add cavium RSA to ctaocrypt
This commit is contained in:
parent
d799898a36
commit
01703281cc
@ -650,6 +650,10 @@ void bench_rsa(void)
|
||||
bytes = fread(tmp, 1, sizeof(tmp), file);
|
||||
#endif /* USE_CERT_BUFFERS */
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (RsaInitCavium(&rsaKey, CAVIUM_DEV_ID) != 0)
|
||||
printf("RSA init cavium failed\n");
|
||||
#endif
|
||||
InitRng(&rng);
|
||||
InitRsaKey(&rsaKey, 0);
|
||||
bytes = RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes);
|
||||
@ -684,6 +688,9 @@ void bench_rsa(void)
|
||||
fclose(file);
|
||||
#endif
|
||||
FreeRsaKey(&rsaKey);
|
||||
#ifdef HAVE_CAVIUM
|
||||
RsaFreeCavium(&rsaKey);
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -531,11 +531,78 @@ static int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
|
||||
|
||||
#ifndef NO_RSA
|
||||
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
|
||||
static int GetCaviumInt(byte** buff, word16* buffSz, const byte* input,
|
||||
word32* inOutIdx, word32 maxIdx, void* heap)
|
||||
{
|
||||
word32 i = *inOutIdx;
|
||||
byte b = input[i++];
|
||||
int length;
|
||||
|
||||
if (b != ASN_INTEGER)
|
||||
return ASN_PARSE_E;
|
||||
|
||||
if (GetLength(input, &i, &length, maxIdx) < 0)
|
||||
return ASN_PARSE_E;
|
||||
|
||||
if ( (b = input[i++]) == 0x00)
|
||||
length--;
|
||||
else
|
||||
i--;
|
||||
|
||||
*buffSz = (word16)length;
|
||||
*buff = XMALLOC(*buffSz, heap, DYNAMIC_TYPE_CAVIUM_RSA);
|
||||
if (*buff == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
XMEMCPY(*buff, input + i, *buffSz);
|
||||
|
||||
*inOutIdx = i + length;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int CaviumRsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
|
||||
RsaKey* key, word32 inSz)
|
||||
{
|
||||
int version, length;
|
||||
void* h = key->heap;
|
||||
|
||||
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
|
||||
return ASN_PARSE_E;
|
||||
|
||||
if (GetMyVersion(input, inOutIdx, &version) < 0)
|
||||
return ASN_PARSE_E;
|
||||
|
||||
key->type = RSA_PRIVATE;
|
||||
|
||||
if (GetCaviumInt(&key->c_n, &key->c_nSz, input, inOutIdx, inSz, h) < 0 ||
|
||||
GetCaviumInt(&key->c_e, &key->c_eSz, input, inOutIdx, inSz, h) < 0 ||
|
||||
GetCaviumInt(&key->c_d, &key->c_dSz, input, inOutIdx, inSz, h) < 0 ||
|
||||
GetCaviumInt(&key->c_p, &key->c_pSz, input, inOutIdx, inSz, h) < 0 ||
|
||||
GetCaviumInt(&key->c_q, &key->c_qSz, input, inOutIdx, inSz, h) < 0 ||
|
||||
GetCaviumInt(&key->c_dP, &key->c_dP_Sz, input, inOutIdx, inSz, h) < 0 ||
|
||||
GetCaviumInt(&key->c_dQ, &key->c_dQ_Sz, input, inOutIdx, inSz, h) < 0 ||
|
||||
GetCaviumInt(&key->c_u, &key->c_uSz, input, inOutIdx, inSz, h) < 0 )
|
||||
return ASN_RSA_KEY_E;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
#endif /* HAVE_CAVIUM */
|
||||
|
||||
int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
|
||||
word32 inSz)
|
||||
{
|
||||
int version, length;
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
|
||||
return CaviumRsaPrivateKeyDecode(input, inOutIdx, key, inSz);
|
||||
#endif
|
||||
|
||||
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
|
||||
return ASN_PARSE_E;
|
||||
|
||||
|
@ -39,6 +39,18 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
static void InitCaviumRsaKey(RsaKey* key, void* heap);
|
||||
static void FreeCaviumRsaKey(RsaKey* key);
|
||||
static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key);
|
||||
static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key);
|
||||
static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key);
|
||||
static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key);
|
||||
#endif
|
||||
|
||||
enum {
|
||||
RSA_PUBLIC_ENCRYPT = 0,
|
||||
@ -58,6 +70,11 @@ enum {
|
||||
|
||||
void InitRsaKey(RsaKey* key, void* heap)
|
||||
{
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
|
||||
return InitCaviumRsaKey(key, heap);
|
||||
#endif
|
||||
|
||||
key->type = -1; /* haven't decided yet */
|
||||
key->heap = heap;
|
||||
|
||||
@ -75,6 +92,12 @@ void InitRsaKey(RsaKey* key, void* heap)
|
||||
void FreeRsaKey(RsaKey* key)
|
||||
{
|
||||
(void)key;
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
|
||||
return FreeCaviumRsaKey(key);
|
||||
#endif
|
||||
|
||||
/* TomsFastMath doesn't use memory allocation */
|
||||
#ifndef USE_FAST_MATH
|
||||
if (key->type == RSA_PRIVATE) {
|
||||
@ -249,8 +272,14 @@ done:
|
||||
int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
|
||||
RsaKey* key, RNG* rng)
|
||||
{
|
||||
int sz = mp_unsigned_bin_size(&key->n), ret;
|
||||
int sz, ret;
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
|
||||
return CaviumRsaPublicEncrypt(in, inLen, out, outLen, key);
|
||||
#endif
|
||||
|
||||
sz = mp_unsigned_bin_size(&key->n);
|
||||
if (sz > (int)outLen)
|
||||
return RSA_BUFFER_E;
|
||||
|
||||
@ -270,6 +299,15 @@ int RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key)
|
||||
{
|
||||
int plainLen, ret;
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) {
|
||||
ret = CaviumRsaPrivateDecrypt(in, inLen, in, inLen, key);
|
||||
if (ret > 0)
|
||||
*out = in;
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
if ((ret = RsaFunction(in, inLen, in, &inLen, RSA_PRIVATE_DECRYPT, key))
|
||||
< 0) {
|
||||
return ret;
|
||||
@ -288,6 +326,11 @@ int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
|
||||
byte* tmp;
|
||||
byte* pad = 0;
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
|
||||
return CaviumRsaPrivateDecrypt(in, inLen, out, outLen, key);
|
||||
#endif
|
||||
|
||||
tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
|
||||
if (tmp == NULL) {
|
||||
return MEMORY_E;
|
||||
@ -316,6 +359,15 @@ int RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
|
||||
{
|
||||
int plainLen, ret;
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) {
|
||||
ret = CaviumRsaSSL_Verify(in, inLen, in, inLen, key);
|
||||
if (ret > 0)
|
||||
*out = in;
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
if ((ret = RsaFunction(in, inLen, in, &inLen, RSA_PUBLIC_DECRYPT, key))
|
||||
< 0) {
|
||||
return ret;
|
||||
@ -334,6 +386,11 @@ int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
|
||||
byte* tmp;
|
||||
byte* pad = 0;
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
|
||||
return CaviumRsaSSL_Verify(in, inLen, out, outLen, key);
|
||||
#endif
|
||||
|
||||
tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
|
||||
if (tmp == NULL) {
|
||||
return MEMORY_E;
|
||||
@ -362,8 +419,14 @@ int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
|
||||
int RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
|
||||
RsaKey* key, RNG* rng)
|
||||
{
|
||||
int sz = mp_unsigned_bin_size(&key->n), ret;
|
||||
int sz, ret;
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
|
||||
return CaviumRsaSSL_Sign(in, inLen, out, outLen, key);
|
||||
#endif
|
||||
|
||||
sz = mp_unsigned_bin_size(&key->n);
|
||||
if (sz > (int)outLen)
|
||||
return RSA_BUFFER_E;
|
||||
|
||||
@ -381,6 +444,10 @@ int RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
|
||||
|
||||
int RsaEncryptSize(RsaKey* key)
|
||||
{
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
|
||||
return key->c_nSz;
|
||||
#endif
|
||||
return mp_unsigned_bin_size(&key->n);
|
||||
}
|
||||
|
||||
@ -561,4 +628,180 @@ int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
|
||||
|
||||
#endif /* CYASSL_KEY_GEN */
|
||||
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
|
||||
#include <cyassl/ctaocrypt/logging.h>
|
||||
#include "cavium_common.h"
|
||||
|
||||
/* Initiliaze RSA for use with Nitrox device */
|
||||
int RsaInitCavium(RsaKey* rsa, int devId)
|
||||
{
|
||||
if (rsa == NULL)
|
||||
return -1;
|
||||
|
||||
if (CspAllocContext(CONTEXT_SSL, &rsa->contextHandle, devId) != 0)
|
||||
return -1;
|
||||
|
||||
rsa->devId = devId;
|
||||
rsa->magic = CYASSL_RSA_CAVIUM_MAGIC;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* Free RSA from use with Nitrox device */
|
||||
void RsaFreeCavium(RsaKey* rsa)
|
||||
{
|
||||
if (rsa == NULL)
|
||||
return;
|
||||
|
||||
CspFreeContext(CONTEXT_SSL, rsa->contextHandle, rsa->devId);
|
||||
rsa->magic = 0;
|
||||
}
|
||||
|
||||
|
||||
/* Initialize cavium RSA key */
|
||||
static void InitCaviumRsaKey(RsaKey* key, void* heap)
|
||||
{
|
||||
if (key == NULL)
|
||||
return;
|
||||
|
||||
key->heap = heap;
|
||||
key->type = -1; /* don't know yet */
|
||||
|
||||
key->c_n = NULL;
|
||||
key->c_e = NULL;
|
||||
key->c_d = NULL;
|
||||
key->c_p = NULL;
|
||||
key->c_q = NULL;
|
||||
key->c_dP = NULL;
|
||||
key->c_dQ = NULL;
|
||||
key->c_u = NULL;
|
||||
|
||||
key->c_nSz = 0;
|
||||
key->c_eSz = 0;
|
||||
key->c_dSz = 0;
|
||||
key->c_pSz = 0;
|
||||
key->c_qSz = 0;
|
||||
key->c_dP_Sz = 0;
|
||||
key->c_dQ_Sz = 0;
|
||||
key->c_uSz = 0;
|
||||
}
|
||||
|
||||
|
||||
/* Free cavium RSA key */
|
||||
static void FreeCaviumRsaKey(RsaKey* key)
|
||||
{
|
||||
if (key == NULL)
|
||||
return;
|
||||
|
||||
XFREE(key->c_n, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
XFREE(key->c_e, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
XFREE(key->c_d, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
XFREE(key->c_p, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
XFREE(key->c_q, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
XFREE(key->c_dP, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
XFREE(key->c_dQ, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
XFREE(key->c_u, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
|
||||
InitCaviumRsaKey(key, key->heap); /* reset pointers */
|
||||
}
|
||||
|
||||
|
||||
static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key)
|
||||
{
|
||||
word32 requestId;
|
||||
word32 ret;
|
||||
|
||||
if (key == NULL || in == NULL || out == NULL || outLen < (word32)key->c_nSz)
|
||||
return -1;
|
||||
|
||||
ret = CspPkcs1v15Enc(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_eSz,
|
||||
(word16)inLen, key->c_n, key->c_e, (byte*)in, out,
|
||||
&requestId, key->devId);
|
||||
if (ret != 0) {
|
||||
CYASSL_MSG("Cavium Enc BT2 failed");
|
||||
return -1;
|
||||
}
|
||||
return key->c_nSz;
|
||||
}
|
||||
|
||||
|
||||
static INLINE void ato16(const byte* c, word16* u16)
|
||||
{
|
||||
*u16 = (c[0] << 8) | (c[1]);
|
||||
}
|
||||
|
||||
|
||||
static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key)
|
||||
{
|
||||
word32 requestId;
|
||||
word32 ret;
|
||||
word16 outSz = (word16)outLen;
|
||||
|
||||
if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz)
|
||||
return -1;
|
||||
|
||||
ret = CspPkcs1v15CrtDec(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_q,
|
||||
key->c_dQ, key->c_p, key->c_dP, key->c_u,
|
||||
(byte*)in, &outSz, out, &requestId, key->devId);
|
||||
if (ret != 0) {
|
||||
CYASSL_MSG("Cavium CRT Dec BT2 failed");
|
||||
return -1;
|
||||
}
|
||||
ato16((const byte*)&outSz, &outSz);
|
||||
|
||||
return outSz;
|
||||
}
|
||||
|
||||
|
||||
static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key)
|
||||
{
|
||||
word32 requestId;
|
||||
word32 ret;
|
||||
|
||||
if (key == NULL || in == NULL || out == NULL || inLen == 0 || outLen <
|
||||
(word32)key->c_nSz)
|
||||
return -1;
|
||||
|
||||
ret = CspPkcs1v15CrtEnc(CAVIUM_BLOCKING, BT1, key->c_nSz, (word16)inLen,
|
||||
key->c_q, key->c_dQ, key->c_p, key->c_dP, key->c_u,
|
||||
(byte*)in, out, &requestId, key->devId);
|
||||
if (ret != 0) {
|
||||
CYASSL_MSG("Cavium CRT Enc BT1 failed");
|
||||
return -1;
|
||||
}
|
||||
return key->c_nSz;
|
||||
}
|
||||
|
||||
|
||||
static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key)
|
||||
{
|
||||
word32 requestId;
|
||||
word32 ret;
|
||||
word16 outSz = (word16)outLen;
|
||||
|
||||
if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz)
|
||||
return -1;
|
||||
|
||||
ret = CspPkcs1v15Dec(CAVIUM_BLOCKING, BT1, key->c_nSz, key->c_eSz,
|
||||
key->c_n, key->c_e, (byte*)in, &outSz, out,
|
||||
&requestId, key->devId);
|
||||
if (ret != 0) {
|
||||
CYASSL_MSG("Cavium Dec BT1 failed");
|
||||
return -1;
|
||||
}
|
||||
outSz = ntohs(outSz);
|
||||
|
||||
return outSz;
|
||||
}
|
||||
|
||||
|
||||
#endif /* HAVE_CAVIUM */
|
||||
|
||||
#endif /* NO_RSA */
|
||||
|
@ -2108,7 +2108,10 @@ int rsa_test(void)
|
||||
|
||||
bytes = fread(tmp, 1, FOURK_BUF, file);
|
||||
#endif /* USE_CERT_BUFFERS */
|
||||
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
RsaInitCavium(&key, CAVIUM_DEV_ID);
|
||||
#endif
|
||||
InitRsaKey(&key, 0);
|
||||
ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
|
||||
if (ret != 0) return -41;
|
||||
@ -2488,6 +2491,9 @@ int rsa_test(void)
|
||||
#endif /* CYASSL_CERT_GEN */
|
||||
|
||||
FreeRsaKey(&key);
|
||||
#ifdef HAVE_CAVIUM
|
||||
RsaFreeCavium(&key);
|
||||
#endif
|
||||
free(tmp);
|
||||
|
||||
return 0;
|
||||
|
@ -32,6 +32,7 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define CYASSL_RSA_CAVIUM_MAGIC 0xBEEF0006
|
||||
|
||||
enum {
|
||||
RSA_PUBLIC = 0,
|
||||
@ -43,6 +44,20 @@ typedef struct RsaKey {
|
||||
mp_int n, e, d, p, q, dP, dQ, u;
|
||||
int type; /* public or private */
|
||||
void* heap; /* for user memory overrides */
|
||||
#ifdef HAVE_CAVIUM
|
||||
int devId; /* nitrox device id */
|
||||
word32 magic; /* using cavium magic */
|
||||
word64 contextHandle; /* nitrox context memory handle */
|
||||
byte* c_n; /* cavium byte buffers for key parts */
|
||||
byte* c_e;
|
||||
byte* c_d;
|
||||
byte* c_p;
|
||||
byte* c_q;
|
||||
byte* c_dP;
|
||||
byte* c_dQ;
|
||||
byte* c_u; /* sizes in bytes */
|
||||
word16 c_nSz, c_eSz, c_dSz, c_pSz, c_qSz, c_dP_Sz, c_dQ_Sz, c_uSz;
|
||||
#endif
|
||||
} RsaKey;
|
||||
|
||||
|
||||
@ -72,6 +87,10 @@ CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
|
||||
CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
CYASSL_API int RsaInitCavium(RsaKey*, int);
|
||||
CYASSL_API void RsaFreeCavium(RsaKey*);
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
@ -230,7 +230,8 @@ enum {
|
||||
DYNAMIC_TYPE_LIBZ = 36,
|
||||
DYNAMIC_TYPE_ECC = 37,
|
||||
DYNAMIC_TYPE_TMP_BUFFER = 38,
|
||||
DYNAMIC_TYPE_CAVIUM_TMP = 40
|
||||
DYNAMIC_TYPE_CAVIUM_TMP = 40,
|
||||
DYNAMIC_TYPE_CAVIUM_RSA = 41
|
||||
};
|
||||
|
||||
/* stack protection */
|
||||
|
Loading…
Reference in New Issue
Block a user