/* cryptocb.c * * Copyright (C) 2006-2026 wolfSSL Inc. * * This file is part of wolfSSL. * * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * wolfSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ /* This framework provides a central place for crypto hardware integration using the devId scheme. If not supported return `CRYPTOCB_UNAVAILABLE`. */ /* Crypto Callback Build Options: * WOLF_CRYPTO_CB: Master enable for crypto callback default: off * framework. Required for all options below. * WOLF_CRYPTO_CB_FIND: Enable find device callback functions default: off * Allows lookup of registered crypto devices. * WOLF_CRYPTO_CB_CMD: Enable command callbacks invoked during default: off * register and unregister of crypto devices. * WOLF_CRYPTO_CB_COPY: Enable copy callback for algorithm default: off * structures (hash, cipher state copying). * WOLF_CRYPTO_CB_FREE: Enable free callback for algorithm default: off * structures (cleanup of crypto objects). * WOLF_CRYPTO_CB_AES_SETKEY: Enable callback for AES key setup default: off * WOLF_CRYPTO_CB_RSA_PAD: Enable callback for RSA padding default: off * operations (custom padding handling). * DEBUG_CRYPTOCB: Enable debug InfoString functions default: off * * Device ID options: * WC_USE_DEVID: Specify a default device ID to use default: off * when no hardware device is detected. * WC_NO_DEFAULT_DEVID: Disable automatic default device ID default: off * selection. Requires explicit devId passing. * WOLFSSL_CAAM_DEVID: Device ID constant (value 7) for NXP default: off * CAAM hardware crypto. * * Algorithm-specific callback options: * NO_SHA2_CRYPTO_CB: Disable crypto callbacks for SHA-384 default: off * and SHA-512 operations. * WOLF_CRYPTO_CB_ONLY_ECC: Use only callbacks for ECC default: off * WOLF_CRYPTO_CB_ONLY_RSA: Use only callbacks for RSA default: off * WOLF_CRYPTO_CB_ONLY_SHA256: Use only callbacks for SHA-256 default: off * WOLF_CRYPTO_CB_ONLY_AES: Use only callbacks for AES default: off */ #include #ifdef WOLF_CRYPTO_CB #include #ifdef HAVE_ARIA #include #endif #ifdef WOLFSSL_CAAM #include #endif /* TODO: Consider linked list with mutex */ #ifndef MAX_CRYPTO_DEVID_CALLBACKS #define MAX_CRYPTO_DEVID_CALLBACKS 8 #endif typedef struct CryptoCb { int devId; CryptoDevCallbackFunc cb; void* ctx; } CryptoCb; static WC_THREADSHARED CryptoCb gCryptoDev[MAX_CRYPTO_DEVID_CALLBACKS]; #ifdef WOLF_CRYPTO_CB_FIND static CryptoDevCallbackFind CryptoCb_FindCb = NULL; #endif #ifdef DEBUG_CRYPTOCB static const char* GetAlgoTypeStr(int algo) { switch (algo) { /* enum wc_AlgoType */ #ifdef WOLF_CRYPTO_CB_CMD case WC_ALGO_TYPE_NONE: return "None-Command"; #endif case WC_ALGO_TYPE_HASH: return "Hash"; case WC_ALGO_TYPE_CIPHER: return "Cipher"; case WC_ALGO_TYPE_PK: return "PK"; case WC_ALGO_TYPE_RNG: return "RNG"; case WC_ALGO_TYPE_SEED: return "Seed"; case WC_ALGO_TYPE_HMAC: return "HMAC"; case WC_ALGO_TYPE_CMAC: return "CMAC"; case WC_ALGO_TYPE_CERT: return "Cert"; case WC_ALGO_TYPE_KDF: return "KDF"; #ifdef WOLF_CRYPTO_CB_COPY case WC_ALGO_TYPE_COPY: return "Copy"; #endif /* WOLF_CRYPTO_CB_COPY */ #ifdef WOLF_CRYPTO_CB_FREE case WC_ALGO_TYPE_FREE: return "Free"; #endif /* WOLF_CRYPTO_CB_FREE */ #ifdef WOLF_CRYPTO_CB_SETKEY case WC_ALGO_TYPE_SETKEY: return "SetKey"; #endif /* WOLF_CRYPTO_CB_SETKEY */ #ifdef WOLF_CRYPTO_CB_EXPORT_KEY case WC_ALGO_TYPE_EXPORT_KEY: return "ExportKey"; #endif /* WOLF_CRYPTO_CB_EXPORT_KEY */ } return NULL; } #ifdef WOLF_CRYPTO_CB_SETKEY static const char* GetSetKeyTypeStr(int type) { switch (type) { case WC_SETKEY_NONE: return "None"; case WC_SETKEY_HMAC: return "HMAC"; case WC_SETKEY_RSA_PUB: return "RSA-Pub"; case WC_SETKEY_RSA_PRIV: return "RSA-Priv"; case WC_SETKEY_ECC_PUB: return "ECC-Pub"; case WC_SETKEY_ECC_PRIV: return "ECC-Priv"; case WC_SETKEY_AES: return "AES"; default: break; } return NULL; } #endif /* WOLF_CRYPTO_CB_SETKEY */ static const char* GetPkTypeStr(int pk) { switch (pk) { case WC_PK_TYPE_RSA: return "RSA"; case WC_PK_TYPE_DH: return "DH"; case WC_PK_TYPE_ECDH: return "ECDH"; case WC_PK_TYPE_ECDSA_SIGN: return "ECDSA-Sign"; case WC_PK_TYPE_ECDSA_VERIFY: return "ECDSA-Verify"; case WC_PK_TYPE_ED25519_SIGN: return "ED25519-Sign"; case WC_PK_TYPE_ED25519_VERIFY: return "ED25519-Verify"; case WC_PK_TYPE_CURVE25519: return "CURVE25519"; case WC_PK_TYPE_RSA_KEYGEN: return "RSA KeyGen"; case WC_PK_TYPE_EC_KEYGEN: return "ECC KeyGen"; case WC_PK_TYPE_EC_GET_SIZE: return "ECC GetSize"; case WC_PK_TYPE_EC_GET_SIG_SIZE: return "ECC GetSigSize"; } return NULL; } #if !defined(NO_AES) || !defined(NO_DES3) static const char* GetCipherTypeStr(int cipher) { switch (cipher) { case WC_CIPHER_AES: return "AES ECB"; case WC_CIPHER_AES_CBC: return "AES CBC"; case WC_CIPHER_AES_GCM: return "AES GCM"; case WC_CIPHER_AES_CTR: return "AES CTR"; case WC_CIPHER_AES_XTS: return "AES XTS"; case WC_CIPHER_AES_CFB: return "AES CFB"; case WC_CIPHER_DES3: return "DES3"; case WC_CIPHER_DES: return "DES"; case WC_CIPHER_CHACHA: return "ChaCha20"; } return NULL; } #endif /* !NO_AES || !NO_DES3 */ static const char* GetHashTypeStr(int hash) { switch (hash) { case WC_HASH_TYPE_MD2: return "MD2"; case WC_HASH_TYPE_MD4: return "MD4"; case WC_HASH_TYPE_MD5: return "MD5"; case WC_HASH_TYPE_SHA: return "SHA-1"; case WC_HASH_TYPE_SHA224: return "SHA-224"; case WC_HASH_TYPE_SHA256: return "SHA-256"; case WC_HASH_TYPE_SHA384: return "SHA-384"; case WC_HASH_TYPE_SHA512: return "SHA-512"; case WC_HASH_TYPE_MD5_SHA: return "MD5-SHA1"; case WC_HASH_TYPE_SHA3_224: return "SHA3-224"; case WC_HASH_TYPE_SHA3_256: return "SHA3-256"; case WC_HASH_TYPE_SHA3_384: return "SHA3-384"; case WC_HASH_TYPE_SHA3_512: return "SHA3-512"; case WC_HASH_TYPE_BLAKE2B: return "Blake2B"; case WC_HASH_TYPE_BLAKE2S: return "Blake2S"; } return NULL; } #ifdef WOLFSSL_CMAC static const char* GetCmacTypeStr(int type) { switch (type) { case WC_CMAC_AES: return "AES"; } return NULL; } #endif /* WOLFSSL_CMAC */ #ifndef NO_RSA static const char* GetRsaType(int type) { switch (type) { case RSA_PUBLIC_ENCRYPT: return "Public Encrypt"; case RSA_PUBLIC_DECRYPT: return "Public Decrypt"; case RSA_PRIVATE_ENCRYPT: return "Private Encrypt"; case RSA_PRIVATE_DECRYPT: return "Private Decrypt"; } return NULL; } #endif #ifdef WOLF_CRYPTO_CB_CMD static const char* GetCryptoCbCmdTypeStr(int type) { switch (type) { case WC_CRYPTOCB_CMD_TYPE_REGISTER: return "Register"; case WC_CRYPTOCB_CMD_TYPE_UNREGISTER: return "UnRegister"; } return NULL; } #endif #if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || defined(HAVE_CMAC_KDF) static const char* GetKdfTypeStr(int type) { switch (type) { case WC_KDF_TYPE_HKDF: return "HKDF"; case WC_KDF_TYPE_TWOSTEP_CMAC: return "TWOSTEP_CMAC"; } return NULL; } #endif void wc_CryptoCb_InfoString(wc_CryptoInfo* info) { if (info == NULL) return; if (info->algo_type == WC_ALGO_TYPE_PK) { #ifndef NO_RSA if (info->pk.type == WC_PK_TYPE_RSA) { printf("Crypto CB: %s %s (%d), %s, Len %d\n", GetAlgoTypeStr(info->algo_type), GetPkTypeStr(info->pk.type), info->pk.type, GetRsaType(info->pk.rsa.type), info->pk.rsa.inLen); } else #endif { printf("Crypto CB: %s %s (%d)\n", GetAlgoTypeStr(info->algo_type), GetPkTypeStr(info->pk.type), info->pk.type); } } #if !defined(NO_AES) || !defined(NO_DES3) else if (info->algo_type == WC_ALGO_TYPE_CIPHER) { printf("Crypto CB: %s %s (%d) (%p ctx)\n", GetAlgoTypeStr(info->algo_type), GetCipherTypeStr(info->cipher.type), info->cipher.type, (void*)info->cipher.ctx); } #endif /* !NO_AES || !NO_DES3 */ #if !defined(NO_SHA) || !defined(NO_SHA256) || \ defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA3) else if (info->algo_type == WC_ALGO_TYPE_HASH) { printf("Crypto CB: %s %s (%d) (%p ctx) %s\n", GetAlgoTypeStr(info->algo_type), GetHashTypeStr(info->hash.type), info->hash.type, (void*)info->hash.ctx, (info->hash.in != NULL) ? "Update" : "Final"); } #endif #ifndef NO_HMAC else if (info->algo_type == WC_ALGO_TYPE_HMAC) { printf("Crypto CB: %s %s (%d) (%p ctx) %s\n", GetAlgoTypeStr(info->algo_type), GetHashTypeStr(info->hmac.macType), info->hmac.macType, (void*)info->hmac.hmac, (info->hmac.in != NULL) ? "Update" : "Final"); } #endif #ifdef WOLFSSL_CMAC else if (info->algo_type == WC_ALGO_TYPE_CMAC) { printf("Crypto CB: %s %s (%d) (%p ctx) %s %s %s\n", GetAlgoTypeStr(info->algo_type), GetCmacTypeStr(info->cmac.type), info->cmac.type, (void*)info->cmac.cmac, (info->cmac.key != NULL) ? "Init " : "", (info->cmac.in != NULL) ? "Update " : "", (info->cmac.out != NULL) ? "Final" : ""); } #endif #ifdef WOLF_CRYPTO_CB_CMD else if (info->algo_type == WC_ALGO_TYPE_NONE) { printf("Crypto CB: %s %s (%d)\n", GetAlgoTypeStr(info->algo_type), GetCryptoCbCmdTypeStr(info->cmd.type), info->cmd.type); } #endif #ifdef WOLF_CRYPTO_CB_COPY else if (info->algo_type == WC_ALGO_TYPE_COPY) { printf("Crypto CB: %s %s Type=%d\n", GetAlgoTypeStr(info->algo_type), GetAlgoTypeStr(info->copy.algo), info->copy.type); } #endif /* WOLF_CRYPTO_CB_COPY */ #ifdef WOLF_CRYPTO_CB_FREE else if (info->algo_type == WC_ALGO_TYPE_FREE) { printf("Crypto CB: %s %s Type=%d\n", GetAlgoTypeStr(info->algo_type), GetAlgoTypeStr(info->free.algo), info->free.type); } #endif /* WOLF_CRYPTO_CB_FREE */ #ifdef WOLF_CRYPTO_CB_SETKEY else if (info->algo_type == WC_ALGO_TYPE_SETKEY) { printf("Crypto CB: %s %s KeySz=%u\n", GetAlgoTypeStr(info->algo_type), GetSetKeyTypeStr(info->setkey.type), info->setkey.keySz); } #endif /* WOLF_CRYPTO_CB_SETKEY */ #ifdef WOLF_CRYPTO_CB_EXPORT_KEY else if (info->algo_type == WC_ALGO_TYPE_EXPORT_KEY) { printf("Crypto CB: %s Type=%d\n", GetAlgoTypeStr(info->algo_type), info->export_key.type); } #endif /* WOLF_CRYPTO_CB_EXPORT_KEY */ #if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || \ defined(HAVE_CMAC_KDF) else if (info->algo_type == WC_ALGO_TYPE_KDF) { printf("Crypto CB: %s %s (%d)\n", GetAlgoTypeStr(info->algo_type), GetKdfTypeStr(info->kdf.type), info->kdf.type); } #endif else { printf("CryptoCb: %s \n", GetAlgoTypeStr(info->algo_type)); } } #endif /* DEBUG_CRYPTOCB */ /* Search through listed devices and return the first matching device ID * found. */ static CryptoCb* wc_CryptoCb_GetDevice(int devId) { int i; for (i = 0; i < MAX_CRYPTO_DEVID_CALLBACKS; i++) { if (gCryptoDev[i].devId == devId) return &gCryptoDev[i]; } return NULL; } /* Filters through find callback set when trying to get the device, * returns the device found on success and null if not found. */ static CryptoCb* wc_CryptoCb_FindDevice(int devId, int algoType) { int localDevId = devId; #ifdef WOLF_CRYPTO_CB_FIND if (CryptoCb_FindCb != NULL) { localDevId = CryptoCb_FindCb(devId, algoType); } #endif /* WOLF_CRYPTO_CB_FIND */ (void)algoType; return wc_CryptoCb_GetDevice(localDevId); } static CryptoCb* wc_CryptoCb_FindDeviceByIndex(int startIdx) { int i; for (i=startIdx; idevId = INVALID_DEVID; } void wc_CryptoCb_Init(void) { int i; for (i = 0; i < MAX_CRYPTO_DEVID_CALLBACKS; i++) { wc_CryptoCb_ClearDev(&gCryptoDev[i]); } } void wc_CryptoCb_Cleanup(void) { int i; for (i = 0; i < MAX_CRYPTO_DEVID_CALLBACKS; i++) { if(gCryptoDev[i].devId != INVALID_DEVID) { wc_CryptoCb_UnRegisterDevice(gCryptoDev[i].devId); } } } int wc_CryptoCb_GetDevIdAtIndex(int startIdx) { int devId = INVALID_DEVID; CryptoCb* dev = wc_CryptoCb_FindDeviceByIndex(startIdx); if (dev) { devId = dev->devId; } return devId; } #ifdef WOLF_CRYPTO_CB_FIND /* Used to register a find device function. Useful for cases where the * device ID in the struct may not have been set but still wanting to use * a specific crypto callback device ID. The find callback is global and * not thread safe. */ void wc_CryptoCb_SetDeviceFindCb(CryptoDevCallbackFind cb) { CryptoCb_FindCb = cb; } #endif int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx) { int rc = 0; /* find existing or new */ CryptoCb* dev = wc_CryptoCb_GetDevice(devId); if (dev == NULL) dev = wc_CryptoCb_GetDevice(INVALID_DEVID); if (dev == NULL) return BUFFER_E; /* out of devices */ dev->devId = devId; dev->cb = cb; dev->ctx = ctx; #ifdef WOLF_CRYPTO_CB_CMD if (cb != NULL) { /* Invoke callback with register command */ wc_CryptoInfo info; XMEMSET(&info, 0, sizeof(info)); info.algo_type = WC_ALGO_TYPE_NONE; info.cmd.type = WC_CRYPTOCB_CMD_TYPE_REGISTER; info.cmd.ctx = ctx; /* cb may update on success */ rc = cb(devId, &info, ctx); if (rc == 0) { /* Success. Update dev->ctx */ dev->ctx = info.cmd.ctx; } else if ((rc == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) || (rc == WC_NO_ERR_TRACE(NOT_COMPILED_IN))) { /* Not implemented. Return success*/ rc = 0; } else { /* Error in callback register cmd. Don't register */ wc_CryptoCb_ClearDev(dev); } } #endif return rc; } void wc_CryptoCb_UnRegisterDevice(int devId) { CryptoCb* dev = NULL; /* Can't unregister the invalid device */ if (devId == INVALID_DEVID) return; /* Find the matching dev */ dev = wc_CryptoCb_GetDevice(devId); if (dev == NULL) return; #ifdef WOLF_CRYPTO_CB_CMD if (dev->cb != NULL) { /* Invoke callback with unregister command.*/ wc_CryptoInfo info; XMEMSET(&info, 0, sizeof(info)); info.algo_type = WC_ALGO_TYPE_NONE; info.cmd.type = WC_CRYPTOCB_CMD_TYPE_UNREGISTER; info.cmd.ctx = NULL; /* Not used */ /* Ignore errors here */ dev->cb(devId, &info, dev->ctx); } #endif wc_CryptoCb_ClearDev(dev); } #ifndef NO_RSA int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out, word32* outLen, int type, RsaKey* key, WC_RNG* rng) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_RSA; cryptoInfo.pk.rsa.in = in; cryptoInfo.pk.rsa.inLen = inLen; cryptoInfo.pk.rsa.out = out; cryptoInfo.pk.rsa.outLen = outLen; cryptoInfo.pk.rsa.type = type; cryptoInfo.pk.rsa.key = key; cryptoInfo.pk.rsa.rng = rng; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #ifdef WOLF_CRYPTO_CB_RSA_PAD int wc_CryptoCb_RsaPad(const byte* in, word32 inLen, byte* out, word32* outLen, int type, RsaKey* key, WC_RNG* rng, RsaPadding *padding) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; int pk_type; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (padding != NULL) { switch (padding->pad_type) { case WC_RSA_PKCSV15_PAD: pk_type = WC_PK_TYPE_RSA_PKCS; break; case WC_RSA_PSS_PAD: pk_type = WC_PK_TYPE_RSA_PSS; break; case WC_RSA_OAEP_PAD: pk_type = WC_PK_TYPE_RSA_OAEP; break; default: pk_type = WC_PK_TYPE_RSA; } } else { pk_type = WC_PK_TYPE_RSA; } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = pk_type; cryptoInfo.pk.rsa.in = in; cryptoInfo.pk.rsa.inLen = inLen; cryptoInfo.pk.rsa.out = out; cryptoInfo.pk.rsa.outLen = outLen; cryptoInfo.pk.rsa.type = type; cryptoInfo.pk.rsa.key = key; cryptoInfo.pk.rsa.rng = rng; cryptoInfo.pk.rsa.padding = padding; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLF_CRYPTO_CB_RSA_PAD */ #ifdef WOLFSSL_KEY_GEN int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_RSA_KEYGEN; cryptoInfo.pk.rsakg.key = key; cryptoInfo.pk.rsakg.size = size; cryptoInfo.pk.rsakg.e = e; cryptoInfo.pk.rsakg.rng = rng; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif int wc_CryptoCb_RsaCheckPrivKey(RsaKey* key, const byte* pubKey, word32 pubKeySz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_RSA_CHECK_PRIV_KEY; cryptoInfo.pk.rsa_check.key = key; cryptoInfo.pk.rsa_check.pubKey = pubKey; cryptoInfo.pk.rsa_check.pubKeySz = pubKeySz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_RsaGetSize(const RsaKey* key, int* keySize) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_RSA_GET_SIZE; cryptoInfo.pk.rsa_get_size.key = key; cryptoInfo.pk.rsa_get_size.keySize = keySize; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* !NO_RSA */ #ifdef HAVE_ECC #ifdef HAVE_ECC_DHE int wc_CryptoCb_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_EC_KEYGEN; cryptoInfo.pk.eckg.rng = rng; cryptoInfo.pk.eckg.size = keySize; cryptoInfo.pk.eckg.key = key; cryptoInfo.pk.eckg.curveId = curveId; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_Ecdh(ecc_key* private_key, ecc_key* public_key, byte* out, word32* outlen) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (private_key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(private_key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_ECDH; cryptoInfo.pk.ecdh.private_key = private_key; cryptoInfo.pk.ecdh.public_key = public_key; cryptoInfo.pk.ecdh.out = out; cryptoInfo.pk.ecdh.outlen = outlen; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif #ifdef HAVE_ECC_SIGN int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out, word32 *outlen, WC_RNG* rng, ecc_key* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_ECDSA_SIGN; cryptoInfo.pk.eccsign.in = in; cryptoInfo.pk.eccsign.inlen = inlen; cryptoInfo.pk.eccsign.out = out; cryptoInfo.pk.eccsign.outlen = outlen; cryptoInfo.pk.eccsign.rng = rng; cryptoInfo.pk.eccsign.key = key; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif #ifdef HAVE_ECC_VERIFY int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen, const byte* hash, word32 hashlen, int* res, ecc_key* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_ECDSA_VERIFY; cryptoInfo.pk.eccverify.sig = sig; cryptoInfo.pk.eccverify.siglen = siglen; cryptoInfo.pk.eccverify.hash = hash; cryptoInfo.pk.eccverify.hashlen = hashlen; cryptoInfo.pk.eccverify.res = res; cryptoInfo.pk.eccverify.key = key; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif #ifdef HAVE_ECC_CHECK_KEY int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey, word32 pubKeySz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_EC_CHECK_PRIV_KEY; cryptoInfo.pk.ecc_check.key = key; cryptoInfo.pk.ecc_check.pubKey = pubKey; cryptoInfo.pk.ecc_check.pubKeySz = pubKeySz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif int wc_CryptoCb_EccGetSize(const ecc_key* key, int* keySize) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_EC_GET_SIZE; cryptoInfo.pk.ecc_get_size.key = key; cryptoInfo.pk.ecc_get_size.keySize = keySize; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_EccGetSigSize(const ecc_key* key, int* sigSize) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_EC_GET_SIG_SIZE; cryptoInfo.pk.ecc_get_sig_size.key = key; cryptoInfo.pk.ecc_get_sig_size.sigSize = sigSize; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* HAVE_ECC */ #ifdef HAVE_CURVE25519 int wc_CryptoCb_Curve25519Gen(WC_RNG* rng, int keySize, curve25519_key* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_CURVE25519_KEYGEN; cryptoInfo.pk.curve25519kg.rng = rng; cryptoInfo.pk.curve25519kg.size = keySize; cryptoInfo.pk.curve25519kg.key = key; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_Curve25519(curve25519_key* private_key, curve25519_key* public_key, byte* out, word32* outlen, int endian) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (private_key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(private_key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_CURVE25519; cryptoInfo.pk.curve25519.private_key = private_key; cryptoInfo.pk.curve25519.public_key = public_key; cryptoInfo.pk.curve25519.out = out; cryptoInfo.pk.curve25519.outlen = outlen; cryptoInfo.pk.curve25519.endian = endian; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* HAVE_CURVE25519 */ #ifdef HAVE_ED25519 int wc_CryptoCb_Ed25519Gen(WC_RNG* rng, int keySize, ed25519_key* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_ED25519_KEYGEN; cryptoInfo.pk.ed25519kg.rng = rng; cryptoInfo.pk.ed25519kg.size = keySize; cryptoInfo.pk.ed25519kg.key = key; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_Ed25519Sign(const byte* in, word32 inLen, byte* out, word32 *outLen, ed25519_key* key, byte type, const byte* context, byte contextLen) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_ED25519_SIGN; cryptoInfo.pk.ed25519sign.in = in; cryptoInfo.pk.ed25519sign.inLen = inLen; cryptoInfo.pk.ed25519sign.out = out; cryptoInfo.pk.ed25519sign.outLen = outLen; cryptoInfo.pk.ed25519sign.key = key; cryptoInfo.pk.ed25519sign.type = type; cryptoInfo.pk.ed25519sign.context = context; cryptoInfo.pk.ed25519sign.contextLen = contextLen; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_Ed25519Verify(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* res, ed25519_key* key, byte type, const byte* context, byte contextLen) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (key == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_ED25519_VERIFY; cryptoInfo.pk.ed25519verify.sig = sig; cryptoInfo.pk.ed25519verify.sigLen = sigLen; cryptoInfo.pk.ed25519verify.msg = msg; cryptoInfo.pk.ed25519verify.msgLen = msgLen; cryptoInfo.pk.ed25519verify.res = res; cryptoInfo.pk.ed25519verify.key = key; cryptoInfo.pk.ed25519verify.type = type; cryptoInfo.pk.ed25519verify.context = context; cryptoInfo.pk.ed25519verify.contextLen = contextLen; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* HAVE_ED25519 */ #if defined(WOLFSSL_HAVE_LMS) || defined(WOLFSSL_HAVE_XMSS) int wc_CryptoCb_PqcStatefulSigGetDevId(int type, void* key) { int devId = INVALID_DEVID; if (key == NULL) return devId; #if defined(WOLFSSL_HAVE_LMS) if (type == WC_PQC_STATEFUL_SIG_TYPE_LMS) { devId = ((LmsKey*)key)->devId; } #endif #if defined(WOLFSSL_HAVE_XMSS) if (type == WC_PQC_STATEFUL_SIG_TYPE_XMSS) { devId = ((XmssKey*)key)->devId; } #endif return devId; } int wc_CryptoCb_PqcStatefulSigKeyGen(int type, void* key, WC_RNG* rng) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; devId = wc_CryptoCb_PqcStatefulSigGetDevId(type, key); if (devId == INVALID_DEVID) return ret; dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_STATEFUL_SIG_KEYGEN; cryptoInfo.pk.pqc_stateful_sig_kg.rng = rng; cryptoInfo.pk.pqc_stateful_sig_kg.key = key; cryptoInfo.pk.pqc_stateful_sig_kg.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_PqcStatefulSigSign(const byte* msg, word32 msgSz, byte* out, word32* outSz, int type, void* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; devId = wc_CryptoCb_PqcStatefulSigGetDevId(type, key); if (devId == INVALID_DEVID) return ret; dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_STATEFUL_SIG_SIGN; cryptoInfo.pk.pqc_stateful_sig_sign.msg = msg; cryptoInfo.pk.pqc_stateful_sig_sign.msgSz = msgSz; cryptoInfo.pk.pqc_stateful_sig_sign.out = out; cryptoInfo.pk.pqc_stateful_sig_sign.outSz = outSz; cryptoInfo.pk.pqc_stateful_sig_sign.key = key; cryptoInfo.pk.pqc_stateful_sig_sign.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_PqcStatefulSigVerify(const byte* sig, word32 sigSz, const byte* msg, word32 msgSz, int* res, int type, void* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; devId = wc_CryptoCb_PqcStatefulSigGetDevId(type, key); if (devId == INVALID_DEVID) return ret; dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_STATEFUL_SIG_VERIFY; cryptoInfo.pk.pqc_stateful_sig_verify.sig = sig; cryptoInfo.pk.pqc_stateful_sig_verify.sigSz = sigSz; cryptoInfo.pk.pqc_stateful_sig_verify.msg = msg; cryptoInfo.pk.pqc_stateful_sig_verify.msgSz = msgSz; cryptoInfo.pk.pqc_stateful_sig_verify.res = res; cryptoInfo.pk.pqc_stateful_sig_verify.key = key; cryptoInfo.pk.pqc_stateful_sig_verify.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_PqcStatefulSigSigsLeft(int type, void* key, word32* sigsLeft) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; devId = wc_CryptoCb_PqcStatefulSigGetDevId(type, key); if (devId == INVALID_DEVID) return ret; dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_STATEFUL_SIG_SIGS_LEFT; cryptoInfo.pk.pqc_stateful_sig_sigs_left.key = key; cryptoInfo.pk.pqc_stateful_sig_sigs_left.sigsLeft = sigsLeft; cryptoInfo.pk.pqc_stateful_sig_sigs_left.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLFSSL_HAVE_LMS || WOLFSSL_HAVE_XMSS */ #if defined(WOLFSSL_HAVE_MLKEM) int wc_CryptoCb_PqcKemGetDevId(int type, void* key) { int devId = INVALID_DEVID; if (key == NULL) return devId; /* get devId */ if (type == WC_PQC_KEM_TYPE_KYBER) { devId = ((KyberKey*) key)->devId; } return devId; } int wc_CryptoCb_MakePqcKemKey(WC_RNG* rng, int type, int keySize, void* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; /* get devId */ devId = wc_CryptoCb_PqcKemGetDevId(type, key); if (devId == INVALID_DEVID) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_KEM_KEYGEN; cryptoInfo.pk.pqc_kem_kg.rng = rng; cryptoInfo.pk.pqc_kem_kg.size = keySize; cryptoInfo.pk.pqc_kem_kg.key = key; cryptoInfo.pk.pqc_kem_kg.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_PqcEncapsulate(byte* ciphertext, word32 ciphertextLen, byte* sharedSecret, word32 sharedSecretLen, WC_RNG* rng, int type, void* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; /* get devId */ devId = wc_CryptoCb_PqcKemGetDevId(type, key); if (devId == INVALID_DEVID) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_KEM_ENCAPS; cryptoInfo.pk.pqc_encaps.ciphertext = ciphertext; cryptoInfo.pk.pqc_encaps.ciphertextLen = ciphertextLen; cryptoInfo.pk.pqc_encaps.sharedSecret = sharedSecret; cryptoInfo.pk.pqc_encaps.sharedSecretLen = sharedSecretLen; cryptoInfo.pk.pqc_encaps.rng = rng; cryptoInfo.pk.pqc_encaps.key = key; cryptoInfo.pk.pqc_encaps.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_PqcDecapsulate(const byte* ciphertext, word32 ciphertextLen, byte* sharedSecret, word32 sharedSecretLen, int type, void* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; /* get devId */ devId = wc_CryptoCb_PqcKemGetDevId(type, key); if (devId == INVALID_DEVID) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_KEM_DECAPS; cryptoInfo.pk.pqc_decaps.ciphertext = ciphertext; cryptoInfo.pk.pqc_decaps.ciphertextLen = ciphertextLen; cryptoInfo.pk.pqc_decaps.sharedSecret = sharedSecret; cryptoInfo.pk.pqc_decaps.sharedSecretLen = sharedSecretLen; cryptoInfo.pk.pqc_decaps.key = key; cryptoInfo.pk.pqc_decaps.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLFSSL_HAVE_MLKEM */ #if defined(HAVE_FALCON) || defined(HAVE_DILITHIUM) int wc_CryptoCb_PqcSigGetDevId(int type, void* key) { int devId = INVALID_DEVID; if (key == NULL) return devId; /* get devId */ #if defined(HAVE_DILITHIUM) if (type == WC_PQC_SIG_TYPE_DILITHIUM) { devId = ((dilithium_key*) key)->devId; } #endif #if defined(HAVE_FALCON) if (type == WC_PQC_SIG_TYPE_FALCON) { devId = ((falcon_key*) key)->devId; } #endif return devId; } int wc_CryptoCb_MakePqcSignatureKey(WC_RNG* rng, int type, int keySize, void* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; /* get devId */ devId = wc_CryptoCb_PqcSigGetDevId(type, key); if (devId == INVALID_DEVID) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_SIG_KEYGEN; cryptoInfo.pk.pqc_sig_kg.rng = rng; cryptoInfo.pk.pqc_sig_kg.size = keySize; cryptoInfo.pk.pqc_sig_kg.key = key; cryptoInfo.pk.pqc_sig_kg.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_PqcSign(const byte* in, word32 inlen, byte* out, word32 *outlen, const byte* context, byte contextLen, word32 preHashType, WC_RNG* rng, int type, void* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; /* get devId */ devId = wc_CryptoCb_PqcSigGetDevId(type, key); if (devId == INVALID_DEVID) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_SIG_SIGN; cryptoInfo.pk.pqc_sign.in = in; cryptoInfo.pk.pqc_sign.inlen = inlen; cryptoInfo.pk.pqc_sign.out = out; cryptoInfo.pk.pqc_sign.outlen = outlen; cryptoInfo.pk.pqc_sign.context = context; cryptoInfo.pk.pqc_sign.contextLen = contextLen; cryptoInfo.pk.pqc_sign.preHashType = preHashType; cryptoInfo.pk.pqc_sign.rng = rng; cryptoInfo.pk.pqc_sign.key = key; cryptoInfo.pk.pqc_sign.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_PqcVerify(const byte* sig, word32 siglen, const byte* msg, word32 msglen, const byte* context, byte contextLen, word32 preHashType, int* res, int type, void* key) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; /* get devId */ devId = wc_CryptoCb_PqcSigGetDevId(type, key); if (devId == INVALID_DEVID) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_SIG_VERIFY; cryptoInfo.pk.pqc_verify.sig = sig; cryptoInfo.pk.pqc_verify.siglen = siglen; cryptoInfo.pk.pqc_verify.msg = msg; cryptoInfo.pk.pqc_verify.msglen = msglen; cryptoInfo.pk.pqc_verify.context = context; cryptoInfo.pk.pqc_verify.contextLen = contextLen; cryptoInfo.pk.pqc_verify.preHashType = preHashType; cryptoInfo.pk.pqc_verify.res = res; cryptoInfo.pk.pqc_verify.key = key; cryptoInfo.pk.pqc_verify.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_PqcSignatureCheckPrivKey(void* key, int type, const byte* pubKey, word32 pubKeySz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int devId = INVALID_DEVID; CryptoCb* dev; if (key == NULL) return ret; /* get devId */ devId = wc_CryptoCb_PqcSigGetDevId(type, key); if (devId == INVALID_DEVID) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_PK); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_PK; cryptoInfo.pk.type = WC_PK_TYPE_PQC_SIG_CHECK_PRIV_KEY; cryptoInfo.pk.pqc_sig_check.key = key; cryptoInfo.pk.pqc_sig_check.pubKey = pubKey; cryptoInfo.pk.pqc_sig_check.pubKeySz = pubKeySz; cryptoInfo.pk.pqc_sig_check.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* HAVE_FALCON || HAVE_DILITHIUM */ #ifndef NO_AES #ifdef HAVE_AESGCM int wc_CryptoCb_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (aes) { dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_AES_GCM; cryptoInfo.cipher.enc = 1; cryptoInfo.cipher.aesgcm_enc.aes = aes; cryptoInfo.cipher.aesgcm_enc.out = out; cryptoInfo.cipher.aesgcm_enc.in = in; cryptoInfo.cipher.aesgcm_enc.sz = sz; cryptoInfo.cipher.aesgcm_enc.iv = iv; cryptoInfo.cipher.aesgcm_enc.ivSz = ivSz; cryptoInfo.cipher.aesgcm_enc.authTag = authTag; cryptoInfo.cipher.aesgcm_enc.authTagSz = authTagSz; cryptoInfo.cipher.aesgcm_enc.authIn = authIn; cryptoInfo.cipher.aesgcm_enc.authInSz = authInSz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (aes) { dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_AES_GCM; cryptoInfo.cipher.enc = 0; cryptoInfo.cipher.aesgcm_dec.aes = aes; cryptoInfo.cipher.aesgcm_dec.out = out; cryptoInfo.cipher.aesgcm_dec.in = in; cryptoInfo.cipher.aesgcm_dec.sz = sz; cryptoInfo.cipher.aesgcm_dec.iv = iv; cryptoInfo.cipher.aesgcm_dec.ivSz = ivSz; cryptoInfo.cipher.aesgcm_dec.authTag = authTag; cryptoInfo.cipher.aesgcm_dec.authTagSz = authTagSz; cryptoInfo.cipher.aesgcm_dec.authIn = authIn; cryptoInfo.cipher.aesgcm_dec.authInSz = authInSz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* HAVE_AESGCM */ #ifdef HAVE_AESCCM int wc_CryptoCb_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, const byte* nonce, word32 nonceSz, byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (aes) { dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_AES_CCM; cryptoInfo.cipher.enc = 1; cryptoInfo.cipher.aesccm_enc.aes = aes; cryptoInfo.cipher.aesccm_enc.out = out; cryptoInfo.cipher.aesccm_enc.in = in; cryptoInfo.cipher.aesccm_enc.sz = sz; cryptoInfo.cipher.aesccm_enc.nonce = nonce; cryptoInfo.cipher.aesccm_enc.nonceSz = nonceSz; cryptoInfo.cipher.aesccm_enc.authTag = authTag; cryptoInfo.cipher.aesccm_enc.authTagSz = authTagSz; cryptoInfo.cipher.aesccm_enc.authIn = authIn; cryptoInfo.cipher.aesccm_enc.authInSz = authInSz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, const byte* nonce, word32 nonceSz, const byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (aes) { dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_AES_CCM; cryptoInfo.cipher.enc = 0; cryptoInfo.cipher.aesccm_dec.aes = aes; cryptoInfo.cipher.aesccm_dec.out = out; cryptoInfo.cipher.aesccm_dec.in = in; cryptoInfo.cipher.aesccm_dec.sz = sz; cryptoInfo.cipher.aesccm_dec.nonce = nonce; cryptoInfo.cipher.aesccm_dec.nonceSz = nonceSz; cryptoInfo.cipher.aesccm_dec.authTag = authTag; cryptoInfo.cipher.aesccm_dec.authTagSz = authTagSz; cryptoInfo.cipher.aesccm_dec.authIn = authIn; cryptoInfo.cipher.aesccm_dec.authInSz = authInSz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* HAVE_AESCCM */ #ifdef HAVE_AES_CBC int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (aes) { dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_AES_CBC; cryptoInfo.cipher.enc = 1; cryptoInfo.cipher.aescbc.aes = aes; cryptoInfo.cipher.aescbc.out = out; cryptoInfo.cipher.aescbc.in = in; cryptoInfo.cipher.aescbc.sz = sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (aes) { dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_AES_CBC; cryptoInfo.cipher.enc = 0; cryptoInfo.cipher.aescbc.aes = aes; cryptoInfo.cipher.aescbc.out = out; cryptoInfo.cipher.aescbc.in = in; cryptoInfo.cipher.aescbc.sz = sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* HAVE_AES_CBC */ #ifdef WOLFSSL_AES_COUNTER int wc_CryptoCb_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (aes) { dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_AES_CTR; cryptoInfo.cipher.enc = 1; cryptoInfo.cipher.aesctr.aes = aes; cryptoInfo.cipher.aesctr.out = out; cryptoInfo.cipher.aesctr.in = in; cryptoInfo.cipher.aesctr.sz = sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLFSSL_AES_COUNTER */ #if defined(HAVE_AES_ECB) || defined(WOLFSSL_AES_DIRECT) || \ defined(WOLF_CRYPTO_CB_ONLY_AES) int wc_CryptoCb_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (aes) { dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_AES_ECB; cryptoInfo.cipher.enc = 1; cryptoInfo.cipher.aesecb.aes = aes; cryptoInfo.cipher.aesecb.out = out; cryptoInfo.cipher.aesecb.in = in; cryptoInfo.cipher.aesecb.sz = sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (aes) { dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_AES_ECB; cryptoInfo.cipher.enc = 0; cryptoInfo.cipher.aesecb.aes = aes; cryptoInfo.cipher.aesecb.out = out; cryptoInfo.cipher.aesecb.in = in; cryptoInfo.cipher.aesecb.sz = sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* HAVE_AES_ECB || WOLFSSL_AES_DIRECT || WOLF_CRYPTO_CB_ONLY_AES */ #ifdef WOLF_CRYPTO_CB_AES_SETKEY int wc_CryptoCb_AesSetKey(Aes* aes, const byte* key, word32 keySz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (aes == NULL || key == NULL) return BAD_FUNC_ARG; if (aes->devId == INVALID_DEVID) return CRYPTOCB_UNAVAILABLE; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(aes->devId, WC_ALGO_TYPE_CIPHER); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_AES; cryptoInfo.cipher.aessetkey.aes = aes; cryptoInfo.cipher.aessetkey.key = key; cryptoInfo.cipher.aessetkey.keySz = keySz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLF_CRYPTO_CB_AES_SETKEY */ #endif /* !NO_AES */ #ifndef NO_DES3 int wc_CryptoCb_Des3Encrypt(Des3* des3, byte* out, const byte* in, word32 sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (des3) { dev = wc_CryptoCb_FindDevice(des3->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_DES3; cryptoInfo.cipher.enc = 1; cryptoInfo.cipher.des3.des = des3; cryptoInfo.cipher.des3.out = out; cryptoInfo.cipher.des3.in = in; cryptoInfo.cipher.des3.sz = sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_Des3Decrypt(Des3* des3, byte* out, const byte* in, word32 sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (des3) { dev = wc_CryptoCb_FindDevice(des3->devId, WC_ALGO_TYPE_CIPHER); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; cryptoInfo.cipher.type = WC_CIPHER_DES3; cryptoInfo.cipher.enc = 0; cryptoInfo.cipher.des3.des = des3; cryptoInfo.cipher.des3.out = out; cryptoInfo.cipher.des3.in = in; cryptoInfo.cipher.des3.sz = sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* !NO_DES3 */ #ifndef NO_SHA int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in, word32 inSz, byte* digest) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (sha) { dev = wc_CryptoCb_FindDevice(sha->devId, WC_ALGO_TYPE_HASH); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_HASH; cryptoInfo.hash.type = WC_HASH_TYPE_SHA; cryptoInfo.hash.sha1 = sha; cryptoInfo.hash.in = in; cryptoInfo.hash.inSz = inSz; cryptoInfo.hash.digest = digest; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* !NO_SHA */ #ifdef WOLFSSL_SHA224 int wc_CryptoCb_Sha224Hash(wc_Sha224* sha224, const byte* in, word32 inSz, byte* digest) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (sha224) { dev = wc_CryptoCb_FindDevice(sha224->devId, WC_ALGO_TYPE_HASH); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_HASH; cryptoInfo.hash.type = WC_HASH_TYPE_SHA224; cryptoInfo.hash.sha224 = sha224; cryptoInfo.hash.in = in; cryptoInfo.hash.inSz = inSz; cryptoInfo.hash.digest = digest; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLFSSL_SHA224 */ #ifndef NO_SHA256 int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in, word32 inSz, byte* digest) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (sha256) { dev = wc_CryptoCb_FindDevice(sha256->devId, WC_ALGO_TYPE_HASH); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_HASH; cryptoInfo.hash.type = WC_HASH_TYPE_SHA256; cryptoInfo.hash.sha256 = sha256; cryptoInfo.hash.in = in; cryptoInfo.hash.inSz = inSz; cryptoInfo.hash.digest = digest; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* !NO_SHA256 */ #ifdef WOLFSSL_SHA384 int wc_CryptoCb_Sha384Hash(wc_Sha384* sha384, const byte* in, word32 inSz, byte* digest) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ #ifndef NO_SHA2_CRYPTO_CB if (sha384) { dev = wc_CryptoCb_FindDevice(sha384->devId, WC_ALGO_TYPE_HASH); } else #endif { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_HASH; cryptoInfo.hash.type = WC_HASH_TYPE_SHA384; cryptoInfo.hash.sha384 = sha384; cryptoInfo.hash.in = in; cryptoInfo.hash.inSz = inSz; cryptoInfo.hash.digest = digest; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLFSSL_SHA384 */ #ifdef WOLFSSL_SHA512 int wc_CryptoCb_Sha512Hash(wc_Sha512* sha512, const byte* in, word32 inSz, byte* digest, size_t digestSz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ #ifndef NO_SHA2_CRYPTO_CB if (sha512) { dev = wc_CryptoCb_FindDevice(sha512->devId, WC_ALGO_TYPE_HASH); } else #endif { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { byte localHash[WC_SHA512_DIGEST_SIZE]; wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_HASH; cryptoInfo.hash.sha512 = sha512; cryptoInfo.hash.in = in; cryptoInfo.hash.inSz = inSz; cryptoInfo.hash.digest = digest; /* try the specific family callbacks first */ #if !defined(WOLFSSL_NOSHA512_224) if (digest != NULL && digestSz == WC_SHA512_224_DIGEST_SIZE) { cryptoInfo.hash.type = WC_HASH_TYPE_SHA512_224; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); ret = wc_CryptoCb_TranslateErrorCode(ret); if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) return ret; } #endif #if !defined(WOLFSSL_NOSHA512_256) if (digest != NULL && digestSz == WC_SHA512_256_DIGEST_SIZE) { cryptoInfo.hash.type = WC_HASH_TYPE_SHA512_256; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); ret = wc_CryptoCb_TranslateErrorCode(ret); if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) return ret; } #endif cryptoInfo.hash.type = WC_HASH_TYPE_SHA512; /* use local buffer if not full size */ if (digest != NULL && digestSz != WC_SHA512_DIGEST_SIZE) cryptoInfo.hash.digest = localHash; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); ret = wc_CryptoCb_TranslateErrorCode(ret); if (ret == 0 && digest != NULL && digestSz != WC_SHA512_DIGEST_SIZE) XMEMCPY(digest, localHash, digestSz); return ret; } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLFSSL_SHA512 */ #if defined(WOLFSSL_SHA3) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(6, 0)) int wc_CryptoCb_Sha3Hash(wc_Sha3* sha3, int type, const byte* in, word32 inSz, byte* digest) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (sha3) { dev = wc_CryptoCb_FindDevice(sha3->devId, WC_ALGO_TYPE_HASH); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_HASH; cryptoInfo.hash.type = type; cryptoInfo.hash.sha3 = sha3; cryptoInfo.hash.in = in; cryptoInfo.hash.inSz = inSz; cryptoInfo.hash.digest = digest; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLFSSL_SHA3 && (!HAVE_FIPS || FIPS_VERSION_GE(6, 0)) */ #ifndef NO_HMAC int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in, word32 inSz, byte* digest) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (hmac == NULL) return ret; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(hmac->devId, WC_ALGO_TYPE_HMAC); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_HMAC; cryptoInfo.hmac.macType = macType; cryptoInfo.hmac.in = in; cryptoInfo.hmac.inSz = inSz; cryptoInfo.hmac.digest = digest; cryptoInfo.hmac.hmac = hmac; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* !NO_HMAC */ #ifndef WC_NO_RNG int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (rng) { dev = wc_CryptoCb_FindDevice(rng->devId, WC_ALGO_TYPE_RNG); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_RNG; cryptoInfo.rng.rng = rng; cryptoInfo.rng.out = out; cryptoInfo.rng.sz = sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(os->devId, WC_ALGO_TYPE_SEED); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_SEED; cryptoInfo.seed.os = os; cryptoInfo.seed.seed = seed; cryptoInfo.seed.sz = sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* !WC_NO_RNG */ #ifndef NO_CERTS int wc_CryptoCb_GetCert(int devId, const char *label, word32 labelLen, const byte *id, word32 idLen, byte** out, word32* outSz, int *format, void *heap) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_CERT); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CERT; cryptoInfo.cert.label = label; cryptoInfo.cert.labelLen = labelLen; cryptoInfo.cert.id = id; cryptoInfo.cert.idLen = idLen; cryptoInfo.cert.heap = heap; cryptoInfo.cert.certDataOut = out; cryptoInfo.cert.certSz = outSz; cryptoInfo.cert.certFormatOut = format; cryptoInfo.cert.heap = heap; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* ifndef NO_CERTS */ #if defined(WOLFSSL_CMAC) int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz, const byte* in, word32 inSz, byte* out, word32* outSz, int type, void* ctx) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* locate registered callback */ if (cmac) { dev = wc_CryptoCb_FindDevice(cmac->devId, WC_ALGO_TYPE_CMAC); } else { /* locate first callback and try using it */ dev = wc_CryptoCb_FindDeviceByIndex(0); } if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_CMAC; cryptoInfo.cmac.cmac = cmac; cryptoInfo.cmac.ctx = ctx; cryptoInfo.cmac.key = key; cryptoInfo.cmac.in = in; cryptoInfo.cmac.out = out; cryptoInfo.cmac.outSz = outSz; cryptoInfo.cmac.keySz = keySz; cryptoInfo.cmac.inSz = inSz; cryptoInfo.cmac.type = type; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLFSSL_CMAC */ #ifdef WOLFSSL_SHE int wc_CryptoCb_SheGetUid(wc_SHE* she, byte* uid, word32 uidSz, const void* ctx) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (she == NULL) { return BAD_FUNC_ARG; } /* locate registered callback */ dev = wc_CryptoCb_FindDevice(she->devId, WC_ALGO_TYPE_SHE); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_SHE; cryptoInfo.she.she = she; cryptoInfo.she.type = WC_SHE_GET_UID; cryptoInfo.she.ctx = ctx; cryptoInfo.she.op.getUid.uid = uid; cryptoInfo.she.op.getUid.uidSz = uidSz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_SheGetCounter(wc_SHE* she, word32* counter, const void* ctx) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (she == NULL || counter == NULL) { return BAD_FUNC_ARG; } dev = wc_CryptoCb_FindDevice(she->devId, WC_ALGO_TYPE_SHE); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_SHE; cryptoInfo.she.she = she; cryptoInfo.she.type = WC_SHE_GET_COUNTER; cryptoInfo.she.ctx = ctx; cryptoInfo.she.op.getCounter.counter = counter; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_SheGenerateM1M2M3(wc_SHE* she, const byte* uid, word32 uidSz, byte authKeyId, const byte* authKey, word32 authKeySz, byte targetKeyId, const byte* newKey, word32 newKeySz, word32 counter, byte flags, byte* m1, word32 m1Sz, byte* m2, word32 m2Sz, byte* m3, word32 m3Sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (she == NULL) { return BAD_FUNC_ARG; } dev = wc_CryptoCb_FindDevice(she->devId, WC_ALGO_TYPE_SHE); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_SHE; cryptoInfo.she.she = she; cryptoInfo.she.type = WC_SHE_GENERATE_M1M2M3; cryptoInfo.she.op.generateM1M2M3.uid = uid; cryptoInfo.she.op.generateM1M2M3.uidSz = uidSz; cryptoInfo.she.op.generateM1M2M3.authKeyId = authKeyId; cryptoInfo.she.op.generateM1M2M3.authKey = authKey; cryptoInfo.she.op.generateM1M2M3.authKeySz = authKeySz; cryptoInfo.she.op.generateM1M2M3.targetKeyId = targetKeyId; cryptoInfo.she.op.generateM1M2M3.newKey = newKey; cryptoInfo.she.op.generateM1M2M3.newKeySz = newKeySz; cryptoInfo.she.op.generateM1M2M3.counter = counter; cryptoInfo.she.op.generateM1M2M3.flags = flags; cryptoInfo.she.op.generateM1M2M3.m1 = m1; cryptoInfo.she.op.generateM1M2M3.m1Sz = m1Sz; cryptoInfo.she.op.generateM1M2M3.m2 = m2; cryptoInfo.she.op.generateM1M2M3.m2Sz = m2Sz; cryptoInfo.she.op.generateM1M2M3.m3 = m3; cryptoInfo.she.op.generateM1M2M3.m3Sz = m3Sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_SheGenerateM4M5(wc_SHE* she, const byte* uid, word32 uidSz, byte authKeyId, byte targetKeyId, const byte* newKey, word32 newKeySz, word32 counter, byte* m4, word32 m4Sz, byte* m5, word32 m5Sz) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (she == NULL) { return BAD_FUNC_ARG; } dev = wc_CryptoCb_FindDevice(she->devId, WC_ALGO_TYPE_SHE); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_SHE; cryptoInfo.she.she = she; cryptoInfo.she.type = WC_SHE_GENERATE_M4M5; cryptoInfo.she.op.generateM4M5.uid = uid; cryptoInfo.she.op.generateM4M5.uidSz = uidSz; cryptoInfo.she.op.generateM4M5.authKeyId = authKeyId; cryptoInfo.she.op.generateM4M5.targetKeyId = targetKeyId; cryptoInfo.she.op.generateM4M5.newKey = newKey; cryptoInfo.she.op.generateM4M5.newKeySz = newKeySz; cryptoInfo.she.op.generateM4M5.counter = counter; cryptoInfo.she.op.generateM4M5.m4 = m4; cryptoInfo.she.op.generateM4M5.m4Sz = m4Sz; cryptoInfo.she.op.generateM4M5.m5 = m5; cryptoInfo.she.op.generateM4M5.m5Sz = m5Sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } int wc_CryptoCb_SheExportKey(wc_SHE* she, byte* m1, word32 m1Sz, byte* m2, word32 m2Sz, byte* m3, word32 m3Sz, byte* m4, word32 m4Sz, byte* m5, word32 m5Sz, const void* ctx) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; if (she == NULL) { return BAD_FUNC_ARG; } dev = wc_CryptoCb_FindDevice(she->devId, WC_ALGO_TYPE_SHE); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_SHE; cryptoInfo.she.she = she; cryptoInfo.she.type = WC_SHE_EXPORT_KEY; cryptoInfo.she.ctx = ctx; cryptoInfo.she.op.exportKey.m1 = m1; cryptoInfo.she.op.exportKey.m1Sz = m1Sz; cryptoInfo.she.op.exportKey.m2 = m2; cryptoInfo.she.op.exportKey.m2Sz = m2Sz; cryptoInfo.she.op.exportKey.m3 = m3; cryptoInfo.she.op.exportKey.m3Sz = m3Sz; cryptoInfo.she.op.exportKey.m4 = m4; cryptoInfo.she.op.exportKey.m4Sz = m4Sz; cryptoInfo.she.op.exportKey.m5 = m5; cryptoInfo.she.op.exportKey.m5Sz = m5Sz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLFSSL_SHE */ /* returns the default dev id for the current build */ int wc_CryptoCb_DefaultDevID(void) { int ret; /* Explicitly disable the "default devId" behavior. Ensures that any devId * will only be used if explicitly passed as an argument to crypto functions, * and never automatically selected. */ #ifdef WC_NO_DEFAULT_DEVID ret = INVALID_DEVID; #else /* conditional macro selection based on build */ #ifdef WOLFSSL_CAAM_DEVID ret = WOLFSSL_CAAM_DEVID; #elif defined(HAVE_ARIA) ret = WOLFSSL_ARIA_DEVID; #elif defined(WC_USE_DEVID) ret = WC_USE_DEVID; #else /* try first available */ ret = wc_CryptoCb_GetDevIdAtIndex(0); #endif #endif /* WC_NO_DEFAULT_DEVID */ return ret; } #if defined(HAVE_HKDF) && !defined(NO_HMAC) int wc_CryptoCb_Hkdf(int hashType, const byte* inKey, word32 inKeySz, const byte* salt, word32 saltSz, const byte* info, word32 infoSz, byte* out, word32 outSz, int devId) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* Find registered callback device */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_KDF); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_KDF; cryptoInfo.kdf.type = WC_KDF_TYPE_HKDF; cryptoInfo.kdf.hkdf.hashType = hashType; cryptoInfo.kdf.hkdf.inKey = inKey; cryptoInfo.kdf.hkdf.inKeySz = inKeySz; cryptoInfo.kdf.hkdf.salt = salt; cryptoInfo.kdf.hkdf.saltSz = saltSz; cryptoInfo.kdf.hkdf.info = info; cryptoInfo.kdf.hkdf.infoSz = infoSz; cryptoInfo.kdf.hkdf.out = out; cryptoInfo.kdf.hkdf.outSz = outSz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* HAVE_HKDF && !NO_HMAC */ #ifdef WOLF_CRYPTO_CB_COPY /* General copy callback function for algorithm structures * devId: The device ID to use for the callback * algo: Algorithm type (enum wc_AlgoType) - WC_ALGO_TYPE_HASH, * WC_ALGO_TYPE_CIPHER, etc * type: Specific type - for HASH: enum wc_HashType, for CIPHER: * enum wc_CipherType * src: Pointer to source structure * dst: Pointer to destination structure * Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not * handled */ int wc_CryptoCb_Copy(int devId, int algo, int type, void* src, void* dst) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* Find registered callback device */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_COPY); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_COPY; cryptoInfo.copy.algo = algo; cryptoInfo.copy.type = type; cryptoInfo.copy.src = src; cryptoInfo.copy.dst = dst; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLF_CRYPTO_CB_COPY */ #ifdef WOLF_CRYPTO_CB_FREE /* General free callback function for algorithm structures * devId: The device ID to use for the callback * algo: Algorithm type (enum wc_AlgoType) - WC_ALGO_TYPE_HASH, * WC_ALGO_TYPE_CIPHER, etc * type: Specific type - for HASH: enum wc_HashType, for CIPHER: * enum wc_CipherType * subType: Specific subtype - for PQC: enum wc_PqcKemType, * enum wc_PqcSignatureType * obj: Pointer to object structure to free * Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not * handled */ int wc_CryptoCb_Free(int devId, int algo, int type, int subType, void* obj) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* Find registered callback device */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_FREE); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_FREE; cryptoInfo.free.algo = algo; cryptoInfo.free.type = type; cryptoInfo.free.subType = subType; cryptoInfo.free.obj = obj; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLF_CRYPTO_CB_FREE */ #ifdef WOLF_CRYPTO_CB_SETKEY /* Generic SetKey callback for importing keys into hardware. * devId: Device ID for the registered callback * type: enum wc_SetKeyType (AES, HMAC, RSA_PUB, RSA_PRIV, ECC_PUB, ECC_PRIV) * obj: Context struct being operated on (Aes*, Hmac*, RsaKey*, ecc_key*) * key: Key material: raw bytes (AES/HMAC) or temp struct to export from (RSA/ECC) * keySz: Key size in bytes (0 when key is a struct pointer) * aux: Auxiliary data (IV, etc.) or NULL * auxSz: Aux data size, 0 if unused * flags: AES: direction (AES_ENCRYPTION/DECRYPTION). Others: 0 * Returns: 0 on success, CRYPTOCB_UNAVAILABLE if not handled, negative on error */ int wc_CryptoCb_SetKey(int devId, int type, void* obj, void* key, word32 keySz, void* aux, word32 auxSz, int flags) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* Find registered callback device */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_SETKEY); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_SETKEY; cryptoInfo.setkey.type = type; cryptoInfo.setkey.obj = obj; cryptoInfo.setkey.key = key; cryptoInfo.setkey.keySz = keySz; cryptoInfo.setkey.aux = aux; cryptoInfo.setkey.auxSz = auxSz; cryptoInfo.setkey.flags = flags; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLF_CRYPTO_CB_SETKEY */ #ifdef WOLF_CRYPTO_CB_EXPORT_KEY /* Generic ExportKey callback for exporting key material from hardware. * devId: Device ID for the registered callback * type: enum wc_PkType (WC_PK_TYPE_RSA, WC_PK_TYPE_ECDSA, etc.) * obj: Hardware key object (has devCtx, id[], etc.) * out: Software key object to fill (same type as obj, caller-allocated) * The callback exports from hardware into the software key. The caller then * uses normal software export functions on 'out' and frees it. * Returns: 0 on success, CRYPTOCB_UNAVAILABLE if not handled, negative on error */ int wc_CryptoCb_ExportKey(int devId, int type, const void* obj, void* out) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_EXPORT_KEY); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_EXPORT_KEY; cryptoInfo.export_key.type = type; cryptoInfo.export_key.obj = obj; cryptoInfo.export_key.out = out; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* WOLF_CRYPTO_CB_EXPORT_KEY */ #if defined(HAVE_CMAC_KDF) /* Crypto callback for NIST SP 800 56C two-step CMAC KDF. See software * implementation in wc_KDA_KDF_twostep_cmac for more comments. * */ int wc_CryptoCb_Kdf_TwostepCmac(const byte * salt, word32 saltSz, const byte* z, word32 zSz, const byte* fixedInfo, word32 fixedInfoSz, byte* output, word32 outputSz, int devId) { int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); CryptoCb* dev; /* Find registered callback device */ dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_KDF); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); cryptoInfo.algo_type = WC_ALGO_TYPE_KDF; cryptoInfo.kdf.type = WC_KDF_TYPE_TWOSTEP_CMAC; cryptoInfo.kdf.twostep_cmac.salt = salt; cryptoInfo.kdf.twostep_cmac.saltSz = saltSz; cryptoInfo.kdf.twostep_cmac.z = z; cryptoInfo.kdf.twostep_cmac.zSz = zSz; cryptoInfo.kdf.twostep_cmac.fixedInfo = fixedInfo; cryptoInfo.kdf.twostep_cmac.fixedInfoSz = fixedInfoSz; cryptoInfo.kdf.twostep_cmac.out = output; cryptoInfo.kdf.twostep_cmac.outSz = outputSz; ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); } return wc_CryptoCb_TranslateErrorCode(ret); } #endif /* HAVE_CMAC_KDF */ #endif /* WOLF_CRYPTO_CB */