wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Support for Intel QuickAssist ECC KeyGen acceleration.

Browse Source
This commit is contained in:
David Garske
2022-03-29 16:36:14 -07:00
parent 0989a14395
commit c905c613e9
6 changed files with 214 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
examples/client/client.c
View File

@ -24,11 +24,11 @@
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#include <config.h>
#endif
#ifndef WOLFSSL_USER_SETTINGS
#include <wolfssl/options.h>
#include <wolfssl/options.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
@ -42,10 +42,10 @@ static const char *wolfsentry_config_path = NULL;
#endif /* WOLFSSL_WOLFSENTRY_HOOKS */
#if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
#include <stdio.h>
#include <string.h>
#include "rl_fs.h"
#include "rl_net.h"
#include <stdio.h>
#include <string.h>
#include "rl_fs.h"
#include "rl_net.h"
#endif
#include <wolfssl/test.h>

10
src/ssl.c
View File

@ -39208,6 +39208,8 @@ int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key)
#else
WC_RNG tmpRNG[1];
#endif
int ret;
ecc_key* ecKey;
WOLFSSL_ENTER("wolfSSL_EC_KEY_generate_key");
@ -39250,9 +39252,15 @@ int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key)
/* NIDToEccEnum returns -1 for invalid NID so if key->group->curve_nid
* is 0 then pass ECC_CURVE_DEF as arg */
ecKey = (ecc_key*)key->internal;
eccEnum = key->group->curve_nid ?
NIDToEccEnum(key->group->curve_nid) : ECC_CURVE_DEF;
if (wc_ecc_make_key_ex(rng, 0, (ecc_key*)key->internal, eccEnum) != MP_OKAY) {
ret = wc_ecc_make_key_ex(rng, 0, ecKey, eccEnum);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &ecKey->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
WOLFSSL_MSG("wolfSSL_EC_KEY_generate_key wc_ecc_make_key failed");
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG);

122
tests/api.c
View File

@ -23933,6 +23933,9 @@ static int test_wc_ecc_make_key (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
/* Pass in bad args. */
if (ret == 0) {
@ -24016,6 +24019,9 @@ static int test_wc_ecc_check_key (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
@ -24114,6 +24120,9 @@ static int test_wc_ecc_size (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
@ -24198,6 +24207,9 @@ static int test_wc_ecc_signVerify_hash (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
@ -24353,9 +24365,15 @@ static int test_wc_ecc_shared_secret (void)
#else
if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &pubKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &pubKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
#endif
@ -24445,6 +24463,9 @@ static int test_wc_ecc_export_x963 (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY20, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
printf(testingFmt, "wc_ecc_export_x963()");
@ -24516,6 +24537,9 @@ static int test_wc_ecc_export_x963_ex (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY64, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
@ -24622,6 +24646,9 @@ static int test_wc_ecc_import_x963 (void)
}
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY24, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
if (ret == 0) {
PRIVATE_KEY_UNLOCK();
@ -24699,6 +24726,9 @@ static int ecc_import_private_key (void)
}
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY48, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
if (ret == 0) {
PRIVATE_KEY_UNLOCK();
@ -24772,6 +24802,9 @@ static int test_wc_ecc_export_private_only (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY32, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
printf(testingFmt, "wc_ecc_export_private_only()");
@ -25070,6 +25103,9 @@ static int test_wc_ecc_sig_size (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
@ -25353,12 +25389,18 @@ static int test_wc_ecc_encryptDecrypt (void)
ret = wc_ecc_init(&cliKey);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &cliKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &cliKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
if (ret == 0) {
ret = wc_ecc_init(&srvKey);
}
if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &srvKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &srvKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
if (ret == 0) {
ret = wc_ecc_init(&tmpKey);
@ -25528,6 +25570,9 @@ static int test_wc_ecc_pointFns (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
@ -25728,6 +25773,9 @@ static int test_wc_ecc_shared_secret_ssh (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
if (wc_FreeRng(&rng) && ret == 0) {
ret = WOLFSSL_FATAL_ERROR;
@ -25740,6 +25788,9 @@ static int test_wc_ecc_shared_secret_ssh (void)
}
if (ret == 0) {
ret = wc_ecc_make_key(&rng, key2Sz, &key2);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key2.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
@ -25834,6 +25885,9 @@ static int test_wc_ecc_verify_hash_ex (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
if (ret == 0) {
@ -25953,6 +26007,9 @@ static int test_wc_ecc_mulmod (void)
}
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY32, &key1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key1.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
wc_FreeRng(&rng);
}
@ -26031,6 +26088,9 @@ static int test_wc_ecc_is_valid_idx (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, 32, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
}
@ -26124,6 +26184,9 @@ static int test_wc_ecc_sig_size_calc (void)
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, 16, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
sz = key.dp->size;
}
@ -26210,6 +26273,9 @@ static int test_wc_EccPrivateKeyToDer (void)
ret = wc_ecc_init(&eccKey);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
inLen = (word32)sizeof(output);
/* Bad Cases */
@ -26666,6 +26732,9 @@ static int test_wc_SetSubjectKeyIdFromPublicKey_ex (void)
ret = wc_ecc_init(&eccKey);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
if (ret == 0) {
ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey);
@ -26755,6 +26824,9 @@ static int test_wc_SetAuthKeyIdFromPublicKey_ex (void)
ret = wc_ecc_init(&eccKey);
if (ret == 0) {
ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
}
if (ret == 0) {
ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey);
@ -38935,11 +39007,11 @@ static void test_wolfSSL_BIO_connect(void)
}
static void test_wolfSSL_BIO_Qt_usecase(void)
static void test_wolfSSL_BIO_tls(void)
{
#if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT)
printf(testingFmt, "test_wolfSSL_BIO_Qt_usecase()");
printf(testingFmt, "test_wolfSSL_BIO_tls()");
SSL_CTX* ctx;
SSL *ssl;
@ -38958,8 +39030,18 @@ static void test_wolfSSL_BIO_Qt_usecase(void)
* then writes the read data into read-bio.
*/
SSL_set_bio(ssl, readBio, writeBio);
AssertIntEQ(ret = SSL_connect(ssl), WOLFSSL_FATAL_ERROR);
err = SSL_get_error(ssl, ret);
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = SSL_connect(ssl);
err = SSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
AssertIntEQ(ret, WOLFSSL_FATAL_ERROR);
/* in this use case, should return WANT READ
* so that Qt will read the data from plain packet for next state.
*/
@ -47875,16 +47957,34 @@ static int test_tls13_apis(void)
#ifdef HAVE_ECC
AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1),
WOLFSSL_SUCCESS);
do {
ret = wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(serverSsl, WOLF_POLL_FLAG_CHECK_HW);
#endif
} while (ret == WC_PENDING_E);
AssertIntEQ(ret, WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1),
WOLFSSL_SUCCESS);
do {
ret = wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(clientTls12Ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
} while (ret == WC_PENDING_E);
AssertIntEQ(ret, WOLFSSL_SUCCESS);
#endif
AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1),
WOLFSSL_SUCCESS);
do {
ret = wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(clientSsl, WOLF_POLL_FLAG_CHECK_HW);
#endif
} while (ret == WC_PENDING_E);
AssertIntEQ(ret, WOLFSSL_SUCCESS);
#endif
#elif defined(HAVE_CURVE25519)
AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG);
@ -53360,7 +53460,7 @@ void ApiTest(void)
test_wolfSSL_BIO_printf();
test_wolfSSL_BIO_f_md();
test_wolfSSL_BIO_up_ref();
test_wolfSSL_BIO_Qt_usecase();
test_wolfSSL_BIO_tls();
#endif
test_wolfSSL_cert_cb();
test_wolfSSL_SESSION();

119
wolfcrypt/src/ecc.c
View File

@ -210,6 +210,13 @@ ECC Curve Sizes:
#define GEN_MEM_ERR MP_MEM
#endif
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC) && \
!defined(WOLFSSL_CRYPTOCELL) && !defined(NO_ECC_MAKE_PUB)
#undef HAVE_ECC_MAKE_PUB
#define HAVE_ECC_MAKE_PUB
#endif
/* forward declarations */
static int wc_ecc_new_point_ex(ecc_point** point, void* heap);
static void wc_ecc_del_point_ex(ecc_point* p, void* heap);
@ -4571,7 +4578,7 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
SAVE_VECTOR_REGISTERS(return _svr_ret;);
switch(private_key->state) {
switch (private_key->state) {
case ECC_STATE_NONE:
case ECC_STATE_SHARED_SEC_GEN:
private_key->state = ECC_STATE_SHARED_SEC_GEN;
@ -4780,6 +4787,8 @@ static WC_INLINE void wc_ecc_reset(ecc_key* key)
* Note this function is local to the file because of the argument type
* ecc_curve_spec. Having this argument allows for not having to load the
* curve type multiple times when generating a key with wc_ecc_make_key().
* For async the results are placed directly into pubOut, so this function
* does not need called again
*
* returns MP_OKAY on success
*/
@ -4787,17 +4796,14 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
ecc_point* pubOut, WC_RNG* rng)
{
int err = MP_OKAY;
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) \
&& !defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC)
#if !defined(WOLFSSL_SP_MATH)
#ifdef HAVE_ECC_MAKE_PUB
#if !defined(WOLFSSL_SP_MATH) && !(defined(WOLFSSL_ASYNC_CRYPT) && \
defined(WC_ASYNC_ENABLE_ECC) && defined(HAVE_INTEL_QA))
ecc_point* base = NULL;
#ifdef WOLFSSL_NO_MALLOC
ecc_point lcl_base;
#endif
#endif
ecc_point* pub;
DECLARE_CURVE_SPECS(ECC_CURVE_FIELD_COUNT);
#endif /* !WOLFSSL_ATECC508A */
#endif /* HAVE_ECC_MAKE_PUB */
(void)rng;
@ -4807,10 +4813,7 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) \
&& !defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC) && \
!defined(WOLFSSL_CRYPTOCELL)
#ifdef HAVE_ECC_MAKE_PUB
/* if ecc_point passed in then use it as output for public key point */
if (pubOut != NULL) {
pub = pubOut;
@ -4855,10 +4858,26 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
#endif
}
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
defined(HAVE_INTEL_QA)
if (err == MP_OKAY) {
word32 keySz = key->dp->size;
/* sync private key to raw */
err = wc_mp_to_bigint_sz(&key->k, &key->k.raw, keySz);
if (err == MP_OKAY) {
err = IntelQaEccPointMul(&key->asyncDev,
&key->k.raw, pub->x, pub->y, pub->z,
&curve->Gx->raw, &curve->Gy->raw,
&curve->Af->raw, &curve->Bf->raw, &curve->prime->raw,
key->dp->cofactor);
}
}
#else
#ifdef WOLFSSL_HAVE_SP_ECC
if (err != MP_OKAY) {
}
else
#ifdef WOLFSSL_HAVE_SP_ECC
#ifndef WOLFSSL_SP_NO_256
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) {
err = sp_ecc_mulmod_base_256(&key->k, pub, 1, key->heap);
@ -4877,13 +4896,15 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
}
else
#endif
#endif
#endif /* WOLFSSL_HAVE_SP_ECC */
#if defined(WOLFSSL_SP_MATH)
err = WC_KEY_SIZE_E;
#else
{
if (err == MP_OKAY) {
mp_digit mp = 0;
#ifdef WOLFSSL_NO_MALLOC
ecc_point lcl_base;
base = &lcl_base;
#endif
err = wc_ecc_new_point_ex(&base, key->heap);
@ -4914,9 +4935,14 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
wc_ecc_del_point_ex(base, key->heap);
}
#endif
#endif /* WOLFSSL_SP_MATH */
#endif /* HAVE_INTEL_QA */
if (err != MP_OKAY) {
if (err != MP_OKAY
#ifdef WOLFSSL_ASYNC_CRYPT
&& err != WC_PENDING_E
#endif
) {
/* clean up if failed */
#ifndef ALT_ECC_SIZE
mp_clear(pub->x);
@ -4932,9 +4958,10 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
}
#else
/* Using hardware crypto, that does not support ecc_make_pub_ex */
(void)curveIn;
err = NOT_COMPILED_IN;
#endif /* WOLFSSL_ATECC508A || WOLFSSL_SILABS_SE_ACCEL */
#endif /* HAVE_ECC_MAKE_PUB */
/* change key state if public part is cached */
if (key->type == ECC_PRIVATEKEY_ONLY && pubOut == NULL) {
@ -4983,15 +5010,11 @@ int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng)
static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
int curve_id, int flags)
{
int err;
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_KCAPI_ECC) && \
!defined(WOLFSSL_SE050)
#if !defined(WOLFSSL_SP_MATH)
int err = 0;
#if defined(HAVE_ECC_MAKE_PUB) && !defined(WOLFSSL_SP_MATH)
DECLARE_CURVE_SPECS(ECC_CURVE_FIELD_COUNT);
#endif
#endif /* !WOLFSSL_ATECC508A */
#if defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A)
const CRYS_ECPKI_Domain_t* pDomain;
@ -5028,7 +5051,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
#ifdef HAVE_CAVIUM
/* TODO: Not implemented */
#elif defined(HAVE_INTEL_QA)
/* TODO: Not implemented */
/* Implemented in ecc_make_pub_ex for the pub calc */
#else
if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_ECC_MAKE)) {
WC_ASYNC_TEST* testDev = &key->asyncDev.test;
@ -5173,19 +5196,24 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
}
/* generate k */
if (err == MP_OKAY)
if (err == MP_OKAY) {
err = wc_ecc_gen_k(rng, key->dp->size, &key->k, curve->order);
}
/* generate public key from k */
if (err == MP_OKAY)
if (err == MP_OKAY) {
err = ecc_make_pub_ex(key, curve, NULL, rng);
}
if (err == MP_OKAY)
if (err == MP_OKAY
#ifdef WOLFSSL_ASYNC_CRYPT
|| err == WC_PENDING_E
#endif
) {
key->type = ECC_PRIVATEKEY;
/* cleanup these on failure case only */
if (err != MP_OKAY) {
/* clean up */
}
else {
/* cleanup these on failure case only */
mp_forcezero(&key->k);
}
@ -5206,7 +5234,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
err = wc_mp_to_bigint(key->pubkey.z, &key->pubkey.z->raw);
#endif
#endif /* WOLFSSL_ATECC508A */
#endif /* HAVE_ECC_MAKE_PUB */
return err;
}
@ -5654,7 +5682,7 @@ static int wc_ecc_sign_hash_async(const byte* in, word32 inlen, byte* out,
r = key->r;
s = key->s;
switch(key->state) {
switch (key->state) {
case ECC_STATE_NONE:
case ECC_STATE_SIGN_DO:
key->state = ECC_STATE_SIGN_DO;
@ -5957,6 +5985,10 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng,
err = _ecc_make_key_ex(rng, key->dp->size, pubkey, key->dp->id,
WC_ECC_FLAG_NONE);
}
#ifdef WOLFSSL_ASYNC_CRYPT
/* for async do blocking wait here */
err = wc_AsyncWait(err, &pubkey->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (err != MP_OKAY) break;
/* find r = x1 mod n */
@ -7297,6 +7329,9 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
!defined(WOLFSSL_SMALL_STACK)
mp_int r_lcl, s_lcl;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
int isPrivateKeyOnly = 0;
#endif
if (sig == NULL || hash == NULL || res == NULL || key == NULL) {
return ECC_BAD_ARG_E;
@ -7356,7 +7391,11 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
case ECC_STATE_VERIFY_DO:
key->state = ECC_STATE_VERIFY_DO;
#ifdef WOLFSSL_ASYNC_CRYPT
if (key->type == ECC_PRIVATEKEY_ONLY) {
isPrivateKeyOnly = 1;
}
#endif
err = wc_ecc_verify_hash_ex(r, s, hash, hashlen, res, key);
#ifndef WOLFSSL_ASYNC_CRYPT
@ -7385,11 +7424,14 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
err = BAD_STATE_E;
}
#ifdef WOLFSSL_ASYNC_CRYPT
/* if async pending then return and skip done cleanup below */
if (err == WC_PENDING_E) {
key->state++;
if (!isPrivateKeyOnly) /* do not advance state if doing make pub key */
key->state++;
return err;
}
#endif
/* cleanup */
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
@ -7401,7 +7443,8 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
s = NULL;
#endif
key->state = ECC_STATE_NONE;
/* make sure required variables are reset */
wc_ecc_reset(key);
return err;
}

2
wolfcrypt/src/wolfmath.c
View File

@ -344,7 +344,7 @@ void wc_bigint_free(WC_BIGINT* a)
/* sz: make sure the buffer is at least that size and zero padded.
* A `sz == 0` will use the size of `src`.
* The calulcates sz is stored into dst->len in `wc_bigint_alloc`.
* The calculates sz is stored into dst->len in `wc_bigint_alloc`.
*/
int wc_mp_to_bigint_sz(mp_int* src, WC_BIGINT* dst, word32 sz)
{

6
wolfcrypt/test/test.c
View File

@ -21356,6 +21356,9 @@ static int ecc_test_make_pub(WC_RNG* rng)
}
#if !defined(WOLFSSL_CRYPTOCELL)
ret = wc_ecc_make_pub(key, pubPoint);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
ERROR_OUT(-9859, done);
}
@ -23412,6 +23415,9 @@ static int ecc_test_allocator(WC_RNG* rng)
#ifndef WC_NO_RNG
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
ERROR_OUT(-10151, exit);
}