wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 11:17:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for DH with QuickAssist to only use hardware for supported key sizes. Fix in random.c for seed devId when building async without crypto callbacks.

Browse Source
This commit is contained in:
David Garske
2019-02-19 11:55:20 -08:00
parent 25dd5882f8
commit dc1f0d7822
2 changed files with 27 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
wolfcrypt/src/dh.c
View File

@ -1312,12 +1312,12 @@ static int wc_DhGenerateKeyPair_Async(DhKey* key, WC_RNG* rng,
int ret; int ret;
#if defined(HAVE_INTEL_QA) #if defined(HAVE_INTEL_QA)
word32 sz; word32 pBits;
/* verify prime is at least 768-bits */ /* QAT DH sizes: 768, 1024, 1536, 2048, 3072 and 4096 bits */
/* QAT HW must have prime at least 768-bits */ pBits = mp_unsigned_bin_size(&key->p) * 8;
sz = mp_unsigned_bin_size(&key->p); if (pBits == 768 || pBits == 1024 || pBits == 1536 ||
if (sz >= (768/8)) { pBits == 2048 || pBits == 3072 || pBits == 4096) {
mp_int x; mp_int x;
ret = mp_init(&x); ret = mp_init(&x);
@ -1918,15 +1918,23 @@ static int wc_DhAgree_Async(DhKey* key, byte* agree, word32* agreeSz,
{ {
int ret; int ret;
#ifdef HAVE_CAVIUM #if defined(HAVE_INTEL_QA)
/* TODO: Not implemented - use software for now */ word32 pBits;
ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz);
/* QAT DH sizes: 768, 1024, 1536, 2048, 3072 and 4096 bits */
pBits = mp_unsigned_bin_size(&key->p) * 8;
if (pBits == 768 || pBits == 1024 || pBits == 1536 ||
pBits == 2048 || pBits == 3072 || pBits == 4096) {
ret = wc_mp_to_bigint(&key->p, &key->p.raw);
if (ret == MP_OKAY)
ret = IntelQaDhAgree(&key->asyncDev, &key->p.raw,
agree, agreeSz, priv, privSz, otherPub, pubSz);
return ret;
}
#elif defined(HAVE_CAVIUM)
/* TODO: Not implemented - use software for now */
#elif defined(HAVE_INTEL_QA)
ret = wc_mp_to_bigint(&key->p, &key->p.raw);
if (ret == MP_OKAY)
ret = IntelQaDhAgree(&key->asyncDev, &key->p.raw,
agree, agreeSz, priv, privSz, otherPub, pubSz);
#else /* WOLFSSL_ASYNC_CRYPT_TEST */ #else /* WOLFSSL_ASYNC_CRYPT_TEST */
if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_DH_AGREE)) { if (wc_AsyncTestInit(&key->asyncDev, ASYNC_TEST_DH_AGREE)) {
WC_ASYNC_TEST* testDev = &key->asyncDev.test; WC_ASYNC_TEST* testDev = &key->asyncDev.test;
@ -1939,9 +1947,11 @@ static int wc_DhAgree_Async(DhKey* key, byte* agree, word32* agreeSz,
testDev->dhAgree.pubSz = pubSz; testDev->dhAgree.pubSz = pubSz;
return WC_PENDING_E; return WC_PENDING_E;
} }
ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz);
#endif #endif
/* otherwise use software DH */
ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz);
return ret; return ret;
} }
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */

4
wolfcrypt/src/random.c
View File

@ -704,7 +704,9 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
#endif #endif
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB) #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
rng->devId = devId; rng->devId = devId;
rng->seed.devId = devId; #if defined(WOLF_CRYPTO_CB)
rng->seed.devId = devId;
#endif
#else #else
(void)devId; (void)devId;
#endif #endif