sz = sz; - cryptoInfo.cipher.aesgcm_enc.iv = iv; - cryptoInfo.cipher.aesgcm_enc.ivSz = ivSz; - cryptoInfo.cipher.aesgcm_enc.authTag = authTag; - cryptoInfo.cipher.aesgcm_enc.authTagSz = authTagSz; - cryptoInfo.cipher.aesgcm_enc.authIn = authIn; - cryptoInfo.cipher.aesgcm_enc.authInSz = authInSz; + if (aes) { + dev = wc_CryptoCb_FindDevice(aes->devId); + } + else { + /* locate first callback and try using it */ + dev = wc_CryptoCb_FindDeviceByIndex(0); + } - ret = dev->cb(aes->devId, &cryptoInfo, dev->ctx); - } + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; + cryptoInfo.cipher.type = WC_CIPHER_AES_GCM; + cryptoInfo.cipher.enc = 1; + cryptoInfo.cipher.aesgcm_enc.aes = aes; + cryptoInfo.cipher.aesgcm_enc.out = out; + cryptoInfo.cipher.aesgcm_enc.in = in; + cryptoInfo.cipher.aesgcm_enc.sz = sz; + cryptoInfo.cipher.aesgcm_enc.iv = iv; + cryptoInfo.cipher.aesgcm_enc.ivSz = ivSz; + cryptoInfo.cipher.aesgcm_enc.authTag = authTag; + cryptoInfo.cipher.aesgcm_enc.authTagSz = authTagSz; + cryptoInfo.cipher.aesgcm_enc.authIn = authIn; + cryptoInfo.cipher.aesgcm_enc.authInSz = authInSz; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -305,27 +325,32 @@ int wc_CryptoCb_AesGcmDecrypt(Aes* aes, byte* out, CryptoCb* dev; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(aes->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; - cryptoInfo.cipher.type = WC_CIPHER_AES_GCM; - cryptoInfo.cipher.enc = 0; - cryptoInfo.cipher.aesgcm_dec.aes = aes; - cryptoInfo.cipher.aesgcm_dec.out = out; - cryptoInfo.cipher.aesgcm_dec.in = in; - cryptoInfo.cipher.aesgcm_dec.sz = sz; - cryptoInfo.cipher.aesgcm_dec.iv = iv; - cryptoInfo.cipher.aesgcm_dec.ivSz = ivSz; - cryptoInfo.cipher.aesgcm_dec.authTag = authTag; - cryptoInfo.cipher.aesgcm_dec.authTagSz = authTagSz; - cryptoInfo.cipher.aesgcm_dec.authIn = authIn; - cryptoInfo.cipher.aesgcm_dec.authInSz = authInSz; + if (aes) { + dev = wc_CryptoCb_FindDevice(aes->devId); + } + else { + /* locate first callback and try using it */ + dev = wc_CryptoCb_FindDeviceByIndex(0); + } - ret = dev->cb(aes->devId, &cryptoInfo, dev->ctx); - } + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; + cryptoInfo.cipher.type = WC_CIPHER_AES_GCM; + cryptoInfo.cipher.enc = 0; + cryptoInfo.cipher.aesgcm_dec.aes = aes; + cryptoInfo.cipher.aesgcm_dec.out = out; + cryptoInfo.cipher.aesgcm_dec.in = in; + cryptoInfo.cipher.aesgcm_dec.sz = sz; + cryptoInfo.cipher.aesgcm_dec.iv = iv; + cryptoInfo.cipher.aesgcm_dec.ivSz = ivSz; + cryptoInfo.cipher.aesgcm_dec.authTag = authTag; + cryptoInfo.cipher.aesgcm_dec.authTagSz = authTagSz; + cryptoInfo.cipher.aesgcm_dec.authIn = authIn; + cryptoInfo.cipher.aesgcm_dec.authInSz = authInSz; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -340,21 +365,27 @@ int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out, CryptoCb* dev; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(aes->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; - cryptoInfo.cipher.type = WC_CIPHER_AES_CBC; - cryptoInfo.cipher.enc = 1; - cryptoInfo.cipher.aescbc.aes = aes; - cryptoInfo.cipher.aescbc.out = out; - cryptoInfo.cipher.aescbc.in = in; - cryptoInfo.cipher.aescbc.sz = sz; + if (aes) { + dev = wc_CryptoCb_FindDevice(aes->devId); + } + else { + /* locate first callback and try using it */ + dev = wc_CryptoCb_FindDeviceByIndex(0); + } - ret = dev->cb(aes->devId, &cryptoInfo, dev->ctx); - } + dev = wc_CryptoCb_FindDevice(aes->devId); + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; + cryptoInfo.cipher.type = WC_CIPHER_AES_CBC; + cryptoInfo.cipher.enc = 1; + cryptoInfo.cipher.aescbc.aes = aes; + cryptoInfo.cipher.aescbc.out = out; + cryptoInfo.cipher.aescbc.in = in; + cryptoInfo.cipher.aescbc.sz = sz; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -367,21 +398,26 @@ int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out, CryptoCb* dev; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(aes->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; - cryptoInfo.cipher.type = WC_CIPHER_AES_CBC; - cryptoInfo.cipher.enc = 0; - cryptoInfo.cipher.aescbc.aes = aes; - cryptoInfo.cipher.aescbc.out = out; - cryptoInfo.cipher.aescbc.in = in; - cryptoInfo.cipher.aescbc.sz = sz; + if (aes) { + dev = wc_CryptoCb_FindDevice(aes->devId); + } + else { + /* locate first callback and try using it */ + dev = wc_CryptoCb_FindDeviceByIndex(0); + } - ret = dev->cb(aes->devId, &cryptoInfo, dev->ctx); - } + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; + cryptoInfo.cipher.type = WC_CIPHER_AES_CBC; + cryptoInfo.cipher.enc = 0; + cryptoInfo.cipher.aescbc.aes = aes; + cryptoInfo.cipher.aescbc.out = out; + cryptoInfo.cipher.aescbc.in = in; + cryptoInfo.cipher.aescbc.sz = sz; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -397,20 +433,25 @@ int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in, CryptoCb* dev; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(sha->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_HASH; - cryptoInfo.hash.type = WC_HASH_TYPE_SHA; - cryptoInfo.hash.sha1 = sha; - cryptoInfo.hash.in = in; - cryptoInfo.hash.inSz = inSz; - cryptoInfo.hash.digest = digest; + if (sha) { + dev = wc_CryptoCb_FindDevice(sha->devId); + } + else { + /* locate first callback and try using it */ + dev = wc_CryptoCb_FindDeviceByIndex(0); + } - ret = dev->cb(sha->devId, &cryptoInfo, dev->ctx); - } + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_HASH; + cryptoInfo.hash.type = WC_HASH_TYPE_SHA; + cryptoInfo.hash.sha1 = sha; + cryptoInfo.hash.in = in; + cryptoInfo.hash.inSz = inSz; + cryptoInfo.hash.digest = digest; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -425,26 +466,60 @@ int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in, CryptoCb* dev; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(sha256->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_HASH; - cryptoInfo.hash.type = WC_HASH_TYPE_SHA256; - cryptoInfo.hash.sha256 = sha256; - cryptoInfo.hash.in = in; - cryptoInfo.hash.inSz = inSz; - cryptoInfo.hash.digest = digest; + if (sha256) { + dev = wc_CryptoCb_FindDevice(sha256->devId); + } + else { + /* locate first callback and try using it */ + dev = wc_CryptoCb_FindDeviceByIndex(0); + } - ret = dev->cb(sha256->devId, &cryptoInfo, dev->ctx); - } + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_HASH; + cryptoInfo.hash.type = WC_HASH_TYPE_SHA256; + cryptoInfo.hash.sha256 = sha256; + cryptoInfo.hash.in = in; + cryptoInfo.hash.inSz = inSz; + cryptoInfo.hash.digest = digest; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; } #endif /* !NO_SHA256 */ +#ifndef NO_HMAC +int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in, word32 inSz, + byte* digest) +{ + int ret = NOT_COMPILED_IN; + CryptoCb* dev; + + if (hmac == NULL) + return ret; + + /* locate registered callback */ + dev = wc_CryptoCb_FindDevice(hmac->devId); + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_HMAC; + cryptoInfo.hmac.macType = macType; + cryptoInfo.hmac.in = in; + cryptoInfo.hmac.inSz = inSz; + cryptoInfo.hmac.digest = digest; + cryptoInfo.hmac.hmac = hmac; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); + } + + return ret; +} +#endif /* !NO_HMAC */ + #ifndef WC_NO_RNG int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz) { @@ -452,18 +527,23 @@ int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz) CryptoCb* dev; /* locate registered callback */ - dev = wc_CryptoCb_FindDevice(rng->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_RNG; - cryptoInfo.rng.rng = rng; - cryptoInfo.rng.out = out; - cryptoInfo.rng.sz = sz; + if (rng) { + dev = wc_CryptoCb_FindDevice(rng->devId); + } + else { + /* locate first callback and try using it */ + dev = wc_CryptoCb_FindDeviceByIndex(0); + } - ret = dev->cb(rng->devId, &cryptoInfo, dev->ctx); - } + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_RNG; + cryptoInfo.rng.rng = rng; + cryptoInfo.rng.out = out; + cryptoInfo.rng.sz = sz; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; @@ -476,17 +556,15 @@ int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz) /* locate registered callback */ dev = wc_CryptoCb_FindDevice(os->devId); - if (dev) { - if (dev->cb) { - wc_CryptoInfo cryptoInfo; - XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); - cryptoInfo.algo_type = WC_ALGO_TYPE_SEED; - cryptoInfo.seed.os = os; - cryptoInfo.seed.seed = seed; - cryptoInfo.seed.sz = sz; + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_SEED; + cryptoInfo.seed.os = os; + cryptoInfo.seed.seed = seed; + cryptoInfo.seed.sz = sz; - ret = dev->cb(os->devId, &cryptoInfo, dev->ctx); - } + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return ret; diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index 6013db0ce..f9c55f8dc 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -691,6 +691,119 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) return ret; } +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) +int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags) +{ + int ret = HASH_TYPE_E; /* Default to hash type error */ + + if (hash == NULL) + return BAD_FUNC_ARG; + + switch (type) { + case WC_HASH_TYPE_MD5: +#ifndef NO_MD5 + ret = wc_Md5SetFlags(&hash->md5, flags); +#endif + break; + case WC_HASH_TYPE_SHA: +#ifndef NO_SHA + ret = wc_ShaSetFlags(&hash->sha, flags); +#endif + break; + case WC_HASH_TYPE_SHA224: +#ifdef WOLFSSL_SHA224 + ret = wc_Sha224SetFlags(&hash->sha224, flags); +#endif + break; + case WC_HASH_TYPE_SHA256: +#ifndef NO_SHA256 + ret = wc_Sha256SetFlags(&hash->sha256, flags); +#endif + break; + case WC_HASH_TYPE_SHA384: +#ifdef WOLFSSL_SHA384 + ret = wc_Sha384SetFlags(&hash->sha384, flags); +#endif + break; + case WC_HASH_TYPE_SHA512: +#ifdef WOLFSSL_SHA512 + ret = wc_Sha512SetFlags(&hash->sha512, flags); +#endif + break; + + /* not supported */ + case WC_HASH_TYPE_MD5_SHA: + case WC_HASH_TYPE_MD2: + case WC_HASH_TYPE_MD4: + case WC_HASH_TYPE_SHA3_224: + case WC_HASH_TYPE_SHA3_256: + case WC_HASH_TYPE_SHA3_384: + case WC_HASH_TYPE_SHA3_512: + case WC_HASH_TYPE_BLAKE2B: + case WC_HASH_TYPE_NONE: + default: + ret = BAD_FUNC_ARG; + }; + + return ret; +} +int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) +{ + int ret = HASH_TYPE_E; /* Default to hash type error */ + + if (hash == NULL) + return BAD_FUNC_ARG; + + switch (type) { + case WC_HASH_TYPE_MD5: +#ifndef NO_MD5 + ret = wc_Md5GetFlags(&hash->md5, flags); +#endif + break; + case WC_HASH_TYPE_SHA: +#ifndef NO_SHA + ret = wc_ShaGetFlags(&hash->sha, flags); +#endif + break; + case WC_HASH_TYPE_SHA224: +#ifdef WOLFSSL_SHA224 + ret = wc_Sha224GetFlags(&hash->sha224, flags); +#endif + break; + case WC_HASH_TYPE_SHA256: +#ifndef NO_SHA256 + ret = wc_Sha256GetFlags(&hash->sha256, flags); +#endif + break; + case WC_HASH_TYPE_SHA384: +#ifdef WOLFSSL_SHA384 + ret = wc_Sha384GetFlags(&hash->sha384, flags); +#endif + break; + case WC_HASH_TYPE_SHA512: +#ifdef WOLFSSL_SHA512 + ret = wc_Sha512GetFlags(&hash->sha512, flags); +#endif + break; + + /* not supported */ + case WC_HASH_TYPE_MD5_SHA: + case WC_HASH_TYPE_MD2: + case WC_HASH_TYPE_MD4: + case WC_HASH_TYPE_SHA3_224: + case WC_HASH_TYPE_SHA3_256: + case WC_HASH_TYPE_SHA3_384: + case WC_HASH_TYPE_SHA3_512: + case WC_HASH_TYPE_BLAKE2B: + case WC_HASH_TYPE_NONE: + default: + ret = BAD_FUNC_ARG; + }; + + return ret; +} +#endif + #if !defined(WOLFSSL_TI_HASH) diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index 549e773de..16288d4ef 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -43,6 +43,10 @@ #include +#ifdef WOLF_CRYPTO_CB + #include +#endif + #ifdef NO_INLINE #include #else @@ -321,6 +325,11 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) return HMAC_MIN_KEYLEN_E; #endif +#ifdef WOLF_CRYPTO_CB + hmac->keyRaw = key; /* use buffer directly */ + hmac->keyLen = length; +#endif + ip = (byte*)hmac->ipad; op = (byte*)hmac->opad; @@ -691,6 +700,15 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length) return BAD_FUNC_ARG; } +#ifdef WOLF_CRYPTO_CB + if (hmac->devId != INVALID_DEVID) { + ret = wc_CryptoCb_Hmac(hmac, hmac->macType, msg, length, NULL); + if (ret != NOT_COMPILED_IN) + return ret; + /* fall-through on not compiled in */ + ret = 0; /* reset error code */ + } +#endif #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC) if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) { #if defined(HAVE_CAVIUM) @@ -791,6 +809,15 @@ int wc_HmacFinal(Hmac* hmac, byte* hash) return BAD_FUNC_ARG; } +#ifdef WOLF_CRYPTO_CB + if (hmac->devId != INVALID_DEVID) { + ret = wc_CryptoCb_Hmac(hmac, hmac->macType, NULL, 0, hash); + if (ret != NOT_COMPILED_IN) + return ret; + /* fall-through on not compiled in */ + ret = 0; /* reset error code */ + } +#endif #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC) if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) { int hashLen = wc_HmacSizeByType(hmac->macType); @@ -1028,10 +1055,12 @@ int wc_HmacInit(Hmac* hmac, void* heap, int devId) XMEMSET(hmac, 0, sizeof(Hmac)); hmac->heap = heap; +#ifdef WOLF_CRYPTO_CB + hmac->devId = devId; + hmac->devCtx = NULL; +#endif #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC) - hmac->keyLen = 0; - ret = wolfAsync_DevCtxInit(&hmac->asyncDev, WOLFSSL_ASYNC_MARKER_HMAC, hmac->heap, devId); #else @@ -1047,6 +1076,17 @@ void wc_HmacFree(Hmac* hmac) if (hmac == NULL) return; +#ifdef WOLF_CRYPTO_CB + /* handle cleanup case where final is not called */ + if (hmac->devId != INVALID_DEVID && hmac->devCtx != NULL) { + int ret; + byte finalHash[WC_HMAC_BLOCK_SIZE]; + ret = wc_CryptoCb_Hmac(hmac, hmac->macType, NULL, 0, finalHash); + (void)ret; /* must ignore return code here */ + (void)finalHash; + } +#endif + switch (hmac->macType) { #ifndef NO_MD5 case WC_MD5: diff --git a/wolfcrypt/src/md5.c b/wolfcrypt/src/md5.c index b55fad7ba..ce3b03318 100644 --- a/wolfcrypt/src/md5.c +++ b/wolfcrypt/src/md5.c @@ -37,6 +37,7 @@ #include #include #include +#include #ifdef NO_INLINE #include @@ -50,7 +51,7 @@ #if defined(STM32_HASH) /* Supports CubeMX HAL or Standard Peripheral Library */ - #define HAVE_MD5_CUST_API + #define HAVE_MD5_CUST_API int wc_InitMd5_ex(wc_Md5* md5, void* heap, int devId) { @@ -436,9 +437,29 @@ int wc_Md5Copy(wc_Md5* src, wc_Md5* dst) #ifdef WOLFSSL_PIC32MZ_HASH ret = wc_Pic32HashCopy(&src->cache, &dst->cache); #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + dst->flags |= WC_HASH_FLAG_ISCOPY; +#endif return ret; } +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) +int wc_Md5SetFlags(wc_Md5* md5, word32 flags) +{ + if (md5) { + md5->flags = flags; + } + return 0; +} +int wc_Md5GetFlags(wc_Md5* md5, word32* flags) +{ + if (md5 && flags) { + *flags = md5->flags; + } + return 0; +} +#endif + #endif /* WOLFSSL_TI_HASH */ #endif /* NO_MD5 */ diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c old mode 100755 new mode 100644 index 9d90abeb8..a5fe6c838 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -1741,30 +1741,47 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) #elif defined(STM32_RNG) /* Generate a RNG seed using the hardware random number generator - * on the STM32F2/F4/F7. */ + * on the STM32F2/F4/F7/L4. */ #ifdef WOLFSSL_STM32_CUBEMX int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) { RNG_HandleTypeDef hrng; - int i; + word32 i = 0; (void)os; /* enable RNG clock source */ __HAL_RCC_RNG_CLK_ENABLE(); /* enable RNG peripheral */ + XMEMSET(&hrng, 0, sizeof(hrng)); hrng.Instance = RNG; HAL_RNG_Init(&hrng); - for (i = 0; i < (int)sz; i++) { - /* get value */ - output[i] = (byte)HAL_RNG_GetRandomNumber(&hrng); - } + while (i < sz) { + /* If not aligned or there is odd/remainder */ + if( (i + sizeof(word32)) > sz || + ((wolfssl_word)&output[i] % sizeof(word32)) != 0 + ) { + /* Single byte at a time */ + uint32_t tmpRng = 0; + if (HAL_RNG_GenerateRandomNumber(&hrng, &tmpRng) != HAL_OK) { + return RAN_BLOCK_E; + } + output[i++] = (byte)tmpRng; + } + else { + /* Use native 32 instruction */ + if (HAL_RNG_GenerateRandomNumber(&hrng, (uint32_t*)&output[i]) != HAL_OK) { + return RAN_BLOCK_E; + } + i += sizeof(word32); + } + } - return 0; + return 0; } - #elif defined(WOLFSSL_STM32F427_RNG) + #elif defined(WOLFSSL_STM32F427_RNG) || defined(WOLFSSL_STM32_RNG_NOLIB) /* Generate a RNG seed using the hardware RNG on the STM32F427 * directly, following steps outlined in STM32F4 Reference @@ -2159,11 +2176,13 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) int ret = 0; #ifdef WOLF_CRYPTO_CB - if (os != NULL && os->devId != INVALID_DEVID) { - ret = wc_CryptoCb_RandomSeed(os, output, sz); - if (ret != NOT_COMPILED_IN) - return ret; - } + if (os != NULL && os->devId != INVALID_DEVID) { + ret = wc_CryptoCb_RandomSeed(os, output, sz); + if (ret != NOT_COMPILED_IN) + return ret; + /* fall-through on not compiled in */ + ret = 0; /* reset error code */ + } #endif #ifdef HAVE_INTEL_RDSEED diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c index 753ef8d35..6e8929417 100644 --- a/wolfcrypt/src/sha.c +++ b/wolfcrypt/src/sha.c @@ -42,6 +42,7 @@ #include #include +#include #ifdef WOLF_CRYPTO_CB #include @@ -713,8 +714,30 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst) dst->ctx.isfirstblock = src->ctx.isfirstblock; dst->ctx.sha_type = src->ctx.sha_type; #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + dst->flags |= WC_HASH_FLAG_ISCOPY; +#endif + return ret; } #endif /* !WOLFSSL_TI_HASH */ + +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) +int wc_ShaSetFlags(wc_Sha* sha, word32 flags) +{ + if (sha) { + sha->flags = flags; + } + return 0; +} +int wc_ShaGetFlags(wc_Sha* sha, word32* flags) +{ + if (sha && flags) { + *flags = sha->flags; + } + return 0; +} +#endif + #endif /* !NO_SHA */ diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index d8c278c2e..f44e9a4c1 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -44,6 +44,7 @@ #include #include #include +#include #ifdef WOLF_CRYPTO_CB #include @@ -543,6 +544,7 @@ static int InitSha256(wc_Sha256* sha256) sha256->heap = heap; #ifdef WOLF_CRYPTO_CB sha256->devId = devId; + sha256->devCtx = NULL; #endif ret = InitSha256(sha256); @@ -1296,9 +1298,30 @@ void wc_Sha256Free(wc_Sha256* sha256) #ifdef WOLFSSL_ASYNC_CRYPT ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev); #endif + #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + dst->flags |= WC_HASH_FLAG_ISCOPY; + #endif return ret; } + +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + int wc_Sha224SetFlags(wc_Sha224* sha224, word32 flags) + { + if (sha224) { + sha224->flags = flags; + } + return 0; + } + int wc_Sha224GetFlags(wc_Sha224* sha224, word32* flags) + { + if (sha224 && flags) { + *flags = sha224->flags; + } + return 0; + } +#endif + #endif /* WOLFSSL_SHA224 */ #ifdef WOLFSSL_AFALG_HASH @@ -1362,9 +1385,30 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst) dst->ctx.isfirstblock = src->ctx.isfirstblock; dst->ctx.sha_type = src->ctx.sha_type; #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + dst->flags |= WC_HASH_FLAG_ISCOPY; +#endif return ret; } + +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) +int wc_Sha256SetFlags(wc_Sha256* sha256, word32 flags) +{ + if (sha256) { + sha256->flags = flags; + } + return 0; +} +int wc_Sha256GetFlags(wc_Sha256* sha256, word32* flags) +{ + if (sha256 && flags) { + *flags = sha256->flags; + } + return 0; +} +#endif + #endif #endif /* !WOLFSSL_TI_HASH */ diff --git a/wolfcrypt/src/sha3.c b/wolfcrypt/src/sha3.c index fb4c93a3a..9761a4fa0 100644 --- a/wolfcrypt/src/sha3.c +++ b/wolfcrypt/src/sha3.c @@ -43,6 +43,7 @@ #include #include +#include #ifdef NO_INLINE #include @@ -793,6 +794,9 @@ static int wc_Sha3Copy(wc_Sha3* src, wc_Sha3* dst) #ifdef WOLFSSL_ASYNC_CRYPT ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev); #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + dst->flags |= WC_HASH_FLAG_ISCOPY; +#endif return ret; } @@ -830,7 +834,7 @@ static int wc_Sha3GetHash(wc_Sha3* sha3, byte* hash, byte p, byte len) * devId Device identifier for asynchronous operation. * returns 0 on success. */ -WOLFSSL_API int wc_InitSha3_224(wc_Sha3* sha3, void* heap, int devId) +int wc_InitSha3_224(wc_Sha3* sha3, void* heap, int devId) { return wc_InitSha3(sha3, heap, devId); } @@ -842,7 +846,7 @@ WOLFSSL_API int wc_InitSha3_224(wc_Sha3* sha3, void* heap, int devId) * len Length of the message data. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_224_Update(wc_Sha3* sha3, const byte* data, word32 len) +int wc_Sha3_224_Update(wc_Sha3* sha3, const byte* data, word32 len) { return wc_Sha3Update(sha3, data, len, WC_SHA3_224_COUNT); } @@ -854,7 +858,7 @@ WOLFSSL_API int wc_Sha3_224_Update(wc_Sha3* sha3, const byte* data, word32 len) * hash Buffer to hold the hash result. Must be at least 28 bytes. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_224_Final(wc_Sha3* sha3, byte* hash) +int wc_Sha3_224_Final(wc_Sha3* sha3, byte* hash) { return wc_Sha3Final(sha3, hash, WC_SHA3_224_COUNT, WC_SHA3_224_DIGEST_SIZE); } @@ -865,7 +869,7 @@ WOLFSSL_API int wc_Sha3_224_Final(wc_Sha3* sha3, byte* hash) * sha3 wc_Sha3 object holding state. * returns 0 on success. */ -WOLFSSL_API void wc_Sha3_224_Free(wc_Sha3* sha3) +void wc_Sha3_224_Free(wc_Sha3* sha3) { wc_Sha3Free(sha3); } @@ -878,7 +882,7 @@ WOLFSSL_API void wc_Sha3_224_Free(wc_Sha3* sha3) * hash Buffer to hold the hash result. Must be at least 28 bytes. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_224_GetHash(wc_Sha3* sha3, byte* hash) +int wc_Sha3_224_GetHash(wc_Sha3* sha3, byte* hash) { return wc_Sha3GetHash(sha3, hash, WC_SHA3_224_COUNT, WC_SHA3_224_DIGEST_SIZE); } @@ -889,7 +893,7 @@ WOLFSSL_API int wc_Sha3_224_GetHash(wc_Sha3* sha3, byte* hash) * dst wc_Sha3 object to copy into. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_224_Copy(wc_Sha3* src, wc_Sha3* dst) +int wc_Sha3_224_Copy(wc_Sha3* src, wc_Sha3* dst) { return wc_Sha3Copy(src, dst); } @@ -902,7 +906,7 @@ WOLFSSL_API int wc_Sha3_224_Copy(wc_Sha3* src, wc_Sha3* dst) * devId Device identifier for asynchronous operation. * returns 0 on success. */ -WOLFSSL_API int wc_InitSha3_256(wc_Sha3* sha3, void* heap, int devId) +int wc_InitSha3_256(wc_Sha3* sha3, void* heap, int devId) { return wc_InitSha3(sha3, heap, devId); } @@ -914,7 +918,7 @@ WOLFSSL_API int wc_InitSha3_256(wc_Sha3* sha3, void* heap, int devId) * len Length of the message data. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_256_Update(wc_Sha3* sha3, const byte* data, word32 len) +int wc_Sha3_256_Update(wc_Sha3* sha3, const byte* data, word32 len) { return wc_Sha3Update(sha3, data, len, WC_SHA3_256_COUNT); } @@ -926,7 +930,7 @@ WOLFSSL_API int wc_Sha3_256_Update(wc_Sha3* sha3, const byte* data, word32 len) * hash Buffer to hold the hash result. Must be at least 32 bytes. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_256_Final(wc_Sha3* sha3, byte* hash) +int wc_Sha3_256_Final(wc_Sha3* sha3, byte* hash) { return wc_Sha3Final(sha3, hash, WC_SHA3_256_COUNT, WC_SHA3_256_DIGEST_SIZE); } @@ -937,7 +941,7 @@ WOLFSSL_API int wc_Sha3_256_Final(wc_Sha3* sha3, byte* hash) * sha3 wc_Sha3 object holding state. * returns 0 on success. */ -WOLFSSL_API void wc_Sha3_256_Free(wc_Sha3* sha3) +void wc_Sha3_256_Free(wc_Sha3* sha3) { wc_Sha3Free(sha3); } @@ -950,7 +954,7 @@ WOLFSSL_API void wc_Sha3_256_Free(wc_Sha3* sha3) * hash Buffer to hold the hash result. Must be at least 32 bytes. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_256_GetHash(wc_Sha3* sha3, byte* hash) +int wc_Sha3_256_GetHash(wc_Sha3* sha3, byte* hash) { return wc_Sha3GetHash(sha3, hash, WC_SHA3_256_COUNT, WC_SHA3_256_DIGEST_SIZE); } @@ -961,7 +965,7 @@ WOLFSSL_API int wc_Sha3_256_GetHash(wc_Sha3* sha3, byte* hash) * dst wc_Sha3 object to copy into. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_256_Copy(wc_Sha3* src, wc_Sha3* dst) +int wc_Sha3_256_Copy(wc_Sha3* src, wc_Sha3* dst) { return wc_Sha3Copy(src, dst); } @@ -974,7 +978,7 @@ WOLFSSL_API int wc_Sha3_256_Copy(wc_Sha3* src, wc_Sha3* dst) * devId Device identifier for asynchronous operation. * returns 0 on success. */ -WOLFSSL_API int wc_InitSha3_384(wc_Sha3* sha3, void* heap, int devId) +int wc_InitSha3_384(wc_Sha3* sha3, void* heap, int devId) { return wc_InitSha3(sha3, heap, devId); } @@ -986,7 +990,7 @@ WOLFSSL_API int wc_InitSha3_384(wc_Sha3* sha3, void* heap, int devId) * len Length of the message data. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_384_Update(wc_Sha3* sha3, const byte* data, word32 len) +int wc_Sha3_384_Update(wc_Sha3* sha3, const byte* data, word32 len) { return wc_Sha3Update(sha3, data, len, WC_SHA3_384_COUNT); } @@ -998,7 +1002,7 @@ WOLFSSL_API int wc_Sha3_384_Update(wc_Sha3* sha3, const byte* data, word32 len) * hash Buffer to hold the hash result. Must be at least 48 bytes. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_384_Final(wc_Sha3* sha3, byte* hash) +int wc_Sha3_384_Final(wc_Sha3* sha3, byte* hash) { return wc_Sha3Final(sha3, hash, WC_SHA3_384_COUNT, WC_SHA3_384_DIGEST_SIZE); } @@ -1009,7 +1013,7 @@ WOLFSSL_API int wc_Sha3_384_Final(wc_Sha3* sha3, byte* hash) * sha3 wc_Sha3 object holding state. * returns 0 on success. */ -WOLFSSL_API void wc_Sha3_384_Free(wc_Sha3* sha3) +void wc_Sha3_384_Free(wc_Sha3* sha3) { wc_Sha3Free(sha3); } @@ -1022,7 +1026,7 @@ WOLFSSL_API void wc_Sha3_384_Free(wc_Sha3* sha3) * hash Buffer to hold the hash result. Must be at least 48 bytes. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_384_GetHash(wc_Sha3* sha3, byte* hash) +int wc_Sha3_384_GetHash(wc_Sha3* sha3, byte* hash) { return wc_Sha3GetHash(sha3, hash, WC_SHA3_384_COUNT, WC_SHA3_384_DIGEST_SIZE); } @@ -1033,7 +1037,7 @@ WOLFSSL_API int wc_Sha3_384_GetHash(wc_Sha3* sha3, byte* hash) * dst wc_Sha3 object to copy into. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_384_Copy(wc_Sha3* src, wc_Sha3* dst) +int wc_Sha3_384_Copy(wc_Sha3* src, wc_Sha3* dst) { return wc_Sha3Copy(src, dst); } @@ -1046,7 +1050,7 @@ WOLFSSL_API int wc_Sha3_384_Copy(wc_Sha3* src, wc_Sha3* dst) * devId Device identifier for asynchronous operation. * returns 0 on success. */ -WOLFSSL_API int wc_InitSha3_512(wc_Sha3* sha3, void* heap, int devId) +int wc_InitSha3_512(wc_Sha3* sha3, void* heap, int devId) { return wc_InitSha3(sha3, heap, devId); } @@ -1058,7 +1062,7 @@ WOLFSSL_API int wc_InitSha3_512(wc_Sha3* sha3, void* heap, int devId) * len Length of the message data. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_512_Update(wc_Sha3* sha3, const byte* data, word32 len) +int wc_Sha3_512_Update(wc_Sha3* sha3, const byte* data, word32 len) { return wc_Sha3Update(sha3, data, len, WC_SHA3_512_COUNT); } @@ -1070,7 +1074,7 @@ WOLFSSL_API int wc_Sha3_512_Update(wc_Sha3* sha3, const byte* data, word32 len) * hash Buffer to hold the hash result. Must be at least 64 bytes. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_512_Final(wc_Sha3* sha3, byte* hash) +int wc_Sha3_512_Final(wc_Sha3* sha3, byte* hash) { return wc_Sha3Final(sha3, hash, WC_SHA3_512_COUNT, WC_SHA3_512_DIGEST_SIZE); } @@ -1081,7 +1085,7 @@ WOLFSSL_API int wc_Sha3_512_Final(wc_Sha3* sha3, byte* hash) * sha3 wc_Sha3 object holding state. * returns 0 on success. */ -WOLFSSL_API void wc_Sha3_512_Free(wc_Sha3* sha3) +void wc_Sha3_512_Free(wc_Sha3* sha3) { wc_Sha3Free(sha3); } @@ -1094,7 +1098,7 @@ WOLFSSL_API void wc_Sha3_512_Free(wc_Sha3* sha3) * hash Buffer to hold the hash result. Must be at least 64 bytes. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_512_GetHash(wc_Sha3* sha3, byte* hash) +int wc_Sha3_512_GetHash(wc_Sha3* sha3, byte* hash) { return wc_Sha3GetHash(sha3, hash, WC_SHA3_512_COUNT, WC_SHA3_512_DIGEST_SIZE); } @@ -1105,9 +1109,26 @@ WOLFSSL_API int wc_Sha3_512_GetHash(wc_Sha3* sha3, byte* hash) * dst wc_Sha3 object to copy into. * returns 0 on success. */ -WOLFSSL_API int wc_Sha3_512_Copy(wc_Sha3* src, wc_Sha3* dst) +int wc_Sha3_512_Copy(wc_Sha3* src, wc_Sha3* dst) { return wc_Sha3Copy(src, dst); } +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) +int wc_Sha3_SetFlags(wc_Sha3* sha3, word32 flags) +{ + if (sha3) { + sha3->flags = flags; + } + return 0; +} +int wc_Sha3_GetFlags(wc_Sha3* sha3, word32* flags) +{ + if (sha3 && flags) { + *flags = sha3->flags; + } + return 0; +} +#endif + #endif /* WOLFSSL_SHA3 */ diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index 584a02ae7..202d4de83 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -43,6 +43,7 @@ #include #include #include +#include /* deprecated USE_SLOW_SHA2 (replaced with USE_SLOW_SHA512) */ #if defined(USE_SLOW_SHA2) && !defined(USE_SLOW_SHA512) @@ -1110,9 +1111,30 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst) dst->ctx.isfirstblock = src->ctx.isfirstblock; dst->ctx.sha_type = src->ctx.sha_type; #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + dst->flags |= WC_HASH_FLAG_ISCOPY; +#endif + return ret; } +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) +int wc_Sha512SetFlags(wc_Sha512* sha512, word32 flags) +{ + if (sha512) { + sha512->flags = flags; + } + return 0; +} +int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags) +{ + if (sha512 && flags) { + *flags = sha512->flags; + } + return 0; +} +#endif + #endif /* WOLFSSL_SHA512 */ #ifdef WOLFSSL_SHA384 @@ -1165,9 +1187,30 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst) dst->ctx.isfirstblock = src->ctx.isfirstblock; dst->ctx.sha_type = src->ctx.sha_type; #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + dst->flags |= WC_HASH_FLAG_ISCOPY; +#endif + return ret; } +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) +int wc_Sha384SetFlags(wc_Sha384* sha384, word32 flags) +{ + if (sha384) { + sha384->flags = flags; + } + return 0; +} +int wc_Sha384GetFlags(wc_Sha384* sha384, word32* flags) +{ + if (sha384 && flags) { + *flags = sha384->flags; + } + return 0; +} +#endif + #endif /* WOLFSSL_SHA384 */ #endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 5ad9cb5ff..21b032f86 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -22884,6 +22884,10 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) if (info == NULL) return BAD_FUNC_ARG; +#ifdef DEBUG_WOLFSSL + printf("CryptoDevCb: Algo Type %d\n", info->algo_type); +#endif + if (info->algo_type == WC_ALGO_TYPE_RNG) { #ifndef WC_NO_RNG /* set devId to invalid, so software is used */ @@ -23087,6 +23091,9 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) else if (info->algo_type == WC_ALGO_TYPE_HASH) { #if !defined(NO_SHA) if (info->hash.type == WC_HASH_TYPE_SHA) { + if (info->hash.sha1 == NULL) + return NOT_COMPILED_IN; + /* set devId to invalid, so software is used */ info->hash.sha1->devId = INVALID_DEVID; @@ -23096,7 +23103,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) info->hash.in, info->hash.inSz); } - else if (info->hash.digest != NULL) { + if (info->hash.digest != NULL) { ret = wc_ShaFinal( info->hash.sha1, info->hash.digest); @@ -23109,6 +23116,9 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) #endif #if !defined(NO_SHA256) if (info->hash.type == WC_HASH_TYPE_SHA256) { + if (info->hash.sha256 == NULL) + return NOT_COMPILED_IN; + /* set devId to invalid, so software is used */ info->hash.sha256->devId = INVALID_DEVID; @@ -23118,7 +23128,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) info->hash.in, info->hash.inSz); } - else if (info->hash.digest != NULL) { + if (info->hash.digest != NULL) { ret = wc_Sha256Final( info->hash.sha256, info->hash.digest); @@ -23130,6 +23140,30 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) #endif } #endif /* !NO_SHA || !NO_SHA256 */ +#ifndef NO_HMAC + else if (info->algo_type == WC_ALGO_TYPE_HMAC) { + if (info->hmac.hmac == NULL) + return NOT_COMPILED_IN; + + /* set devId to invalid, so software is used */ + info->hmac.hmac->devId = INVALID_DEVID; + + if (info->hash.in != NULL) { + ret = wc_HmacUpdate( + info->hmac.hmac, + info->hmac.in, + info->hmac.inSz); + } + else if (info->hash.digest != NULL) { + ret = wc_HmacFinal( + info->hmac.hmac, + info->hmac.digest); + } + + /* reset devId */ + info->hmac.hmac->devId = devIdArg; + } +#endif (void)devIdArg; (void)myCtx; @@ -23168,7 +23202,7 @@ int cryptocb_test(void) #endif #ifdef HAVE_AES_CBC if (ret == 0) - ret = aes_cbc_test(); + ret = aes_test(); #endif #endif /* !NO_AES */ #if !defined(NO_SHA) || !defined(NO_SHA256) @@ -23181,6 +23215,16 @@ int cryptocb_test(void) ret = sha256_test(); #endif #endif +#ifndef NO_HMAC + #ifndef NO_SHA + if (ret == 0) + ret = hmac_sha_test(); + #endif + #ifndef NO_SHA256 + if (ret == 0) + ret = hmac_sha256_test(); + #endif +#endif /* reset devId */ devId = INVALID_DEVID; diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index 18d37bd9c..37f0a1f51 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -152,7 +152,7 @@ typedef struct Aes { #endif /* WOLFSSL_AESNI */ #ifdef WOLF_CRYPTO_CB int devId; - word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */ + void* devCtx; #endif #ifdef HAVE_PKCS11 byte id[AES_MAX_ID_LEN]; @@ -182,9 +182,12 @@ typedef struct Aes { GCM_NONCE_MID_SZ)]; #endif #endif +#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \ + (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) + word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */ +#endif #if defined(WOLFSSL_DEVCRYPTO) && \ (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)) - word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */ WC_CRYPTODEV ctx; #endif void* heap; /* memory hint to use */ diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 34b14721a..ee5b7cc15 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -915,19 +915,7 @@ struct TrustedPeerCert { #define WOLFSSL_ASN_API WOLFSSL_LOCAL #endif -/* Macro for calculating hashId */ -#if defined(NO_SHA) && defined(NO_SHA256) - #ifdef WOLF_CRYPTO_CB - #define CalcHashId(data, len, hash) wc_CryptoDevSha256Hash(data, len, hash) - #else - #define CalcHashId(data, len, hash) NOT_COMPILED_IN - #endif -#elif defined(NO_SHA) - #define CalcHashId(data, len, hash) wc_Sha256Hash(data, len, hash) -#else - #define CalcHashId(data, len, hash) wc_ShaHash(data, len, hash) -#endif - +WOLFSSL_LOCAL int CalcHashId(const byte* data, word32 len, byte* hash); WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der, word32* derSz); diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h index 79cf5b35b..3a4d2df88 100644 --- a/wolfssl/wolfcrypt/cryptocb.h +++ b/wolfssl/wolfcrypt/cryptocb.h @@ -44,6 +44,9 @@ #ifndef NO_SHA256 #include #endif +#ifndef NO_HMAC + #include +#endif #ifndef WC_NO_RNG #include #endif @@ -51,6 +54,7 @@ /* Crypto Information Structure for callbacks */ typedef struct wc_CryptoInfo { int algo_type; /* enum wc_AlgoType */ +#if !defined(NO_RSA) || defined(HAVE_ECC) struct { int type; /* enum wc_PkType */ union { @@ -105,6 +109,7 @@ typedef struct wc_CryptoInfo { #endif }; } pk; +#endif /* !NO_RSA || HAVE_ECC */ #ifndef NO_AES struct { int type; /* enum wc_CipherType */ @@ -146,7 +151,7 @@ typedef struct wc_CryptoInfo { #endif /* HAVE_AES_CBC */ }; } cipher; -#endif +#endif /* !NO_AES */ #if !defined(NO_SHA) || !defined(NO_SHA256) struct { int type; /* enum wc_HashType */ @@ -163,6 +168,15 @@ typedef struct wc_CryptoInfo { }; } hash; #endif /* !NO_SHA || !NO_SHA256 */ +#ifndef NO_HMAC + struct { + int macType; /* enum wc_HashType */ + const byte* in; + word32 inSz; + byte* digest; + Hmac* hmac; + } hmac; +#endif #ifndef WC_NO_RNG struct { WC_RNG* rng; @@ -242,6 +256,10 @@ WOLFSSL_LOCAL int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in, WOLFSSL_LOCAL int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in, word32 inSz, byte* digest); #endif /* !NO_SHA256 */ +#ifndef NO_HMAC +WOLFSSL_LOCAL int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in, + word32 inSz, byte* digest); +#endif /* !NO_HMAC */ #ifndef WC_NO_RNG WOLFSSL_LOCAL int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz); diff --git a/wolfssl/wolfcrypt/hash.h b/wolfssl/wolfcrypt/hash.h index 95be9f773..300e9e774 100644 --- a/wolfssl/wolfcrypt/hash.h +++ b/wolfssl/wolfcrypt/hash.h @@ -76,6 +76,12 @@ enum wc_MACAlgorithm { blake2b_mac }; +enum wc_HashFlags { + WC_HASH_FLAG_NONE = 0x00000000, + WC_HASH_FLAG_WILLCOPY = 0x00000001, /* flag to indicate hash will be copied */ + WC_HASH_FLAG_ISCOPY = 0x00000002, /* hash is copy */ +}; + typedef union { #ifndef NO_MD5 @@ -150,6 +156,13 @@ WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out); WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type); +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + WOLFSSL_LOCAL int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, + word32 flags); + WOLFSSL_LOCAL int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, + word32* flags); +#endif + #ifndef NO_MD5 #include WOLFSSL_API int wc_Md5Hash(const byte* data, word32 len, byte* hash); diff --git a/wolfssl/wolfcrypt/hmac.h b/wolfssl/wolfcrypt/hmac.h index 8a725397c..bc81ca980 100644 --- a/wolfssl/wolfcrypt/hmac.h +++ b/wolfssl/wolfcrypt/hmac.h @@ -142,11 +142,17 @@ typedef struct Hmac { void* heap; /* heap hint */ byte macType; /* md5 sha or sha256 */ byte innerHashKeyed; /* keyed flag */ - #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; - word16 keyLen; /* hmac key length (key in ipad) */ #endif /* WOLFSSL_ASYNC_CRYPT */ +#ifdef WOLF_CRYPTO_CB + int devId; + void* devCtx; + const byte* keyRaw; +#endif +#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB) + word16 keyLen; /* hmac key length (key in ipad) */ +#endif } Hmac; #endif /* HAVE_FIPS */ diff --git a/wolfssl/wolfcrypt/md5.h b/wolfssl/wolfcrypt/md5.h index e8d4dff23..cdedbb6a4 100644 --- a/wolfssl/wolfcrypt/md5.h +++ b/wolfssl/wolfcrypt/md5.h @@ -97,6 +97,9 @@ typedef struct wc_Md5 { #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif /* WOLFSSL_ASYNC_CRYPT */ +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + word32 flags; /* enum wc_HashFlags in hash.h */ +#endif } wc_Md5; #endif /* WOLFSSL_TI_HASH */ @@ -114,6 +117,11 @@ WOLFSSL_API int wc_Md5Copy(wc_Md5*, wc_Md5*); WOLFSSL_API void wc_Md5SizeSet(wc_Md5* md5, word32 len); #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + WOLFSSL_LOCAL int wc_Md5SetFlags(wc_Md5* md5, word32 flags); + WOLFSSL_LOCAL int wc_Md5GetFlags(wc_Md5* md5, word32* flags); +#endif + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/wolfcrypt/sha.h b/wolfssl/wolfcrypt/sha.h index 2432a62e3..cda3cc1d0 100644 --- a/wolfssl/wolfcrypt/sha.h +++ b/wolfssl/wolfcrypt/sha.h @@ -132,6 +132,9 @@ typedef struct wc_Sha { !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) WC_ESP32SHA ctx; #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + word32 flags; /* enum wc_HashFlags in hash.h */ +#endif } wc_Sha; #endif /* WOLFSSL_TI_HASH */ @@ -153,6 +156,11 @@ WOLFSSL_API int wc_ShaCopy(wc_Sha*, wc_Sha*); WOLFSSL_API void wc_ShaSizeSet(wc_Sha* sha, word32 len); #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + WOLFSSL_LOCAL int wc_ShaSetFlags(wc_Sha* sha, word32 flags); + WOLFSSL_LOCAL int wc_ShaGetFlags(wc_Sha* sha, word32* flags); +#endif + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/wolfcrypt/sha256.h b/wolfssl/wolfcrypt/sha256.h index 0a39d3293..18023067e 100644 --- a/wolfssl/wolfcrypt/sha256.h +++ b/wolfssl/wolfcrypt/sha256.h @@ -159,6 +159,9 @@ typedef struct wc_Sha256 { void* devCtx; /* generic crypto callback context */ #endif #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + word32 flags; /* enum wc_HashFlags in hash.h */ +#endif } wc_Sha256; #endif @@ -179,6 +182,11 @@ WOLFSSL_API int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst); WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32); #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + WOLFSSL_LOCAL int wc_Sha256SetFlags(wc_Sha256* sha256, word32 flags); + WOLFSSL_LOCAL int wc_Sha256GetFlags(wc_Sha256* sha256, word32* flags); +#endif + #ifdef WOLFSSL_SHA224 /* avoid redefinition of structs */ #if !defined(HAVE_FIPS) || \ @@ -213,6 +221,11 @@ WOLFSSL_API void wc_Sha224Free(wc_Sha224*); WOLFSSL_API int wc_Sha224GetHash(wc_Sha224*, byte*); WOLFSSL_API int wc_Sha224Copy(wc_Sha224* src, wc_Sha224* dst); +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + WOLFSSL_LOCAL int wc_Sha224SetFlags(wc_Sha224* sha224, word32 flags); + WOLFSSL_LOCAL int wc_Sha224GetFlags(wc_Sha224* sha224, word32* flags); +#endif + #endif /* WOLFSSL_SHA224 */ #ifdef __cplusplus diff --git a/wolfssl/wolfcrypt/sha3.h b/wolfssl/wolfcrypt/sha3.h index 736e3ccaf..b10559830 100644 --- a/wolfssl/wolfcrypt/sha3.h +++ b/wolfssl/wolfcrypt/sha3.h @@ -101,6 +101,9 @@ typedef struct Sha3 { #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif /* WOLFSSL_ASYNC_CRYPT */ +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + word32 flags; /* enum wc_HashFlags in hash.h */ +#endif } wc_Sha3; #endif @@ -133,6 +136,11 @@ WOLFSSL_API void wc_Sha3_512_Free(wc_Sha3*); WOLFSSL_API int wc_Sha3_512_GetHash(wc_Sha3*, byte*); WOLFSSL_API int wc_Sha3_512_Copy(wc_Sha3* src, wc_Sha3* dst); +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + WOLFSSL_LOCAL int wc_Sha3_SetFlags(wc_Sha3* sha3, word32 flags); + WOLFSSL_LOCAL int wc_Sha3_GetFlags(wc_Sha3* sha3, word32* flags); +#endif + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/wolfcrypt/sha512.h b/wolfssl/wolfcrypt/sha512.h index c917437a6..90e89ad23 100644 --- a/wolfssl/wolfcrypt/sha512.h +++ b/wolfssl/wolfcrypt/sha512.h @@ -133,6 +133,9 @@ typedef struct wc_Sha512 { !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) WC_ESP32SHA ctx; #endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + word32 flags; /* enum wc_HashFlags in hash.h */ +#endif } wc_Sha512; #endif @@ -150,6 +153,11 @@ WOLFSSL_API void wc_Sha512Free(wc_Sha512*); WOLFSSL_API int wc_Sha512GetHash(wc_Sha512*, byte*); WOLFSSL_API int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst); +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + WOLFSSL_LOCAL int wc_Sha512SetFlags(wc_Sha512* sha512, word32 flags); + WOLFSSL_LOCAL int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags); +#endif + #endif /* WOLFSSL_SHA512 */ #if defined(WOLFSSL_SHA384) @@ -191,6 +199,11 @@ WOLFSSL_API void wc_Sha384Free(wc_Sha384*); WOLFSSL_API int wc_Sha384GetHash(wc_Sha384*, byte*); WOLFSSL_API int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst); +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + WOLFSSL_LOCAL int wc_Sha384SetFlags(wc_Sha384* sha384, word32 flags); + WOLFSSL_LOCAL int wc_Sha384GetFlags(wc_Sha384* sha384, word32* flags); +#endif + #endif /* WOLFSSL_SHA384 */ #ifdef __cplusplus diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 8fef951c7..59a4a4cf0 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -544,8 +544,9 @@ WC_ALGO_TYPE_PK = 3, WC_ALGO_TYPE_RNG = 4, WC_ALGO_TYPE_SEED = 5, + WC_ALGO_TYPE_HMAC = 6, - WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_SEED + WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_HMAC }; /* hash types */ diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h old mode 100755 new mode 100644