diff --git a/wolfcrypt/src/port/intel/quickassist_sync.c b/wolfcrypt/src/port/intel/quickassist_sync.c index 19a576000..c913b2870 100644 --- a/wolfcrypt/src/port/intel/quickassist_sync.c +++ b/wolfcrypt/src/port/intel/quickassist_sync.c @@ -743,7 +743,11 @@ static void IntelQaSymCipherFree(IntelQaDev* dev) dev->out = NULL; dev->outLen = 0; #ifndef NO_AES - dev->op.cipher.authTag = NULL; + if (dev->op.cipher.authTag != NULL) { + XMEMSET(dev->op.cipher.authTag, 0, dev->op.cipher.authTagSz); + XFREE(dev->op.cipher.authTag, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA); + dev->op.cipher.authTag = NULL; + } dev->op.cipher.authTagSz = 0; #endif } @@ -772,7 +776,9 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in, Cpa32U metaSize = 0; Cpa8U* authInBuf = NULL; Cpa32U authInSzAligned = authInSz; + Cpa8U* authTagBuf = NULL; IntelQaSymCtx* ctx; + CpaBoolean verifyResult = CPA_FALSE; QLOG("IntelQaSymCipher: dev %p, out %p, in %p, inOutSz %d, op %d, " "algo %d, dir %d, hash %d\n", @@ -806,19 +812,15 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in, bufferList = &dev->op.cipher.bufferList; flatBuffer = &dev->op.cipher.flatBuffer; metaBuf = XMALLOC(metaSize, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA); -#ifndef WOLFSSL_SNIFFER - dataBuf = XREALLOC((byte*)in, dataLen, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA); - ivBuf = XREALLOC((byte*)iv, AES_BLOCK_SIZE, dev->heap, - DYNAMIC_TYPE_ASYNC_NUMA); -#else dataBuf = XMALLOC(dataLen, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA); XMEMCPY(dataBuf, in, inOutSz); ivBuf = XMALLOC(AES_BLOCK_SIZE, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA); XMEMCPY(ivBuf, iv, ivSz); -#endif + authTagBuf = XMALLOC(authTagSz, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA); /* check allocations */ - if (ivBuf == NULL || metaBuf == NULL || dataBuf == NULL) { + if (ivBuf == NULL || metaBuf == NULL || dataBuf == NULL || + authTagBuf == NULL) { ret = MEMORY_E; goto exit; } @@ -830,14 +832,9 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in, (authInSzAligned % AES_BLOCK_SIZE); } -#ifndef WOLFSSL_SNIFFER - authInBuf = XREALLOC((byte*)authIn, authInSzAligned, dev->heap, - DYNAMIC_TYPE_ASYNC_NUMA); -#else authInBuf = XMALLOC(authInSzAligned, dev->heap, DYNAMIC_TYPE_ASYNC_NUMA); XMEMCPY(authInBuf, authIn, authInSz); -#endif if (authInBuf == NULL) { ret = MEMORY_E; goto exit; } @@ -878,7 +875,10 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in, setup.hashSetupData.digestResultLenInBytes = authTagSz; setup.hashSetupData.authModeSetupData.aadLenInBytes = authInSz; - setup.digestIsAppended = CPA_TRUE; + if (cipherDirection == CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT) + setup.digestIsAppended = CPA_TRUE; + else + setup.digestIsAppended = CPA_FALSE; } /* open session */ @@ -903,13 +903,19 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in, XMEMCPY(flatBuffer->pData + inOutSz, authTag, authTagSz); } } + else { + if (authTag && authTagSz > 0) { + XMEMCPY(authTagBuf, authTag, authTagSz); + } + } /* store info needed for output */ dev->out = out; dev->outLen = inOutSz; if (cipherDirection == CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT) { - dev->op.cipher.authTag = authTag; + dev->op.cipher.authTag = authTagBuf; dev->op.cipher.authTagSz = authTagSz; + opData->pDigestResult = authTagBuf; } else { dev->op.cipher.authTag = NULL; @@ -920,11 +926,16 @@ static int IntelQaSymCipher(IntelQaDev* dev, byte* out, const byte* in, /* perform symmetric AES operation async */ /* use same buffer list for in-place operation */ status = cpaCySymPerformOp(dev->handle, dev, opData, - bufferList, bufferList, NULL); - - if (ret == WC_PENDING_E) - return ret; + bufferList, bufferList, &verifyResult); + if (symOperation == CPA_CY_SYM_OP_ALGORITHM_CHAINING && + cipherAlgorithm == CPA_CY_SYM_CIPHER_AES_GCM && + cipherDirection == CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT && + hashAlgorithm == CPA_CY_SYM_HASH_AES_GCM) { + if (verifyResult == CPA_FALSE) { + ret = AES_GCM_AUTH_E; + } + } exit: if (ret != 0) { @@ -932,10 +943,13 @@ exit: dev, status, ret); } -#ifdef WOLFSSL_SNIFFER /* Capture the inline decrypt into the output. */ XMEMCPY(out, dataBuf, inOutSz); -#endif + if (cipherDirection == CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT) { + if (authTag != NULL && authTagSz > 0) { + XMEMCPY(authTag, authTagBuf, authTagSz); + } + } /* handle cleanup */ IntelQaSymCipherFree(dev); @@ -949,11 +963,14 @@ int IntelQaSymAesCbcEncrypt(IntelQaDev* dev, const byte* key, word32 keySz, const byte* iv, word32 ivSz) { - return IntelQaSymCipher(dev, out, in, sz, + int ret = IntelQaSymCipher(dev, out, in, sz, key, keySz, iv, ivSz, CPA_CY_SYM_OP_CIPHER, CPA_CY_SYM_CIPHER_AES_CBC, CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT, CPA_CY_SYM_HASH_NONE, NULL, 0, NULL, 0); + + XMEMCPY((byte*)iv, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + return ret; } #ifdef HAVE_AES_DECRYPT @@ -962,11 +979,18 @@ int IntelQaSymAesCbcDecrypt(IntelQaDev* dev, const byte* key, word32 keySz, const byte* iv, word32 ivSz) { - return IntelQaSymCipher(dev, out, in, sz, + byte nextIv[AES_BLOCK_SIZE]; + int ret; + + XMEMCPY(nextIv, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + ret = IntelQaSymCipher(dev, out, in, sz, key, keySz, iv, ivSz, CPA_CY_SYM_OP_CIPHER, CPA_CY_SYM_CIPHER_AES_CBC, CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT, CPA_CY_SYM_HASH_NONE, NULL, 0, NULL, 0); + + XMEMCPY((byte*)iv, nextIv, AES_BLOCK_SIZE); + return ret; } #endif /* HAVE_AES_DECRYPT */ #endif /* HAVE_AES_CBC */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 04de111b9..87f6538d9 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -890,7 +890,8 @@ initDefaultName(); if ( (ret = aesgcm_test()) != 0) return err_sys("AES-GCM test failed!\n", ret); #endif - #if !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT) + #if !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT) && \ + !(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC)) if ((ret = aesgcm_default_test()) != 0) { return err_sys("AES-GCM test failed!\n", ret); } @@ -7390,7 +7391,8 @@ int aesgcm_test(void) #if !defined(HAVE_FIPS) && \ !defined(WOLFSSL_PIC32MZ_CRYPT) && \ !defined(FREESCALE_LTC) && !defined(FREESCALE_MMCAU) && \ - !defined(WOLFSSL_XILINX_CRYPT) && !defined(WOLFSSL_AFALG_XILINX_AES) + !defined(WOLFSSL_XILINX_CRYPT) && !defined(WOLFSSL_AFALG_XILINX_AES) && \ + !(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC)) #define ENABLE_NON_12BYTE_IV_TEST #ifdef WOLFSSL_AES_192 @@ -7596,6 +7598,7 @@ int aesgcm_test(void) } #endif +#if !(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC)) /* Variable authenticated data length test */ for (alen=0; alen<(int)sizeof(p); alen++) { /* AES-GCM encrypt and decrypt both use AES encrypt internally */ @@ -7616,6 +7619,7 @@ int aesgcm_test(void) return -5713; #endif /* HAVE_AES_DECRYPT */ } +#endif #if !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT) #ifdef BENCH_AESGCM_LARGE @@ -7734,7 +7738,8 @@ int aesgcm_test(void) #endif /* ENABLE_NON_12BYTE_IV_TEST */ #if defined(WOLFSSL_AES_256) && !defined(WOLFSSL_AFALG_XILINX_AES) && \ - !defined(WOLFSSL_XILINX_CRYPT) + !defined(WOLFSSL_XILINX_CRYPT) && \ + !(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC)) XMEMSET(resultT, 0, sizeof(resultT)); XMEMSET(resultC, 0, sizeof(resultC)); XMEMSET(resultP, 0, sizeof(resultP)); @@ -7895,6 +7900,7 @@ int gmac_test(void) byte tag[16]; XMEMSET(&gmac, 0, sizeof(Gmac)); /* clear context */ + wc_AesInit((Aes*)&gmac, HEAP_HINT, INVALID_DEVID); /* Make sure devId updated */ XMEMSET(tag, 0, sizeof(tag)); wc_GmacSetKey(&gmac, k1, sizeof(k1)); wc_GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1));