Skip to content

Commit f12c904

Browse files
bigbrettbigbrett
committed
review: DMA block-size validation, SHA512 init dispatch, and ioSz cleanup
1 parent 8d45952 commit f12c904

2 files changed

Lines changed: 59 additions & 1 deletion

File tree

src/wh_client_crypto.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4726,6 +4726,7 @@ int wh_Client_Sha256DmaUpdateResponse(whClientContext* ctx, wc_Sha256* sha)
47264726
ctx, ctx->dma.asyncCtx.sha.clientAddr, (void**)&ioAddr,
47274727
ctx->dma.asyncCtx.sha.ioSz, WH_DMA_OPER_CLIENT_READ_POST,
47284728
(whDmaFlags){0});
4729+
ctx->dma.asyncCtx.sha.ioSz = 0;
47294730
}
47304731
return ret;
47314732
}
@@ -5257,6 +5258,7 @@ int wh_Client_Sha224DmaUpdateResponse(whClientContext* ctx, wc_Sha224* sha)
52575258
ctx, ctx->dma.asyncCtx.sha.clientAddr, (void**)&ioAddr,
52585259
ctx->dma.asyncCtx.sha.ioSz, WH_DMA_OPER_CLIENT_READ_POST,
52595260
(whDmaFlags){0});
5261+
ctx->dma.asyncCtx.sha.ioSz = 0;
52605262
}
52615263
return ret;
52625264
}
@@ -5787,6 +5789,7 @@ int wh_Client_Sha384DmaUpdateResponse(whClientContext* ctx, wc_Sha384* sha)
57875789
ctx, ctx->dma.asyncCtx.sha.clientAddr, (void**)&ioAddr,
57885790
ctx->dma.asyncCtx.sha.ioSz, WH_DMA_OPER_CLIENT_READ_POST,
57895791
(whDmaFlags){0});
5792+
ctx->dma.asyncCtx.sha.ioSz = 0;
57905793
}
57915794
return ret;
57925795
}
@@ -6334,6 +6337,7 @@ int wh_Client_Sha512DmaUpdateResponse(whClientContext* ctx, wc_Sha512* sha)
63346337
ctx, ctx->dma.asyncCtx.sha.clientAddr, (void**)&ioAddr,
63356338
ctx->dma.asyncCtx.sha.ioSz, WH_DMA_OPER_CLIENT_READ_POST,
63366339
(whDmaFlags){0});
6340+
ctx->dma.asyncCtx.sha.ioSz = 0;
63376341
}
63386342
return ret;
63396343
}

src/wh_server_crypto.c

Lines changed: 55 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4842,6 +4842,16 @@ static int _HandleSha256Dma(whServerContext* ctx, uint16_t magic, int devId,
48424842
(uint32_t)(inSize - sizeof(whMessageCrypto_Sha256DmaRequest))) {
48434843
return WH_ERROR_BADARGS;
48444844
}
4845+
/* Non-final: inline and DMA input must be multiples of block size */
4846+
if (!req.isLastBlock && ((req.inSz % WC_SHA256_BLOCK_SIZE) != 0 ||
4847+
(req.input.sz % WC_SHA256_BLOCK_SIZE) != 0)) {
4848+
return WH_ERROR_BADARGS;
4849+
}
4850+
/* Final: inline data must be less than one block, no DMA input */
4851+
if (req.isLastBlock &&
4852+
(req.inSz >= WC_SHA256_BLOCK_SIZE || req.input.sz != 0)) {
4853+
return WH_ERROR_BADARGS;
4854+
}
48454855

48464856
inlineData =
48474857
(const uint8_t*)cryptoDataIn + sizeof(whMessageCrypto_Sha256DmaRequest);
@@ -4932,6 +4942,16 @@ static int _HandleSha224Dma(whServerContext* ctx, uint16_t magic, int devId,
49324942
(uint32_t)(inSize - sizeof(whMessageCrypto_Sha256DmaRequest))) {
49334943
return WH_ERROR_BADARGS;
49344944
}
4945+
/* Non-final: inline and DMA input must be multiples of block size */
4946+
if (!req.isLastBlock && ((req.inSz % WC_SHA224_BLOCK_SIZE) != 0 ||
4947+
(req.input.sz % WC_SHA224_BLOCK_SIZE) != 0)) {
4948+
return WH_ERROR_BADARGS;
4949+
}
4950+
/* Final: inline data must be less than one block, no DMA input */
4951+
if (req.isLastBlock &&
4952+
(req.inSz >= WC_SHA224_BLOCK_SIZE || req.input.sz != 0)) {
4953+
return WH_ERROR_BADARGS;
4954+
}
49354955

49364956
inlineData =
49374957
(const uint8_t*)cryptoDataIn + sizeof(whMessageCrypto_Sha256DmaRequest);
@@ -5020,6 +5040,16 @@ static int _HandleSha384Dma(whServerContext* ctx, uint16_t magic, int devId,
50205040
(uint32_t)(inSize - sizeof(whMessageCrypto_Sha512DmaRequest))) {
50215041
return WH_ERROR_BADARGS;
50225042
}
5043+
/* Non-final: inline and DMA input must be multiples of block size */
5044+
if (!req.isLastBlock && ((req.inSz % WC_SHA384_BLOCK_SIZE) != 0 ||
5045+
(req.input.sz % WC_SHA384_BLOCK_SIZE) != 0)) {
5046+
return WH_ERROR_BADARGS;
5047+
}
5048+
/* Final: inline data must be less than one block, no DMA input */
5049+
if (req.isLastBlock &&
5050+
(req.inSz >= WC_SHA384_BLOCK_SIZE || req.input.sz != 0)) {
5051+
return WH_ERROR_BADARGS;
5052+
}
50235053

50245054
inlineData =
50255055
(const uint8_t*)cryptoDataIn + sizeof(whMessageCrypto_Sha512DmaRequest);
@@ -5109,12 +5139,36 @@ static int _HandleSha512Dma(whServerContext* ctx, uint16_t magic, int devId,
51095139
(uint32_t)(inSize - sizeof(whMessageCrypto_Sha512DmaRequest))) {
51105140
return WH_ERROR_BADARGS;
51115141
}
5142+
/* Non-final: inline and DMA input must be multiples of block size */
5143+
if (!req.isLastBlock && ((req.inSz % WC_SHA512_BLOCK_SIZE) != 0 ||
5144+
(req.input.sz % WC_SHA512_BLOCK_SIZE) != 0)) {
5145+
return WH_ERROR_BADARGS;
5146+
}
5147+
/* Final: inline data must be less than one block, no DMA input */
5148+
if (req.isLastBlock &&
5149+
(req.inSz >= WC_SHA512_BLOCK_SIZE || req.input.sz != 0)) {
5150+
return WH_ERROR_BADARGS;
5151+
}
51125152

51135153
inlineData =
51145154
(const uint8_t*)cryptoDataIn + sizeof(whMessageCrypto_Sha512DmaRequest);
51155155
hashType = req.resumeState.hashType;
51165156

5117-
ret = wc_InitSha512_ex(sha512, NULL, devId);
5157+
switch (hashType) {
5158+
#ifndef WOLFSSL_NOSHA512_224
5159+
case WC_HASH_TYPE_SHA512_224:
5160+
ret = wc_InitSha512_224_ex(sha512, NULL, devId);
5161+
break;
5162+
#endif
5163+
#ifndef WOLFSSL_NOSHA512_256
5164+
case WC_HASH_TYPE_SHA512_256:
5165+
ret = wc_InitSha512_256_ex(sha512, NULL, devId);
5166+
break;
5167+
#endif
5168+
default:
5169+
ret = wc_InitSha512_ex(sha512, NULL, devId);
5170+
break;
5171+
}
51185172
if (ret != 0) {
51195173
return ret;
51205174
}

0 commit comments

Comments
 (0)