mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-01 03:34:39 +02:00
Merge pull request #5574 from haydenroche5/ecc_nb_tls
Add support for non-blocking ECDHE/ECDSA in TLS/DTLS layer.
This commit is contained in:
JacobBarthelmeh
GitHub
15
configure.ac
15
configure.ac
@@ -6985,6 +6985,13 @@ then
|
||||
AC_MSG_ERROR([please use --with-libz if enabling mcapi.])
|
||||
fi
|
||||
|
||||
# Asynchronous Crypto
|
||||
AC_ARG_ENABLE([asynccrypt],
|
||||
[AS_HELP_STRING([--enable-asynccrypt],[Enable Asynchronous Crypto (default: disabled)])],
|
||||
[ ENABLED_ASYNCCRYPT=$enableval ],
|
||||
[ ENABLED_ASYNCCRYPT=no ]
|
||||
)
|
||||
|
||||
# Asynchronous crypto using software (i.e. not hardware). Required for
|
||||
# non-blocking crypto with TLS/DTLS.
|
||||
AC_ARG_ENABLE([asynccrypt-sw],
|
||||
@@ -6995,15 +7002,9 @@ AC_ARG_ENABLE([asynccrypt-sw],
|
||||
if test "$ENABLED_ASYNCCRYPT_SW" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT_SW"
|
||||
ENABLED_ASYNCCRYPT=yes
|
||||
fi
|
||||
|
||||
# Asynchronous Crypto
|
||||
AC_ARG_ENABLE([asynccrypt],
|
||||
[AS_HELP_STRING([--enable-asynccrypt],[Enable Asynchronous Crypto (default: disabled)])],
|
||||
[ ENABLED_ASYNCCRYPT=$enableval ],
|
||||
[ ENABLED_ASYNCCRYPT=no ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_ASYNCCRYPT" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT -DHAVE_WOLF_EVENT -DHAVE_WOLF_BIGINT -DWOLFSSL_NO_HASH_RAW"
|
||||
|
||||
@@ -7071,6 +7071,14 @@ void FreeKey(WOLFSSL* ssl, int type, void** pKey)
|
||||
#endif /* ! NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
case DYNAMIC_TYPE_ECC:
|
||||
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||
defined(WC_ASYNC_ENABLE_ECC)
|
||||
if (((ecc_key*)*pKey)->nb_ctx != NULL) {
|
||||
XFREE(((ecc_key*)*pKey)->nb_ctx, ((ecc_key*)*pKey)->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
|
||||
WC_ASYNC_ENABLE_ECC */
|
||||
wc_ecc_free((ecc_key*)*pKey);
|
||||
break;
|
||||
#endif /* HAVE_ECC */
|
||||
@@ -7125,6 +7133,13 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey)
|
||||
{
|
||||
int ret = BAD_FUNC_ARG;
|
||||
int sz = 0;
|
||||
#ifdef HAVE_ECC
|
||||
ecc_key* eccKey;
|
||||
#endif /* HAVE_ECC */
|
||||
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||
defined(WC_ASYNC_ENABLE_ECC)
|
||||
ecc_nb_ctx_t* nbCtx;
|
||||
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW && WC_ASYNC_ENABLE_ECC*/
|
||||
|
||||
if (ssl == NULL || pKey == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
@@ -7204,7 +7219,25 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey)
|
||||
#endif /* ! NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
case DYNAMIC_TYPE_ECC:
|
||||
ret = wc_ecc_init_ex((ecc_key*)*pKey, ssl->heap, ssl->devId);
|
||||
eccKey = (ecc_key*)*pKey;
|
||||
ret = wc_ecc_init_ex(eccKey, ssl->heap, ssl->devId);
|
||||
if (ret == 0) {
|
||||
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||
defined(WC_ASYNC_ENABLE_ECC)
|
||||
nbCtx = (ecc_nb_ctx_t*)XMALLOC(sizeof(ecc_nb_ctx_t),
|
||||
eccKey->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (nbCtx == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
ret = wc_ecc_set_nonblock(eccKey, nbCtx);
|
||||
if (ret != 0) {
|
||||
XFREE(nbCtx, eccKey->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
}
|
||||
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
|
||||
WC_ASYNC_ENABLE_ECC */
|
||||
}
|
||||
break;
|
||||
#endif /* HAVE_ECC */
|
||||
#ifdef HAVE_ED25519
|
||||
|
||||
@@ -15082,6 +15082,14 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
case ECDSAk:
|
||||
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||
defined(WC_ASYNC_ENABLE_ECC)
|
||||
if (sigCtx->key.ecc->nb_ctx != NULL) {
|
||||
XFREE(sigCtx->key.ecc->nb_ctx, sigCtx->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
|
||||
WC_ASYNC_ENABLE_ECC */
|
||||
wc_ecc_free(sigCtx->key.ecc);
|
||||
XFREE(sigCtx->key.ecc, sigCtx->heap, DYNAMIC_TYPE_ECC);
|
||||
sigCtx->key.ecc = NULL;
|
||||
@@ -15570,6 +15578,11 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
||||
case ECDSAk:
|
||||
{
|
||||
word32 idx = 0;
|
||||
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||
defined(WC_ASYNC_ENABLE_ECC)
|
||||
ecc_nb_ctx_t* nbCtx;
|
||||
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
|
||||
WC_ASYNC_ENABLE_ECC */
|
||||
|
||||
sigCtx->verify = 0;
|
||||
sigCtx->key.ecc = (ecc_key*)XMALLOC(sizeof(ecc_key),
|
||||
@@ -15581,6 +15594,21 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
||||
sigCtx->devId)) < 0) {
|
||||
goto exit_cs;
|
||||
}
|
||||
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||
defined(WC_ASYNC_ENABLE_ECC)
|
||||
nbCtx = (ecc_nb_ctx_t*)XMALLOC(sizeof(ecc_nb_ctx_t),
|
||||
sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (nbCtx == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_cs);
|
||||
}
|
||||
else {
|
||||
ret = wc_ecc_set_nonblock(sigCtx->key.ecc, nbCtx);
|
||||
if (ret != 0) {
|
||||
goto exit_cs;
|
||||
}
|
||||
}
|
||||
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
|
||||
WC_ASYNC_ENABLE_ECC */
|
||||
ret = wc_EccPublicKeyDecode(key, &idx, sigCtx->key.ecc,
|
||||
keySz);
|
||||
if (ret < 0) {
|
||||
|
||||
@@ -6389,12 +6389,25 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
|
||||
defined(WOLFSSL_ASYNC_CRYPT_SW)
|
||||
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
|
||||
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_ECC_SIGN)) {
|
||||
WC_ASYNC_SW* sw = &key->asyncDev.sw;
|
||||
sw->eccSign.in = in;
|
||||
sw->eccSign.inSz = inlen;
|
||||
sw->eccSign.rng = rng;
|
||||
sw->eccSign.key = key;
|
||||
sw->eccSign.r = r;
|
||||
sw->eccSign.s = s;
|
||||
return WC_PENDING_E;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_HAVE_SP_ECC)
|
||||
if (key->idx != ECC_CUSTOM_IDX
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
|
||||
&& key->asyncDev.marker != WOLFSSL_ASYNC_MARKER_ECC
|
||||
#endif
|
||||
) {
|
||||
if (key->idx != ECC_CUSTOM_IDX) {
|
||||
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) \
|
||||
|| defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
|
||||
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
|
||||
@@ -6494,23 +6507,6 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
|
||||
(void)inlen;
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
|
||||
defined(WOLFSSL_ASYNC_CRYPT_SW)
|
||||
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
|
||||
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_ECC_SIGN)) {
|
||||
WC_ASYNC_SW* sw = &key->asyncDev.sw;
|
||||
sw->eccSign.in = in;
|
||||
sw->eccSign.inSz = inlen;
|
||||
sw->eccSign.rng = rng;
|
||||
sw->eccSign.key = key;
|
||||
sw->eccSign.r = r;
|
||||
sw->eccSign.s = s;
|
||||
return WC_PENDING_E;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
#if !defined(WOLFSSL_SP_MATH)
|
||||
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM_V)
|
||||
@@ -8010,11 +8006,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_HAVE_SP_ECC)
|
||||
if (key->idx != ECC_CUSTOM_IDX
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
|
||||
&& key->asyncDev.marker != WOLFSSL_ASYNC_MARKER_ECC
|
||||
#endif
|
||||
) {
|
||||
if (key->idx != ECC_CUSTOM_IDX) {
|
||||
#if defined(WC_ECC_NONBLOCK) && defined(WC_ECC_NONBLOCK_ONLY)
|
||||
/* perform blocking call to non-blocking function */
|
||||
ecc_nb_ctx_t nb_ctx;
|
||||
|
||||
Reference in New Issue
Block a user