wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

updated RSA calls to Xilsecure

Browse Source
This commit is contained in:
JacobBarthelmeh
2020-05-19 16:41:51 -07:00
committed by Jacob Barthelmeh
parent 99ebae9f7c
commit 6a7a8fa5b7
3 changed files with 91 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
wolfcrypt/benchmark/benchmark.c
View File

@ -2340,11 +2340,13 @@ exit:
void bench_aesgcm(int doAsync) void bench_aesgcm(int doAsync)
{ {
#if defined(WOLFSSL_AES_128) && !defined(WOLFSSL_AFALG_XILINX_AES) #if defined(WOLFSSL_AES_128) && !defined(WOLFSSL_AFALG_XILINX_AES) \
&& !defined(WOLFSSL_XILINX_CRYPT)
bench_aesgcm_internal(doAsync, bench_key, 16, bench_iv, 12, bench_aesgcm_internal(doAsync, bench_key, 16, bench_iv, 12,
"AES-128-GCM-enc", "AES-128-GCM-dec"); "AES-128-GCM-enc", "AES-128-GCM-dec");
#endif #endif
#if defined(WOLFSSL_AES_192) && !defined(WOLFSSL_AFALG_XILINX_AES) #if defined(WOLFSSL_AES_192) && !defined(WOLFSSL_AFALG_XILINX_AES) \
&& !defined(WOLFSSL_XILINX_CRYPT)
bench_aesgcm_internal(doAsync, bench_key, 24, bench_iv, 12, bench_aesgcm_internal(doAsync, bench_key, 24, bench_iv, 12,
"AES-192-GCM-enc", "AES-192-GCM-dec"); "AES-192-GCM-enc", "AES-192-GCM-dec");
#endif #endif

139
wolfcrypt/src/rsa.c
View File

@ -380,7 +380,7 @@ int wc_InitRsaHw(RsaKey* key)
mSz = mp_unsigned_bin_size(&(key->n)); mSz = mp_unsigned_bin_size(&(key->n));
m = (unsigned char*)XMALLOC(mSz, key->heap, DYNAMIC_TYPE_KEY); m = (unsigned char*)XMALLOC(mSz, key->heap, DYNAMIC_TYPE_KEY);
if (m == 0) { if (m == NULL) {
return MEMORY_E; return MEMORY_E;
} }
@ -1718,54 +1718,6 @@ int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out,
return ret; return ret;
} }
#if defined(WOLFSSL_XILINX_CRYPT)
/*
* Xilinx hardened crypto acceleration.
*
* Returns 0 on success and negative values on error.
*/
static int wc_RsaFunctionXil(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng)
{
int ret = 0;
word32 keyLen;
(void)rng;
keyLen = wc_RsaEncryptSize(key);
if (keyLen > *outLen) {
WOLFSSL_MSG("Output buffer is not big enough");
return BAD_FUNC_ARG;
}
if (inLen != keyLen) {
WOLFSSL_MSG("Expected that inLen equals RSA key length");
return BAD_FUNC_ARG;
}
switch(type) {
case RSA_PRIVATE_DECRYPT:
case RSA_PRIVATE_ENCRYPT:
/* Currently public exponent is loaded by default.
* In SDK 2017.1 RSA exponent values are expected to be of 4 bytes
* leading to private key operations with Xsecure_RsaDecrypt not being
* supported */
ret = RSA_WRONG_TYPE_E;
break;
case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT:
if (XSecure_RsaDecrypt(&(key->xRsa), in, out) != XST_SUCCESS) {
ret = BAD_STATE_E;
}
break;
default:
ret = RSA_WRONG_TYPE_E;
}
*outLen = keyLen;
return ret;
}
#endif /* WOLFSSL_XILINX_CRYPT */
#ifdef WC_RSA_NONBLOCK #ifdef WC_RSA_NONBLOCK
static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out, static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out,
@ -1845,7 +1797,87 @@ static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out,
} }
#endif /* WC_RSA_NONBLOCK */ #endif /* WC_RSA_NONBLOCK */
#ifdef WOLFSSL_AFALG_XILINX_RSA #ifdef WOLFSSL_XILINX_CRYPT
/*
* Xilinx hardened crypto acceleration.
*
* Returns 0 on success and negative values on error.
*/
static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng)
{
int ret = 0;
word32 keyLen;
(void)rng;
keyLen = wc_RsaEncryptSize(key);
if (keyLen > *outLen) {
WOLFSSL_MSG("Output buffer is not big enough");
return BAD_FUNC_ARG;
}
if (inLen != keyLen) {
WOLFSSL_MSG("Expected that inLen equals RSA key length");
return BAD_FUNC_ARG;
}
switch(type) {
case RSA_PRIVATE_DECRYPT:
case RSA_PRIVATE_ENCRYPT:
#ifdef WOLFSSL_XILINX_CRYPTO_OLD
/* Currently public exponent is loaded by default.
* In SDK 2017.1 RSA exponent values are expected to be of 4 bytes
* leading to private key operations with Xsecure_RsaDecrypt not being
* supported */
ret = RSA_WRONG_TYPE_E;
#else
{
byte *d;
int dSz;
XSecure_Rsa rsa;
dSz = mp_unsigned_bin_size(&key->d);
d = (byte*)XMALLOC(dSz, key->heap, DYNAMIC_TYPE_PRIVATE_KEY);
if (d == NULL) {
ret = MEMORY_E;
}
else {
ret = mp_to_unsigned_bin(&key->d, d);
XSecure_RsaInitialize(&rsa, key->mod, NULL, d);
}
if (ret == 0) {
if (XSecure_RsaPrivateDecrypt(&rsa, (u8*)in, inLen, out) != XST_SUCCESS) {
ret = BAD_STATE_E;
}
}
}
#endif
break;
case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT:
#ifdef WOLFSSL_XILINX_CRYPTO_OLD
if (XSecure_RsaDecrypt(&(key->xRsa), in, out) != XST_SUCCESS) {
ret = BAD_STATE_E;
}
#else
/* starting at Xilinx release 2019 the function XSecure_RsaDecrypt was removed */
if (XSecure_RsaPublicEncrypt(&(key->xRsa), (u8*)in, inLen, out) != XST_SUCCESS) {
WOLFSSL_MSG("Error happened when calling hardware RSA public operation");
ret = BAD_STATE_E;
}
#endif
break;
default:
ret = RSA_WRONG_TYPE_E;
}
*outLen = keyLen;
return ret;
}
#elif defined(WOLFSSL_AFALG_XILINX_RSA)
#ifndef ERROR_OUT #ifndef ERROR_OUT
#define ERROR_OUT(x) ret = (x); goto done #define ERROR_OUT(x) ret = (x); goto done
#endif #endif
@ -2265,12 +2297,8 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
#endif #endif
case RSA_PUBLIC_ENCRYPT: case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT: case RSA_PUBLIC_DECRYPT:
#ifdef WOLFSSL_XILINX_CRYPT
ret = wc_RsaFunctionXil(in, inLen, out, outLen, type, key, rng);
#else
if (mp_exptmod_nct(tmp, &key->e, &key->n, tmp) != MP_OKAY) if (mp_exptmod_nct(tmp, &key->e, &key->n, tmp) != MP_OKAY)
ret = MP_EXPTMOD_E; ret = MP_EXPTMOD_E;
#endif
break; break;
default: default:
ret = RSA_WRONG_TYPE_E; ret = RSA_WRONG_TYPE_E;
@ -2283,11 +2311,14 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
if (keyLen > *outLen) if (keyLen > *outLen)
ret = RSA_BUFFER_E; ret = RSA_BUFFER_E;
} }
#ifndef WOLFSSL_XILINX_CRYPT
if (ret == 0) { if (ret == 0) {
*outLen = keyLen; *outLen = keyLen;
if (mp_to_unsigned_bin_len(tmp, out, keyLen) != MP_OKAY) if (mp_to_unsigned_bin_len(tmp, out, keyLen) != MP_OKAY)
ret = MP_TO_E; ret = MP_TO_E;
} }
#endif
#else #else
(void)type; (void)type;
(void)key; (void)key;

4
wolfcrypt/test/test.c
View File

@ -7513,10 +7513,10 @@ static int aes_cbc_test(void)
int aes_test(void) int aes_test(void)
{ {
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
Aes enc; Aes enc;
byte cipher[AES_BLOCK_SIZE * 4]; byte cipher[AES_BLOCK_SIZE * 4];
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) #if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
Aes dec; Aes dec;
byte plain [AES_BLOCK_SIZE * 4]; byte plain [AES_BLOCK_SIZE * 4];
#endif #endif