Skip to content

Commit

Permalink
WIP
Browse files Browse the repository at this point in the history
  • Loading branch information
@billphipps
billphipps committed Oct 4, 2024
1 parent ca72b19 commit 5886836
Show file tree
Hide file tree
Showing 12 changed files with 120 additions and 66 deletions.
20 changes: 17 additions & 3 deletions demo/client/wh_demo_client_all.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,13 +22,13 @@ int wh_DemoClient_All(whClientContext* clientContext)
return rc;
}
#endif
/* NVM demos */
/** NVM demos */
rc = wh_DemoClient_Nvm(clientContext);
if (rc != 0) {
return rc;
}

/* Keystore demos */
/** Keystore demos */
rc = wh_DemoClient_KeystoreBasic(clientContext);
if (rc != 0) {
return rc;
Expand All @@ -37,12 +37,15 @@ int wh_DemoClient_All(whClientContext* clientContext)
if (rc != 0) {
return rc;
}
#ifndef NO_AES
rc = wh_DemoClient_KeystoreAes(clientContext);
if (rc != 0) {
return rc;
}
#endif

/* Crypto demos */
/** Crypto demos */
#ifndef NO_RSA
rc = wh_DemoClient_CryptoRsa(clientContext);
if (rc != 0) {
return rc;
Expand All @@ -52,7 +55,9 @@ int wh_DemoClient_All(whClientContext* clientContext)
if (rc != 0) {
return rc;
}
#endif /* !NO_RSA */

#ifdef HAVE_CURVE25519
rc = wh_DemoClient_CryptoCurve25519(clientContext);
if (rc != 0) {
return rc;
Expand All @@ -62,7 +67,9 @@ int wh_DemoClient_All(whClientContext* clientContext)
if (rc != 0) {
return rc;
}
#endif /* HAVE_CURVE25519 */

#ifdef HAVE_ECC
rc = wh_DemoClient_CryptoEcc(clientContext);
if (rc != 0) {
return rc;
Expand All @@ -72,7 +79,9 @@ int wh_DemoClient_All(whClientContext* clientContext)
if (rc != 0) {
return rc;
}
#endif /* HAVE_ECC */

#if !defined(NO_AES) && defined(HAVE_AES_CBC)
rc = wh_DemoClient_CryptoAesCbc(clientContext);
if (rc != 0) {
return rc;
Expand All @@ -82,7 +91,9 @@ int wh_DemoClient_All(whClientContext* clientContext)
if (rc != 0) {
return rc;
}
#endif /* !NO_AES && HAVE_AES_CBC */

#if !defined(NO_AES) && defined(HAVE_AESGCM)
rc = wh_DemoClient_CryptoAesGcm(clientContext);
if (rc != 0) {
return rc;
Expand All @@ -92,7 +103,9 @@ int wh_DemoClient_All(whClientContext* clientContext)
if (rc != 0) {
return rc;
}
#endif /* !NO_AES && HAVE_AESGCM */

#if defined(WOLFSSL_CMAC)
rc = wh_DemoClient_CryptoCmac(clientContext);
if (rc != 0) {
return rc;
Expand All @@ -107,6 +120,7 @@ int wh_DemoClient_All(whClientContext* clientContext)
if (rc != 0) {
return rc;
}
#endif /* WOLFSSL_CMAC */

return rc;
}
55 changes: 28 additions & 27 deletions demo/client/wh_demo_client_crypto.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@

#include "wolfhsm/wh_common.h"
#include "wolfhsm/wh_client.h"
#include "wolfhsm/wh_client_crypto.h"
#include "wolfhsm/wh_error.h"

#include "user_settings.h"
Expand All @@ -26,15 +27,15 @@
#include "wolfssl/wolfcrypt/rsa.h"
#endif

#if !defined(NO_ECC) && defined(HAVE_ECC)
#if defined(HAVE_ECC)
#include "wolfssl/wolfcrypt/ecc.h"
#endif

#ifdef HAVE_CURVE25519
#include "wolfssl/wolfcrypt/curve25519.h"
#endif

#if !defined(NO_AES) && defined(HAVE_AES)
#if !defined(NO_AES)
#include "wolfssl/wolfcrypt/aes.h"
#endif

Expand Down Expand Up @@ -107,7 +108,7 @@ int wh_DemoClient_CryptoRsa(whClientContext* clientContext)
exit:
(void)wc_FreeRng(rng);
if (needEvict) {
ret = wh_Client_GetKeyIdRsa(rsa, &keyId);
ret = wh_Client_RsaGetKeyId(rsa, &keyId);
if (ret != 0) {
printf("Failed to wh_Client_GetKeyIdRsa %d\n", ret);
return ret;
Expand Down Expand Up @@ -179,7 +180,7 @@ int wh_DemoClient_CryptoRsaImport(whClientContext* clientContext)
}

/* set the assigned keyId */
ret = wh_Client_SetKeyIdRsa(rsa, keyId);
ret = wh_Client_RsaSetKeyId(rsa, keyId);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdRsa %d\n", ret);
goto exit;
Expand Down Expand Up @@ -302,7 +303,7 @@ int wh_DemoClient_CryptoCurve25519(whClientContext* clientContext)
exit:
(void)wc_FreeRng(rng);
if (needEvictPriv) {
ret = wh_Client_GetKeyIdCurve25519(curve25519PrivateKey, &keyId);
ret = wh_Client_Curve25519GetKeyId(curve25519PrivateKey, &keyId);
if (ret != 0) {
printf("Failed to wh_Client_GetKeyIdRsa %d\n", ret);
return ret;
Expand All @@ -313,7 +314,7 @@ int wh_DemoClient_CryptoCurve25519(whClientContext* clientContext)
}
}
if (needEvictPub) {
ret = wh_Client_GetKeyIdCurve25519(curve25519PublicKey, &keyId);
ret = wh_Client_Curve25519GetKeyId(curve25519PublicKey, &keyId);
if (ret != 0) {
printf("Failed to wh_Client_GetKeyIdRsa %d\n", ret);
return ret;
Expand Down Expand Up @@ -379,7 +380,7 @@ int wh_DemoClient_CryptoCurve25519Import(whClientContext* clientContext)
}

/* set the assigned keyId */
ret = wh_Client_SetKeyIdCurve25519(curve25519PrivateKey, keyIdPrivBob);
ret = wh_Client_Curve25519SetKeyId(curve25519PrivateKey, keyIdPrivBob);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdRsa %d\n", ret);
goto exit;
Expand Down Expand Up @@ -417,7 +418,7 @@ int wh_DemoClient_CryptoCurve25519Import(whClientContext* clientContext)
}

/* set the assigned keyId */
ret = wh_Client_SetKeyIdCurve25519(curve25519PublicKey, keyIdPubAlice);
ret = wh_Client_Curve25519SetKeyId(curve25519PublicKey, keyIdPubAlice);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdRsa %d\n", ret);
goto exit;
Expand Down Expand Up @@ -468,7 +469,7 @@ int wh_DemoClient_CryptoCurve25519Import(whClientContext* clientContext)
}

/* set the assigned keyId */
ret = wh_Client_SetKeyIdCurve25519(curve25519PrivateKey, keyIdPrivAlice);
ret = wh_Client_Curve25519SetKeyId(curve25519PrivateKey, keyIdPrivAlice);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdRsa %d\n", ret);
goto exit;
Expand Down Expand Up @@ -506,7 +507,7 @@ int wh_DemoClient_CryptoCurve25519Import(whClientContext* clientContext)
}

/* set the assigned keyId */
ret = wh_Client_SetKeyIdCurve25519(curve25519PublicKey, keyIdPubBob);
ret = wh_Client_Curve25519SetKeyId(curve25519PublicKey, keyIdPubBob);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdRsa %d\n", ret);
goto exit;
Expand Down Expand Up @@ -562,7 +563,7 @@ int wh_DemoClient_CryptoCurve25519Import(whClientContext* clientContext)
}
#endif /* HAVE_CURVE25519 */

#if !defined(NO_ECC) && defined(HAVE_ECC)
#if defined(HAVE_ECC)
int wh_DemoClient_CryptoEcc(whClientContext* clientContext)
{
int ret = 0;
Expand Down Expand Up @@ -1005,9 +1006,9 @@ int wh_DemoClient_CryptoEccImport(whClientContext* clientContext)
}
return ret;
}
#endif /* !NO_ECC && HAVE_ECC */
#endif /* HAVE_ECC */

#if !defined(NO_AES) && defined(HAVE_AES)
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
int wh_DemoClient_CryptoAesCbc(whClientContext* clientContext)
{
int ret = 0;
Expand Down Expand Up @@ -1097,7 +1098,7 @@ int wh_DemoClient_CryptoAesCbcImport(whClientContext* clientContext)
needEvict = 1;

/* set the keyId on the struct */
ret = wh_Client_SetKeyIdAes(aes, keyId);
ret = wh_Client_AesSetKeyId(aes, keyId);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdAes %d\n", ret);
goto exit;
Expand Down Expand Up @@ -1134,9 +1135,9 @@ int wh_DemoClient_CryptoAesCbcImport(whClientContext* clientContext)
}
return ret;
}
#endif /* !NO_AES && HAVE_AES */
#endif /* !NO_AES && HAVE_AES_CBC*/

#if !defined(NO_AES) && defined(HAVE_AES) && defined(HAVE_AESGCM)
#if !defined(NO_AES) && defined(HAVE_AESGCM)
int wh_DemoClient_CryptoAesGcm(whClientContext* clientContext)
{
int ret = 0;
Expand Down Expand Up @@ -1224,7 +1225,7 @@ int wh_DemoClient_CryptoAesGcmImport(whClientContext* clientContext)
needEvict = 1;

/* set the keyId on the struct */
ret = wh_Client_SetKeyIdAes(aes, keyId);
ret = wh_Client_AesSetKeyId(aes, keyId);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdAes %d\n", ret);
goto exit;
Expand Down Expand Up @@ -1270,9 +1271,9 @@ int wh_DemoClient_CryptoAesGcmImport(whClientContext* clientContext)
}
return ret;
}
#endif /* !NOAES && HAVE_AES && HAVE_ASEGCM */
#endif /* !NOAES && HAVE_ASEGCM */

#ifdef WOLFSSL_CMAC
#if defined(WOLFSSL_CMAC) && !defined(NO_AES)
int wh_DemoClient_CryptoCmac(whClientContext* clientContext)
{
int ret = 0;
Expand Down Expand Up @@ -1347,7 +1348,7 @@ int wh_DemoClient_CryptoCmacImport(whClientContext* clientContext)
}

/* set the keyId on the struct */
ret = wh_Client_SetKeyIdCmac(cmac, keyId);
ret = wh_Client_CmacSetKeyId(cmac, keyId);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdAes %d\n", ret);
goto exit;
Expand Down Expand Up @@ -1377,15 +1378,15 @@ int wh_DemoClient_CryptoCmacImport(whClientContext* clientContext)
}

/* set the keyId on the struct */
ret = wh_Client_SetKeyIdCmac(cmac, keyId);
ret = wh_Client_CmacSetKeyId(cmac, keyId);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdAes %d\n", ret);
goto exit;
}

/* verify the cmac tag using the special HSM oneshot function
* wh_Client_AesCmacVerify which is required for pre cached keys */
ret = wh_Client_AesCmacVerify(cmac, tag, sizeof(tag), (byte*)message,
ret = wh_Client_CmacAesVerify(cmac, tag, sizeof(tag), (byte*)message,
strlen(message), keyId, NULL);
if (ret != 0) {
printf("CMAC hash and verify failed with imported key %d\n", ret);
Expand Down Expand Up @@ -1426,7 +1427,7 @@ int wh_DemoClient_CryptoCmacOneshotImport(whClientContext* clientContext)
}

/* set the keyId on the struct */
ret = wh_Client_SetKeyIdCmac(cmac, keyId);
ret = wh_Client_CmacSetKeyId(cmac, keyId);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdAes %d\n", ret);
goto exit;
Expand All @@ -1435,7 +1436,7 @@ int wh_DemoClient_CryptoCmacOneshotImport(whClientContext* clientContext)
/* generate the cmac tag using the special HSM wh_Client_AesCmacGenerate
* function which is required for pre cached keys */
outLen = sizeof(tag);
ret = wh_Client_AesCmacGenerate(cmac, tag, &outLen, (byte*)message,
ret = wh_Client_CmacAesGenerate(cmac, tag, &outLen, (byte*)message,
sizeof(message), keyId, NULL);
if (ret != 0) {
printf("Failed to wh_Client_AesCmacGenerate %d\n", ret);
Expand All @@ -1452,15 +1453,15 @@ int wh_DemoClient_CryptoCmacOneshotImport(whClientContext* clientContext)
}

/* set the keyId on the struct */
ret = wh_Client_SetKeyIdCmac(cmac, keyId);
ret = wh_Client_CmacSetKeyId(cmac, keyId);
if (ret != 0) {
printf("Failed to wh_Client_SetKeyIdAes %d\n", ret);
goto exit;
}

/* verify the cmac tag using the special HSM oneshot function
* wh_Client_AesCmacVerify which is required for pre cached keys */
ret = wh_Client_AesCmacVerify(cmac, tag, sizeof(tag), (byte*)message,
ret = wh_Client_CmacAesVerify(cmac, tag, sizeof(tag), (byte*)message,
sizeof(message), keyId, NULL);
if (ret != 0) {
printf("CMAC hash and verify oneshot failed with imported key %d\n", ret);
Expand All @@ -1472,5 +1473,5 @@ int wh_DemoClient_CryptoCmacOneshotImport(whClientContext* clientContext)
(void)wc_CmacFree(cmac);
return ret;
}
#endif /* WOLFSSL_CMAC */
#endif /* WOLFSSL_CMAC && !NO_AES */

6 changes: 3 additions & 3 deletions demo/client/wh_demo_client_crypto.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,17 +12,17 @@ int wh_DemoClient_CryptoCurve25519(whClientContext* clientContext);
int wh_DemoClient_CryptoCurve25519Import(whClientContext* clientContext);
#endif /* HAVE_CURVE25519 */

#if !defined(NO_ECC) && defined(HAVE_ECC)
#if defined(HAVE_ECC)
int wh_DemoClient_CryptoEcc(whClientContext* clientContext);
int wh_DemoClient_CryptoEccImport(whClientContext* clientContext);
#endif /* !NO_ECC && HAVE_ECC */

#if !defined(NO_AES) && defined(HAVE_AES)
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
int wh_DemoClient_CryptoAesCbc(whClientContext* clientContext);
int wh_DemoClient_CryptoAesCbcImport(whClientContext* clientContext);
#endif /* !NO_AES && HAVE_AES */

#if !defined(NO_AES) && defined(HAVE_AES) && defined(HAVE_AESGCM)
#if !defined(NO_AES) && defined(HAVE_AESGCM)
int wh_DemoClient_CryptoAesGcm(whClientContext* clientContext);
int wh_DemoClient_CryptoAesGcmImport(whClientContext* clientContext);
#endif /* !NOAES && HAVE_AES && HAVE_ASEGCM */
Expand Down
Loading

0 comments on commit 5886836

Please sign in to comment.