Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

This is a WIP! #8000

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

This is a WIP! #8000

wants to merge 1 commit into from
+127 −99

Conversation

anhu
Copy link
Member

@anhu anhu commented Sep 20, 2024

  • In wc_ecc_import_private_key_ex(), do not call wc_MAXQ10XX_EccSetKey() if the key is not a MAXQ key. Need this because KeyPairImport does not reside on MAXQ device so it will error out.
  • in ecc_set_key() unlock before ECDSA_sign() and then lock after it because it will use the RNG and will try to acquire lock.
  • Move maxq10xx_ecc_key_gen() higher so it can be called by wolfSSL_MAXQ10XX_CryptoDevCb(). Note we still return CRYPTOCB_UNAVAILABLE because we don't actually get a shared secret.
  • Refactor maxq10xx_tls12_ecc_shared_secret() to create new functio maxq10xx_compute_ecc_shared_secret() so that it can be called by wolfSSL_MAXQ10XX_CryptoDevCb(). Note we still return CRYPTOCB_UNAVAILABLE because we don't actually get a shared secret.

Description

Please describe the scope of the fix or feature addition.

Fixes zd#

Testing

How did you test?

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@anhu
This is a WIP!
9b8b45f 
- In wc_ecc_import_private_key_ex(), do not call wc_MAXQ10XX_EccSetKey() if the key is not a MAXQ key. Need this because KeyPairImport does not reside on MAXQ device so it will error out.
- in ecc_set_key() unlock before ECDSA_sign() and then lock after it because it will use the RNG and will try to acquire lock.
- Move maxq10xx_ecc_key_gen()  higher so it can be called by wolfSSL_MAXQ10XX_CryptoDevCb().  Note we still return CRYPTOCB_UNAVAILABLE because we don't actually get a shared secret.
- Refactor maxq10xx_tls12_ecc_shared_secret() to create new functio maxq10xx_compute_ecc_shared_secret() so that it can be called by wolfSSL_MAXQ10XX_CryptoDevCb(). Note we still return CRYPTOCB_UNAVAILABLE because we don't actually get a shared secret.
@anhu anhu self-assigned this Sep 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@anhu anhu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@anhu