mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-02 20:24:39 +02:00
Merge pull request #5574 from haydenroche5/ecc_nb_tls
Add support for non-blocking ECDHE/ECDSA in TLS/DTLS layer.
This commit is contained in:
JacobBarthelmeh
GitHub
15
configure.ac
15
configure.ac
@@ -6985,6 +6985,13 @@ then
|
|||||||
AC_MSG_ERROR([please use --with-libz if enabling mcapi.])
|
AC_MSG_ERROR([please use --with-libz if enabling mcapi.])
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Asynchronous Crypto
|
||||||
|
AC_ARG_ENABLE([asynccrypt],
|
||||||
|
[AS_HELP_STRING([--enable-asynccrypt],[Enable Asynchronous Crypto (default: disabled)])],
|
||||||
|
[ ENABLED_ASYNCCRYPT=$enableval ],
|
||||||
|
[ ENABLED_ASYNCCRYPT=no ]
|
||||||
|
)
|
||||||
|
|
||||||
# Asynchronous crypto using software (i.e. not hardware). Required for
|
# Asynchronous crypto using software (i.e. not hardware). Required for
|
||||||
# non-blocking crypto with TLS/DTLS.
|
# non-blocking crypto with TLS/DTLS.
|
||||||
AC_ARG_ENABLE([asynccrypt-sw],
|
AC_ARG_ENABLE([asynccrypt-sw],
|
||||||
@@ -6995,15 +7002,9 @@ AC_ARG_ENABLE([asynccrypt-sw],
|
|||||||
if test "$ENABLED_ASYNCCRYPT_SW" = "yes"
|
if test "$ENABLED_ASYNCCRYPT_SW" = "yes"
|
||||||
then
|
then
|
||||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT_SW"
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT_SW"
|
||||||
|
ENABLED_ASYNCCRYPT=yes
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Asynchronous Crypto
|
|
||||||
AC_ARG_ENABLE([asynccrypt],
|
|
||||||
[AS_HELP_STRING([--enable-asynccrypt],[Enable Asynchronous Crypto (default: disabled)])],
|
|
||||||
[ ENABLED_ASYNCCRYPT=$enableval ],
|
|
||||||
[ ENABLED_ASYNCCRYPT=no ]
|
|
||||||
)
|
|
||||||
|
|
||||||
if test "$ENABLED_ASYNCCRYPT" = "yes"
|
if test "$ENABLED_ASYNCCRYPT" = "yes"
|
||||||
then
|
then
|
||||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT -DHAVE_WOLF_EVENT -DHAVE_WOLF_BIGINT -DWOLFSSL_NO_HASH_RAW"
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT -DHAVE_WOLF_EVENT -DHAVE_WOLF_BIGINT -DWOLFSSL_NO_HASH_RAW"
|
||||||
|
|||||||
@@ -7071,6 +7071,14 @@ void FreeKey(WOLFSSL* ssl, int type, void** pKey)
|
|||||||
#endif /* ! NO_RSA */
|
#endif /* ! NO_RSA */
|
||||||
#ifdef HAVE_ECC
|
#ifdef HAVE_ECC
|
||||||
case DYNAMIC_TYPE_ECC:
|
case DYNAMIC_TYPE_ECC:
|
||||||
|
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||||
|
defined(WC_ASYNC_ENABLE_ECC)
|
||||||
|
if (((ecc_key*)*pKey)->nb_ctx != NULL) {
|
||||||
|
XFREE(((ecc_key*)*pKey)->nb_ctx, ((ecc_key*)*pKey)->heap,
|
||||||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
}
|
||||||
|
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
|
||||||
|
WC_ASYNC_ENABLE_ECC */
|
||||||
wc_ecc_free((ecc_key*)*pKey);
|
wc_ecc_free((ecc_key*)*pKey);
|
||||||
break;
|
break;
|
||||||
#endif /* HAVE_ECC */
|
#endif /* HAVE_ECC */
|
||||||
@@ -7125,6 +7133,13 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey)
|
|||||||
{
|
{
|
||||||
int ret = BAD_FUNC_ARG;
|
int ret = BAD_FUNC_ARG;
|
||||||
int sz = 0;
|
int sz = 0;
|
||||||
|
#ifdef HAVE_ECC
|
||||||
|
ecc_key* eccKey;
|
||||||
|
#endif /* HAVE_ECC */
|
||||||
|
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||||
|
defined(WC_ASYNC_ENABLE_ECC)
|
||||||
|
ecc_nb_ctx_t* nbCtx;
|
||||||
|
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW && WC_ASYNC_ENABLE_ECC*/
|
||||||
|
|
||||||
if (ssl == NULL || pKey == NULL) {
|
if (ssl == NULL || pKey == NULL) {
|
||||||
return BAD_FUNC_ARG;
|
return BAD_FUNC_ARG;
|
||||||
@@ -7204,7 +7219,25 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey)
|
|||||||
#endif /* ! NO_RSA */
|
#endif /* ! NO_RSA */
|
||||||
#ifdef HAVE_ECC
|
#ifdef HAVE_ECC
|
||||||
case DYNAMIC_TYPE_ECC:
|
case DYNAMIC_TYPE_ECC:
|
||||||
ret = wc_ecc_init_ex((ecc_key*)*pKey, ssl->heap, ssl->devId);
|
eccKey = (ecc_key*)*pKey;
|
||||||
|
ret = wc_ecc_init_ex(eccKey, ssl->heap, ssl->devId);
|
||||||
|
if (ret == 0) {
|
||||||
|
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||||
|
defined(WC_ASYNC_ENABLE_ECC)
|
||||||
|
nbCtx = (ecc_nb_ctx_t*)XMALLOC(sizeof(ecc_nb_ctx_t),
|
||||||
|
eccKey->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (nbCtx == NULL) {
|
||||||
|
ret = MEMORY_E;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
ret = wc_ecc_set_nonblock(eccKey, nbCtx);
|
||||||
|
if (ret != 0) {
|
||||||
|
XFREE(nbCtx, eccKey->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
|
||||||
|
WC_ASYNC_ENABLE_ECC */
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
#endif /* HAVE_ECC */
|
#endif /* HAVE_ECC */
|
||||||
#ifdef HAVE_ED25519
|
#ifdef HAVE_ED25519
|
||||||
|
|||||||
@@ -15082,6 +15082,14 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
|
|||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_ECC
|
#ifdef HAVE_ECC
|
||||||
case ECDSAk:
|
case ECDSAk:
|
||||||
|
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||||
|
defined(WC_ASYNC_ENABLE_ECC)
|
||||||
|
if (sigCtx->key.ecc->nb_ctx != NULL) {
|
||||||
|
XFREE(sigCtx->key.ecc->nb_ctx, sigCtx->heap,
|
||||||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
}
|
||||||
|
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
|
||||||
|
WC_ASYNC_ENABLE_ECC */
|
||||||
wc_ecc_free(sigCtx->key.ecc);
|
wc_ecc_free(sigCtx->key.ecc);
|
||||||
XFREE(sigCtx->key.ecc, sigCtx->heap, DYNAMIC_TYPE_ECC);
|
XFREE(sigCtx->key.ecc, sigCtx->heap, DYNAMIC_TYPE_ECC);
|
||||||
sigCtx->key.ecc = NULL;
|
sigCtx->key.ecc = NULL;
|
||||||
@@ -15570,6 +15578,11 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
case ECDSAk:
|
case ECDSAk:
|
||||||
{
|
{
|
||||||
word32 idx = 0;
|
word32 idx = 0;
|
||||||
|
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||||
|
defined(WC_ASYNC_ENABLE_ECC)
|
||||||
|
ecc_nb_ctx_t* nbCtx;
|
||||||
|
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
|
||||||
|
WC_ASYNC_ENABLE_ECC */
|
||||||
|
|
||||||
sigCtx->verify = 0;
|
sigCtx->verify = 0;
|
||||||
sigCtx->key.ecc = (ecc_key*)XMALLOC(sizeof(ecc_key),
|
sigCtx->key.ecc = (ecc_key*)XMALLOC(sizeof(ecc_key),
|
||||||
@@ -15581,6 +15594,21 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
sigCtx->devId)) < 0) {
|
sigCtx->devId)) < 0) {
|
||||||
goto exit_cs;
|
goto exit_cs;
|
||||||
}
|
}
|
||||||
|
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
|
||||||
|
defined(WC_ASYNC_ENABLE_ECC)
|
||||||
|
nbCtx = (ecc_nb_ctx_t*)XMALLOC(sizeof(ecc_nb_ctx_t),
|
||||||
|
sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (nbCtx == NULL) {
|
||||||
|
ERROR_OUT(MEMORY_E, exit_cs);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
ret = wc_ecc_set_nonblock(sigCtx->key.ecc, nbCtx);
|
||||||
|
if (ret != 0) {
|
||||||
|
goto exit_cs;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
|
||||||
|
WC_ASYNC_ENABLE_ECC */
|
||||||
ret = wc_EccPublicKeyDecode(key, &idx, sigCtx->key.ecc,
|
ret = wc_EccPublicKeyDecode(key, &idx, sigCtx->key.ecc,
|
||||||
keySz);
|
keySz);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
|
|||||||
@@ -6389,12 +6389,25 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
|
||||||
|
defined(WOLFSSL_ASYNC_CRYPT_SW)
|
||||||
|
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
|
||||||
|
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_ECC_SIGN)) {
|
||||||
|
WC_ASYNC_SW* sw = &key->asyncDev.sw;
|
||||||
|
sw->eccSign.in = in;
|
||||||
|
sw->eccSign.inSz = inlen;
|
||||||
|
sw->eccSign.rng = rng;
|
||||||
|
sw->eccSign.key = key;
|
||||||
|
sw->eccSign.r = r;
|
||||||
|
sw->eccSign.s = s;
|
||||||
|
return WC_PENDING_E;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(WOLFSSL_HAVE_SP_ECC)
|
#if defined(WOLFSSL_HAVE_SP_ECC)
|
||||||
if (key->idx != ECC_CUSTOM_IDX
|
if (key->idx != ECC_CUSTOM_IDX) {
|
||||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
|
|
||||||
&& key->asyncDev.marker != WOLFSSL_ASYNC_MARKER_ECC
|
|
||||||
#endif
|
|
||||||
) {
|
|
||||||
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) \
|
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) \
|
||||||
|| defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
|
|| defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
|
||||||
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
|
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
|
||||||
@@ -6494,23 +6507,6 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
|
|||||||
(void)inlen;
|
(void)inlen;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
|
|
||||||
defined(WOLFSSL_ASYNC_CRYPT_SW)
|
|
||||||
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
|
|
||||||
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_ECC_SIGN)) {
|
|
||||||
WC_ASYNC_SW* sw = &key->asyncDev.sw;
|
|
||||||
sw->eccSign.in = in;
|
|
||||||
sw->eccSign.inSz = inlen;
|
|
||||||
sw->eccSign.rng = rng;
|
|
||||||
sw->eccSign.key = key;
|
|
||||||
sw->eccSign.r = r;
|
|
||||||
sw->eccSign.s = s;
|
|
||||||
return WC_PENDING_E;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
|
|
||||||
#if !defined(WOLFSSL_SP_MATH)
|
#if !defined(WOLFSSL_SP_MATH)
|
||||||
|
|
||||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM_V)
|
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM_V)
|
||||||
@@ -8010,11 +8006,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(WOLFSSL_HAVE_SP_ECC)
|
#if defined(WOLFSSL_HAVE_SP_ECC)
|
||||||
if (key->idx != ECC_CUSTOM_IDX
|
if (key->idx != ECC_CUSTOM_IDX) {
|
||||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
|
|
||||||
&& key->asyncDev.marker != WOLFSSL_ASYNC_MARKER_ECC
|
|
||||||
#endif
|
|
||||||
) {
|
|
||||||
#if defined(WC_ECC_NONBLOCK) && defined(WC_ECC_NONBLOCK_ONLY)
|
#if defined(WC_ECC_NONBLOCK) && defined(WC_ECC_NONBLOCK_ONLY)
|
||||||
/* perform blocking call to non-blocking function */
|
/* perform blocking call to non-blocking function */
|
||||||
ecc_nb_ctx_t nb_ctx;
|
ecc_nb_ctx_t nb_ctx;
|
||||||
|
|||||||
Reference in New Issue
Block a user