WOLFSSL_ASYNC_CRYPT: in EccSharedSecret(), don't try to wolfSSL_AsyncInit() if there's no priv_key to supply an asyncDev; in RSA _ifc_pairwise_consistency_test(), disable async to force blocking crypto.

src/internal.c

@@ -4677,10 +4677,10 @@ int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key, ecc_key* pub_key,
     /* initialize event */
     if (priv_key != NULL) {
         asyncDev = &priv_key->asyncDev;
+        ret = wolfSSL_AsyncInit(ssl, asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
+        if (ret != 0)
+            return ret;
     }
-    ret = wolfSSL_AsyncInit(ssl, asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
-    if (ret != 0)
-        return ret;
 #endif
 
 #ifdef HAVE_PK_CALLBACKS

wolfcrypt/src/rsa.c

@@ -616,6 +616,9 @@ static int _ifc_pairwise_consistency_test(RsaKey* key, WC_RNG* rng)
     byte* plain;
     int ret = 0;
     word32 msgLen, plainLen, sigLen;
+#ifdef WOLFSSL_ASYNC_CRYPT
+    word32 saved_async_marker;
+#endif
 
     msgLen = (word32)XSTRLEN(msg);
     sigLen = wc_RsaEncryptSize(key);
@@ -628,6 +631,12 @@ static int _ifc_pairwise_consistency_test(RsaKey* key, WC_RNG* rng)
     XMEMSET(sig, 0, sigLen);
     plain = sig;
 
+#ifdef WOLFSSL_ASYNC_CRYPT
+    /* force blocking calculations. */
+    saved_async_marker = key->asyncDev.marker;
+    key->asyncDev.marker = WOLFSSL_ASYNC_MARKER_INVALID;
+#endif
+
     ret = wc_RsaSSL_Sign((const byte*)msg, msgLen, sig, sigLen, key, rng);
 #ifdef WOLFSSL_ASYNC_CRYPT
     if (ret == WC_PENDING_E) {
@@ -655,6 +664,10 @@ static int _ifc_pairwise_consistency_test(RsaKey* key, WC_RNG* rng)
     ForceZero(sig, sigLen);
     XFREE(sig, NULL, DYNAMIC_TYPE_RSA);
 
+#ifdef WOLFSSL_ASYNC_CRYPT
+    key->asyncDev.marker = saved_async_marker;
+#endif
+
     return ret;
 }