diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index f79f7c86f..07cc21415 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -2340,11 +2340,13 @@ exit: void bench_aesgcm(int doAsync) { -#if defined(WOLFSSL_AES_128) && !defined(WOLFSSL_AFALG_XILINX_AES) +#if defined(WOLFSSL_AES_128) && !defined(WOLFSSL_AFALG_XILINX_AES) \ + && !defined(WOLFSSL_XILINX_CRYPT) bench_aesgcm_internal(doAsync, bench_key, 16, bench_iv, 12, "AES-128-GCM-enc", "AES-128-GCM-dec"); #endif -#if defined(WOLFSSL_AES_192) && !defined(WOLFSSL_AFALG_XILINX_AES) +#if defined(WOLFSSL_AES_192) && !defined(WOLFSSL_AFALG_XILINX_AES) \ + && !defined(WOLFSSL_XILINX_CRYPT) bench_aesgcm_internal(doAsync, bench_key, 24, bench_iv, 12, "AES-192-GCM-enc", "AES-192-GCM-dec"); #endif diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index c625c6921..db91ec539 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -380,7 +380,7 @@ int wc_InitRsaHw(RsaKey* key) mSz = mp_unsigned_bin_size(&(key->n)); m = (unsigned char*)XMALLOC(mSz, key->heap, DYNAMIC_TYPE_KEY); - if (m == 0) { + if (m == NULL) { return MEMORY_E; } @@ -1718,54 +1718,6 @@ int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out, return ret; } -#if defined(WOLFSSL_XILINX_CRYPT) -/* - * Xilinx hardened crypto acceleration. - * - * Returns 0 on success and negative values on error. - */ -static int wc_RsaFunctionXil(const byte* in, word32 inLen, byte* out, - word32* outLen, int type, RsaKey* key, WC_RNG* rng) -{ - int ret = 0; - word32 keyLen; - (void)rng; - - keyLen = wc_RsaEncryptSize(key); - if (keyLen > *outLen) { - WOLFSSL_MSG("Output buffer is not big enough"); - return BAD_FUNC_ARG; - } - - if (inLen != keyLen) { - WOLFSSL_MSG("Expected that inLen equals RSA key length"); - return BAD_FUNC_ARG; - } - - switch(type) { - case RSA_PRIVATE_DECRYPT: - case RSA_PRIVATE_ENCRYPT: - /* Currently public exponent is loaded by default. - * In SDK 2017.1 RSA exponent values are expected to be of 4 bytes - * leading to private key operations with Xsecure_RsaDecrypt not being - * supported */ - ret = RSA_WRONG_TYPE_E; - break; - case RSA_PUBLIC_ENCRYPT: - case RSA_PUBLIC_DECRYPT: - if (XSecure_RsaDecrypt(&(key->xRsa), in, out) != XST_SUCCESS) { - ret = BAD_STATE_E; - } - break; - default: - ret = RSA_WRONG_TYPE_E; - } - - *outLen = keyLen; - - return ret; -} -#endif /* WOLFSSL_XILINX_CRYPT */ #ifdef WC_RSA_NONBLOCK static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out, @@ -1845,7 +1797,87 @@ static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out, } #endif /* WC_RSA_NONBLOCK */ -#ifdef WOLFSSL_AFALG_XILINX_RSA +#ifdef WOLFSSL_XILINX_CRYPT +/* + * Xilinx hardened crypto acceleration. + * + * Returns 0 on success and negative values on error. + */ +static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out, + word32* outLen, int type, RsaKey* key, WC_RNG* rng) +{ + int ret = 0; + word32 keyLen; + (void)rng; + + keyLen = wc_RsaEncryptSize(key); + if (keyLen > *outLen) { + WOLFSSL_MSG("Output buffer is not big enough"); + return BAD_FUNC_ARG; + } + + if (inLen != keyLen) { + WOLFSSL_MSG("Expected that inLen equals RSA key length"); + return BAD_FUNC_ARG; + } + + switch(type) { + case RSA_PRIVATE_DECRYPT: + case RSA_PRIVATE_ENCRYPT: + #ifdef WOLFSSL_XILINX_CRYPTO_OLD + /* Currently public exponent is loaded by default. + * In SDK 2017.1 RSA exponent values are expected to be of 4 bytes + * leading to private key operations with Xsecure_RsaDecrypt not being + * supported */ + ret = RSA_WRONG_TYPE_E; + #else + { + byte *d; + int dSz; + XSecure_Rsa rsa; + + dSz = mp_unsigned_bin_size(&key->d); + d = (byte*)XMALLOC(dSz, key->heap, DYNAMIC_TYPE_PRIVATE_KEY); + if (d == NULL) { + ret = MEMORY_E; + } + else { + ret = mp_to_unsigned_bin(&key->d, d); + XSecure_RsaInitialize(&rsa, key->mod, NULL, d); + } + + if (ret == 0) { + if (XSecure_RsaPrivateDecrypt(&rsa, (u8*)in, inLen, out) != XST_SUCCESS) { + ret = BAD_STATE_E; + } + } + } + #endif + break; + case RSA_PUBLIC_ENCRYPT: + case RSA_PUBLIC_DECRYPT: +#ifdef WOLFSSL_XILINX_CRYPTO_OLD + if (XSecure_RsaDecrypt(&(key->xRsa), in, out) != XST_SUCCESS) { + ret = BAD_STATE_E; + } +#else + /* starting at Xilinx release 2019 the function XSecure_RsaDecrypt was removed */ + if (XSecure_RsaPublicEncrypt(&(key->xRsa), (u8*)in, inLen, out) != XST_SUCCESS) { + WOLFSSL_MSG("Error happened when calling hardware RSA public operation"); + ret = BAD_STATE_E; + } +#endif + break; + default: + ret = RSA_WRONG_TYPE_E; + } + + *outLen = keyLen; + + return ret; +} + +#elif defined(WOLFSSL_AFALG_XILINX_RSA) #ifndef ERROR_OUT #define ERROR_OUT(x) ret = (x); goto done #endif @@ -2265,12 +2297,8 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out, #endif case RSA_PUBLIC_ENCRYPT: case RSA_PUBLIC_DECRYPT: - #ifdef WOLFSSL_XILINX_CRYPT - ret = wc_RsaFunctionXil(in, inLen, out, outLen, type, key, rng); - #else if (mp_exptmod_nct(tmp, &key->e, &key->n, tmp) != MP_OKAY) ret = MP_EXPTMOD_E; - #endif break; default: ret = RSA_WRONG_TYPE_E; @@ -2283,11 +2311,14 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out, if (keyLen > *outLen) ret = RSA_BUFFER_E; } + +#ifndef WOLFSSL_XILINX_CRYPT if (ret == 0) { *outLen = keyLen; if (mp_to_unsigned_bin_len(tmp, out, keyLen) != MP_OKAY) ret = MP_TO_E; } +#endif #else (void)type; (void)key; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index afdf191db..d581c5fa1 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -7513,10 +7513,10 @@ static int aes_cbc_test(void) int aes_test(void) { -#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) +#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT) Aes enc; byte cipher[AES_BLOCK_SIZE * 4]; -#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) +#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT) Aes dec; byte plain [AES_BLOCK_SIZE * 4]; #endif