mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sync QAT Fixes

Browse Source 
1. The QAT callback's worker functions need to copy the IV into the AES IV register. QAT doesn't update it automatically.
2. Update the GMAC test to set its device to INVALID_DEVID.
3. Always allocate NUMA buffers before running crypto operation and store the results.
4. The QAT does not like non-multiple of 4 iv lenths, and aad lengths. Or 0. Remove a few test cases for those.
5. QAT wasn't getting a pointer to store the auth tag for GCM. Then store it.
This commit is contained in:
John Safranek 2019-10-14 13:55:51 -04:00
parent 825f311959
commit 54f0b1a44a
2 changed files with 56 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
wolfcrypt/src/port/intel/quickassist_sync.c
View File

@ -743,7 +743,11 @@ static void IntelQaSymCipherFree(IntelQaDev* dev)
dev->out = NULL;
dev->outLen = 0;
#ifndef NO_AES
dev->op.cipher.authTag = NULL;
if (dev->op.cipher.authTag != NULL) {
XMEMSET(dev->op.cipher.authTag, 0, dev->op.cipher.authTagSz);
XFREE(dev->op.cipher.authTag, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA);
dev->op.cipher.authTag = NULL;
}
dev->op.cipher.authTagSz = 0;
#endif
}
@ -772,7 +776,9 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in,
Cpa32U metaSize = 0;
Cpa8U* authInBuf = NULL;
Cpa32U authInSzAligned = authInSz;
Cpa8U* authTagBuf = NULL;
IntelQaSymCtx* ctx;
CpaBoolean verifyResult = CPA_FALSE;
QLOG("IntelQaSymCipher: dev %p, out %p, in %p, inOutSz %d, op %d, "
"algo %d, dir %d, hash %d\n",
@ -806,19 +812,15 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in,
bufferList = &dev->op.cipher.bufferList;
flatBuffer = &dev->op.cipher.flatBuffer;
metaBuf = XMALLOC(metaSize, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA);
#ifndef WOLFSSL_SNIFFER
dataBuf = XREALLOC((byte*)in, dataLen, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA);
ivBuf = XREALLOC((byte*)iv, AES_BLOCK_SIZE, dev->heap,
DYNAMIC_TYPE_ASYNC_NUMA);
#else
dataBuf = XMALLOC(dataLen, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA);
XMEMCPY(dataBuf, in, inOutSz);
ivBuf = XMALLOC(AES_BLOCK_SIZE, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA);
XMEMCPY(ivBuf, iv, ivSz);
#endif
authTagBuf = XMALLOC(authTagSz, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA);
/* check allocations */
if (ivBuf == NULL || metaBuf == NULL || dataBuf == NULL) {
if (ivBuf == NULL || metaBuf == NULL || dataBuf == NULL ||
authTagBuf == NULL) {
ret = MEMORY_E; goto exit;
}
@ -830,14 +832,9 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in,
(authInSzAligned % AES_BLOCK_SIZE);
}
#ifndef WOLFSSL_SNIFFER
authInBuf = XREALLOC((byte*)authIn, authInSzAligned, dev->heap,
DYNAMIC_TYPE_ASYNC_NUMA);
#else
authInBuf = XMALLOC(authInSzAligned, dev->heap,
DYNAMIC_TYPE_ASYNC_NUMA);
XMEMCPY(authInBuf, authIn, authInSz);
#endif
if (authInBuf == NULL) {
ret = MEMORY_E; goto exit;
}
@ -878,7 +875,10 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in,
setup.hashSetupData.digestResultLenInBytes = authTagSz;
setup.hashSetupData.authModeSetupData.aadLenInBytes = authInSz;
setup.digestIsAppended = CPA_TRUE;
if (cipherDirection == CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT)
setup.digestIsAppended = CPA_TRUE;
else
setup.digestIsAppended = CPA_FALSE;
}
/* open session */
@ -903,13 +903,19 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in,
XMEMCPY(flatBuffer->pData + inOutSz, authTag, authTagSz);
}
}
else {
if (authTag && authTagSz > 0) {
XMEMCPY(authTagBuf, authTag, authTagSz);
}
}
/* store info needed for output */
dev->out = out;
dev->outLen = inOutSz;
if (cipherDirection == CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT) {
dev->op.cipher.authTag = authTag;
dev->op.cipher.authTag = authTagBuf;
dev->op.cipher.authTagSz = authTagSz;
opData->pDigestResult = authTagBuf;
}
else {
dev->op.cipher.authTag = NULL;
@ -920,11 +926,16 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in,
/* perform symmetric AES operation async */
/* use same buffer list for in-place operation */
status = cpaCySymPerformOp(dev->handle, dev, opData,
bufferList, bufferList, NULL);
if (ret == WC_PENDING_E)
return ret;
bufferList, bufferList, &verifyResult);
if (symOperation == CPA_CY_SYM_OP_ALGORITHM_CHAINING &&
cipherAlgorithm == CPA_CY_SYM_CIPHER_AES_GCM &&
cipherDirection == CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT &&
hashAlgorithm == CPA_CY_SYM_HASH_AES_GCM) {
if (verifyResult == CPA_FALSE) {
ret = AES_GCM_AUTH_E;
}
}
exit:
if (ret != 0) {
@ -932,10 +943,13 @@ exit:
dev, status, ret);
}
#ifdef WOLFSSL_SNIFFER
/* Capture the inline decrypt into the output. */
XMEMCPY(out, dataBuf, inOutSz);
#endif
if (cipherDirection == CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT) {
if (authTag != NULL && authTagSz > 0) {
XMEMCPY(authTag, authTagBuf, authTagSz);
}
}
/* handle cleanup */
IntelQaSymCipherFree(dev);
@ -949,11 +963,14 @@ int IntelQaSymAesCbcEncrypt(IntelQaDev* dev,
const byte* key, word32 keySz,
const byte* iv, word32 ivSz)
{
return IntelQaSymCipher(dev, out, in, sz,
int ret = IntelQaSymCipher(dev, out, in, sz,
key, keySz, iv, ivSz,
CPA_CY_SYM_OP_CIPHER, CPA_CY_SYM_CIPHER_AES_CBC,
CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT,
CPA_CY_SYM_HASH_NONE, NULL, 0, NULL, 0);
XMEMCPY((byte*)iv, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
return ret;
}
#ifdef HAVE_AES_DECRYPT
@ -962,11 +979,18 @@ int IntelQaSymAesCbcDecrypt(IntelQaDev* dev,
const byte* key, word32 keySz,
const byte* iv, word32 ivSz)
{
return IntelQaSymCipher(dev, out, in, sz,
byte nextIv[AES_BLOCK_SIZE];
int ret;
XMEMCPY(nextIv, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
ret = IntelQaSymCipher(dev, out, in, sz,
key, keySz, iv, ivSz,
CPA_CY_SYM_OP_CIPHER, CPA_CY_SYM_CIPHER_AES_CBC,
CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT,
CPA_CY_SYM_HASH_NONE, NULL, 0, NULL, 0);
XMEMCPY((byte*)iv, nextIv, AES_BLOCK_SIZE);
return ret;
}
#endif /* HAVE_AES_DECRYPT */
#endif /* HAVE_AES_CBC */

12
wolfcrypt/test/test.c
View File

@ -890,7 +890,8 @@ initDefaultName();
if ( (ret = aesgcm_test()) != 0)
return err_sys("AES-GCM test failed!\n", ret);
#endif
#if !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT)
#if !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT) && \
!(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC))
if ((ret = aesgcm_default_test()) != 0) {
return err_sys("AES-GCM test failed!\n", ret);
}
@ -7390,7 +7391,8 @@ int aesgcm_test(void)
#if !defined(HAVE_FIPS) && \
!defined(WOLFSSL_PIC32MZ_CRYPT) && \
!defined(FREESCALE_LTC) && !defined(FREESCALE_MMCAU) && \
!defined(WOLFSSL_XILINX_CRYPT) && !defined(WOLFSSL_AFALG_XILINX_AES)
!defined(WOLFSSL_XILINX_CRYPT) && !defined(WOLFSSL_AFALG_XILINX_AES) && \
!(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC))
#define ENABLE_NON_12BYTE_IV_TEST
#ifdef WOLFSSL_AES_192
@ -7596,6 +7598,7 @@ int aesgcm_test(void)
}
#endif
#if !(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC))
/* Variable authenticated data length test */
for (alen=0; alen<(int)sizeof(p); alen++) {
/* AES-GCM encrypt and decrypt both use AES encrypt internally */
@ -7616,6 +7619,7 @@ int aesgcm_test(void)
return -5713;
#endif /* HAVE_AES_DECRYPT */
}
#endif
#if !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT)
#ifdef BENCH_AESGCM_LARGE
@ -7734,7 +7738,8 @@ int aesgcm_test(void)
#endif /* ENABLE_NON_12BYTE_IV_TEST */
#if defined(WOLFSSL_AES_256) && !defined(WOLFSSL_AFALG_XILINX_AES) && \
!defined(WOLFSSL_XILINX_CRYPT)
!defined(WOLFSSL_XILINX_CRYPT) && \
!(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC))
XMEMSET(resultT, 0, sizeof(resultT));
XMEMSET(resultC, 0, sizeof(resultC));
XMEMSET(resultP, 0, sizeof(resultP));
@ -7895,6 +7900,7 @@ int gmac_test(void)
byte tag[16];
XMEMSET(&gmac, 0, sizeof(Gmac)); /* clear context */
wc_AesInit((Aes*)&gmac, HEAP_HINT, INVALID_DEVID); /* Make sure devId updated */
XMEMSET(tag, 0, sizeof(tag));
wc_GmacSetKey(&gmac, k1, sizeof(k1));
wc_GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1));