diff --git a/configure.ac b/configure.ac index 76163a4cb..cc33757cf 100644 --- a/configure.ac +++ b/configure.ac @@ -6985,6 +6985,13 @@ then AC_MSG_ERROR([please use --with-libz if enabling mcapi.]) fi +# Asynchronous Crypto +AC_ARG_ENABLE([asynccrypt], + [AS_HELP_STRING([--enable-asynccrypt],[Enable Asynchronous Crypto (default: disabled)])], + [ ENABLED_ASYNCCRYPT=$enableval ], + [ ENABLED_ASYNCCRYPT=no ] + ) + # Asynchronous crypto using software (i.e. not hardware). Required for # non-blocking crypto with TLS/DTLS. AC_ARG_ENABLE([asynccrypt-sw], @@ -6995,15 +7002,9 @@ AC_ARG_ENABLE([asynccrypt-sw], if test "$ENABLED_ASYNCCRYPT_SW" = "yes" then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT_SW" + ENABLED_ASYNCCRYPT=yes fi -# Asynchronous Crypto -AC_ARG_ENABLE([asynccrypt], - [AS_HELP_STRING([--enable-asynccrypt],[Enable Asynchronous Crypto (default: disabled)])], - [ ENABLED_ASYNCCRYPT=$enableval ], - [ ENABLED_ASYNCCRYPT=no ] - ) - if test "$ENABLED_ASYNCCRYPT" = "yes" then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT -DHAVE_WOLF_EVENT -DHAVE_WOLF_BIGINT -DWOLFSSL_NO_HASH_RAW" diff --git a/src/internal.c b/src/internal.c index ec9dd2d78..f9a8cdabc 100644 --- a/src/internal.c +++ b/src/internal.c @@ -7071,6 +7071,14 @@ void FreeKey(WOLFSSL* ssl, int type, void** pKey) #endif /* ! NO_RSA */ #ifdef HAVE_ECC case DYNAMIC_TYPE_ECC: + #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ + defined(WC_ASYNC_ENABLE_ECC) + if (((ecc_key*)*pKey)->nb_ctx != NULL) { + XFREE(((ecc_key*)*pKey)->nb_ctx, ((ecc_key*)*pKey)->heap, + DYNAMIC_TYPE_TMP_BUFFER); + } + #endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW && + WC_ASYNC_ENABLE_ECC */ wc_ecc_free((ecc_key*)*pKey); break; #endif /* HAVE_ECC */ @@ -7125,6 +7133,13 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey) { int ret = BAD_FUNC_ARG; int sz = 0; +#ifdef HAVE_ECC + ecc_key* eccKey; +#endif /* HAVE_ECC */ +#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ + defined(WC_ASYNC_ENABLE_ECC) + ecc_nb_ctx_t* nbCtx; +#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW && WC_ASYNC_ENABLE_ECC*/ if (ssl == NULL || pKey == NULL) { return BAD_FUNC_ARG; @@ -7204,7 +7219,25 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey) #endif /* ! NO_RSA */ #ifdef HAVE_ECC case DYNAMIC_TYPE_ECC: - ret = wc_ecc_init_ex((ecc_key*)*pKey, ssl->heap, ssl->devId); + eccKey = (ecc_key*)*pKey; + ret = wc_ecc_init_ex(eccKey, ssl->heap, ssl->devId); + if (ret == 0) { + #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ + defined(WC_ASYNC_ENABLE_ECC) + nbCtx = (ecc_nb_ctx_t*)XMALLOC(sizeof(ecc_nb_ctx_t), + eccKey->heap, DYNAMIC_TYPE_TMP_BUFFER); + if (nbCtx == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_ecc_set_nonblock(eccKey, nbCtx); + if (ret != 0) { + XFREE(nbCtx, eccKey->heap, DYNAMIC_TYPE_TMP_BUFFER); + } + } + #endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW && + WC_ASYNC_ENABLE_ECC */ + } break; #endif /* HAVE_ECC */ #ifdef HAVE_ED25519 diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 6cae38aa4..4f15d22d4 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -15082,6 +15082,14 @@ void FreeSignatureCtx(SignatureCtx* sigCtx) #endif #ifdef HAVE_ECC case ECDSAk: + #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ + defined(WC_ASYNC_ENABLE_ECC) + if (sigCtx->key.ecc->nb_ctx != NULL) { + XFREE(sigCtx->key.ecc->nb_ctx, sigCtx->heap, + DYNAMIC_TYPE_TMP_BUFFER); + } + #endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW && + WC_ASYNC_ENABLE_ECC */ wc_ecc_free(sigCtx->key.ecc); XFREE(sigCtx->key.ecc, sigCtx->heap, DYNAMIC_TYPE_ECC); sigCtx->key.ecc = NULL; @@ -15570,6 +15578,11 @@ static int ConfirmSignature(SignatureCtx* sigCtx, case ECDSAk: { word32 idx = 0; + #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ + defined(WC_ASYNC_ENABLE_ECC) + ecc_nb_ctx_t* nbCtx; + #endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW && + WC_ASYNC_ENABLE_ECC */ sigCtx->verify = 0; sigCtx->key.ecc = (ecc_key*)XMALLOC(sizeof(ecc_key), @@ -15581,6 +15594,21 @@ static int ConfirmSignature(SignatureCtx* sigCtx, sigCtx->devId)) < 0) { goto exit_cs; } + #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ + defined(WC_ASYNC_ENABLE_ECC) + nbCtx = (ecc_nb_ctx_t*)XMALLOC(sizeof(ecc_nb_ctx_t), + sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); + if (nbCtx == NULL) { + ERROR_OUT(MEMORY_E, exit_cs); + } + else { + ret = wc_ecc_set_nonblock(sigCtx->key.ecc, nbCtx); + if (ret != 0) { + goto exit_cs; + } + } + #endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW && + WC_ASYNC_ENABLE_ECC */ ret = wc_EccPublicKeyDecode(key, &idx, sigCtx->key.ecc, keySz); if (ret < 0) { diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 27b834495..cdc5ffdfe 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -6389,12 +6389,25 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, } #endif + +#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \ + defined(WOLFSSL_ASYNC_CRYPT_SW) + if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) { + if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_ECC_SIGN)) { + WC_ASYNC_SW* sw = &key->asyncDev.sw; + sw->eccSign.in = in; + sw->eccSign.inSz = inlen; + sw->eccSign.rng = rng; + sw->eccSign.key = key; + sw->eccSign.r = r; + sw->eccSign.s = s; + return WC_PENDING_E; + } + } +#endif + #if defined(WOLFSSL_HAVE_SP_ECC) - if (key->idx != ECC_CUSTOM_IDX - #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) - && key->asyncDev.marker != WOLFSSL_ASYNC_MARKER_ECC - #endif - ) { + if (key->idx != ECC_CUSTOM_IDX) { #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) \ || defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \ defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT) @@ -6494,23 +6507,6 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, (void)inlen; #endif -#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \ - defined(WOLFSSL_ASYNC_CRYPT_SW) - if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) { - if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_ECC_SIGN)) { - WC_ASYNC_SW* sw = &key->asyncDev.sw; - sw->eccSign.in = in; - sw->eccSign.inSz = inlen; - sw->eccSign.rng = rng; - sw->eccSign.key = key; - sw->eccSign.r = r; - sw->eccSign.s = s; - return WC_PENDING_E; - } - } -#endif - - #if !defined(WOLFSSL_SP_MATH) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM_V) @@ -8010,11 +8006,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, #endif #if defined(WOLFSSL_HAVE_SP_ECC) - if (key->idx != ECC_CUSTOM_IDX - #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) - && key->asyncDev.marker != WOLFSSL_ASYNC_MARKER_ECC - #endif - ) { + if (key->idx != ECC_CUSTOM_IDX) { #if defined(WC_ECC_NONBLOCK) && defined(WC_ECC_NONBLOCK_ONLY) /* perform blocking call to non-blocking function */ ecc_nb_ctx_t nb_ctx;