add WOLF_CRYPTO_CB_FIND macro to guard find device ID callback

Author: JacobBarthelmeh

wolfcrypt/src/aes.c

@@ -4011,6 +4011,9 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
     #endif
 
     #ifdef WOLF_CRYPTO_CB
+        #ifndef WOLF_CRYPTO_CB_FIND
+        if (aes->devId != INVALID_DEVID)
+        #endif
         {
             int crypto_cb_ret = wc_CryptoCb_AesCbcEncrypt(aes, out, in, sz);
             if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE)
@@ -4144,6 +4147,9 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
     #endif
 
     #ifdef WOLF_CRYPTO_CB
+        #ifndef WOLF_CRYPTO_CB_FIND
+        if (aes->devId != INVALID_DEVID)
+        #endif
         {
             int crypto_cb_ret = wc_CryptoCb_AesCbcDecrypt(aes, out, in, sz);
             if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE)
@@ -4462,6 +4468,9 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             }
 
         #ifdef WOLF_CRYPTO_CB
+            #ifndef WOLF_CRYPTO_CB_FIND
+            if (aes->devId != INVALID_DEVID)
+            #endif
             {
                 int crypto_cb_ret = wc_CryptoCb_AesCtrEncrypt(aes, out, in, sz);
                 if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE)
@@ -6655,6 +6664,9 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     }
 
 #ifdef WOLF_CRYPTO_CB
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (aes->devId != INVALID_DEVID)
+    #endif
     {
         int crypto_cb_ret =
             wc_CryptoCb_AesGcmEncrypt(aes, out, in, sz, iv, ivSz, authTag,
@@ -7211,6 +7223,9 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     }
 
 #ifdef WOLF_CRYPTO_CB
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (aes->devId != INVALID_DEVID)
+    #endif
     {
         int crypto_cb_ret =
             wc_CryptoCb_AesGcmDecrypt(aes, out, in, sz, iv, ivSz,
@@ -9103,6 +9118,9 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
     }
 
 #ifdef WOLF_CRYPTO_CB
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (aes->devId != INVALID_DEVID)
+    #endif
     {
         int crypto_cb_ret =
             wc_CryptoCb_AesCcmEncrypt(aes, out, in, inSz, nonce, nonceSz,
@@ -9282,6 +9300,9 @@ int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
     }
 
 #ifdef WOLF_CRYPTO_CB
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (aes->devId != INVALID_DEVID)
+    #endif
     {
         int crypto_cb_ret =
             wc_CryptoCb_AesCcmDecrypt(aes, out, in, inSz, nonce, nonceSz,
@@ -9801,6 +9822,9 @@ static WARN_UNUSED_RESULT int _AesEcbEncrypt(
     word32 blocks = sz / AES_BLOCK_SIZE;
 
 #ifdef WOLF_CRYPTO_CB
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (aes->devId != INVALID_DEVID)
+    #endif
     {
         int ret = wc_CryptoCb_AesEcbEncrypt(aes, out, in, sz);
         if (ret != CRYPTOCB_UNAVAILABLE)
@@ -9837,6 +9861,9 @@ static WARN_UNUSED_RESULT int _AesEcbDecrypt(
     word32 blocks = sz / AES_BLOCK_SIZE;
 
 #ifdef WOLF_CRYPTO_CB
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (aes->devId != INVALID_DEVID)
+    #endif
     {
         int ret = wc_CryptoCb_AesEcbDecrypt(aes, out, in, sz);
         if (ret != CRYPTOCB_UNAVAILABLE)

wolfcrypt/src/cmac.c

@@ -115,6 +115,9 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
     XMEMSET(cmac, 0, sizeof(Cmac));
 
 #ifdef WOLF_CRYPTO_CB
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (devId != INVALID_DEVID)
+    #endif
     {
         cmac->devId = devId;
         cmac->devCtx = NULL;
@@ -178,6 +181,9 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
     }
 
 #ifdef WOLF_CRYPTO_CB
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (cmac->devId != INVALID_DEVID)
+    #endif
     {
         ret = wc_CryptoCb_Cmac(cmac, NULL, 0, in, inSz,
                 NULL, NULL, 0, NULL);
@@ -226,10 +232,15 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
     }
 
 #ifdef WOLF_CRYPTO_CB
-    ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz, 0, NULL);
-    if (ret != CRYPTOCB_UNAVAILABLE)
-        return ret;
-    /* fall-through when unavailable */
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (cmac->devId != INVALID_DEVID)
+    #endif
+    {
+        ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz, 0, NULL);
+        if (ret != CRYPTOCB_UNAVAILABLE)
+            return ret;
+        /* fall-through when unavailable */
+    }
 #endif
 
     if (cmac->bufferSz == AES_BLOCK_SIZE) {

wolfcrypt/src/cryptocb.c

@@ -49,8 +49,10 @@ typedef struct CryptoCb {
     void* ctx;
 } CryptoCb;
 static WOLFSSL_GLOBAL CryptoCb gCryptoDev[MAX_CRYPTO_DEVID_CALLBACKS];
-static CryptoDevCallbackFind CryptoCb_FindCb = NULL;
 
+#ifdef WOLF_CRYPTO_CB_FIND
+static CryptoDevCallbackFind CryptoCb_FindCb = NULL;
+#endif
 
 #ifdef DEBUG_CRYPTOCB
 static const char* GetAlgoTypeStr(int algo)
@@ -188,9 +190,11 @@ static CryptoCb* wc_CryptoCb_FindDevice(int devId, int algoType)
 {
     int localDevId = devId;
 
+#ifdef WOLF_CRYPTO_CB_FIND
     if (CryptoCb_FindCb != NULL) {
         localDevId = CryptoCb_FindCb(devId, algoType);
     }
+#endif /* WOLF_CRYPTO_CB_FIND */
     return wc_CryptoCb_GetDevice(localDevId);
 }
 
@@ -233,6 +237,7 @@ int wc_CryptoCb_GetDevIdAtIndex(int startIdx)
 }
 
 
+#ifdef WOLF_CRYPTO_CB_FIND
 /* Used to register a find device function. Useful for cases where the
  * device ID in the struct may not have been set but still wanting to use
  * a specific crypto callback device ID. The find callback is global and
@@ -241,6 +246,7 @@ void wc_CryptoCb_SetDeviceFindCb(CryptoDevCallbackFind cb)
 {
     CryptoCb_FindCb = cb;
 }
+#endif
 
 int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx)
 {

wolfcrypt/src/ecc.c

@@ -4428,17 +4428,22 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
    }
 
 #ifdef WOLF_CRYPTO_CB
-    err = wc_CryptoCb_Ecdh(private_key, public_key, out, outlen);
-    #ifndef WOLF_CRYPTO_CB_ONLY_ECC
-    if (err != CRYPTOCB_UNAVAILABLE)
-        return err;
-    /* fall-through when unavailable */
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (private_key->devId != INVALID_DEVID)
     #endif
-    #ifdef WOLF_CRYPTO_CB_ONLY_ECC
-    if (err == CRYPTOCB_UNAVAILABLE) {
-        err = NO_VALID_DEVID;
+    {
+        err = wc_CryptoCb_Ecdh(private_key, public_key, out, outlen);
+        #ifndef WOLF_CRYPTO_CB_ONLY_ECC
+        if (err != CRYPTOCB_UNAVAILABLE)
+            return err;
+        /* fall-through when unavailable */
+        #endif
+        #ifdef WOLF_CRYPTO_CB_ONLY_ECC
+        if (err == CRYPTOCB_UNAVAILABLE) {
+            err = NO_VALID_DEVID;
+        }
+        #endif
     }
-    #endif
 #endif
 
 #ifndef WOLF_CRYPTO_CB_ONLY_ECC
@@ -5324,18 +5329,23 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
     key->flags = (byte)flags;
 
 #ifdef WOLF_CRYPTO_CB
-    err = wc_CryptoCb_MakeEccKey(rng, keysize, key, curve_id);
-    #ifndef WOLF_CRYPTO_CB_ONLY_ECC
-    if (err != CRYPTOCB_UNAVAILABLE)
-        return err;
-    /* fall-through when unavailable */
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (key->devId != INVALID_DEVID)
     #endif
-    #ifdef WOLF_CRYPTO_CB_ONLY_ECC
-    if (err == CRYPTOCB_UNAVAILABLE) {
-        return NO_VALID_DEVID;
+    {
+        err = wc_CryptoCb_MakeEccKey(rng, keysize, key, curve_id);
+        #ifndef WOLF_CRYPTO_CB_ONLY_ECC
+        if (err != CRYPTOCB_UNAVAILABLE)
+            return err;
+        /* fall-through when unavailable */
+        #endif
+        #ifdef WOLF_CRYPTO_CB_ONLY_ECC
+        if (err == CRYPTOCB_UNAVAILABLE) {
+            return NO_VALID_DEVID;
+        }
+        return err;
+        #endif
     }
-    return err;
-    #endif
 #endif
 
 #ifndef WOLF_CRYPTO_CB_ONLY_ECC
@@ -6311,17 +6321,22 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
     }
 
 #ifdef WOLF_CRYPTO_CB
-    err = wc_CryptoCb_EccSign(in, inlen, out, outlen, rng, key);
-    #ifndef WOLF_CRYPTO_CB_ONLY_ECC
-    if (err != CRYPTOCB_UNAVAILABLE)
-        return err;
-    /* fall-through when unavailable */
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (key->devId != INVALID_DEVID)
     #endif
-    #ifdef WOLF_CRYPTO_CB_ONLY_ECC
-    if (err == CRYPTOCB_UNAVAILABLE) {
-        err = NO_VALID_DEVID;
+    {
+        err = wc_CryptoCb_EccSign(in, inlen, out, outlen, rng, key);
+        #ifndef WOLF_CRYPTO_CB_ONLY_ECC
+        if (err != CRYPTOCB_UNAVAILABLE)
+            return err;
+        /* fall-through when unavailable */
+        #endif
+        #ifdef WOLF_CRYPTO_CB_ONLY_ECC
+        if (err == CRYPTOCB_UNAVAILABLE) {
+            err = NO_VALID_DEVID;
+        }
+        #endif
     }
-    #endif
 #endif
 
 #ifndef WOLF_CRYPTO_CB_ONLY_ECC
@@ -8009,17 +8024,22 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
     }
 
 #ifdef WOLF_CRYPTO_CB
-    err = wc_CryptoCb_EccVerify(sig, siglen, hash, hashlen, res, key);
-    #ifndef WOLF_CRYPTO_CB_ONLY_ECC
-    if (err != CRYPTOCB_UNAVAILABLE)
-        return err;
-    /* fall-through when unavailable */
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (key->devId != INVALID_DEVID)
     #endif
-    #ifdef WOLF_CRYPTO_CB_ONLY_ECC
-    if (err == CRYPTOCB_UNAVAILABLE) {
-        err = NO_VALID_DEVID;
+    {
+        err = wc_CryptoCb_EccVerify(sig, siglen, hash, hashlen, res, key);
+        #ifndef WOLF_CRYPTO_CB_ONLY_ECC
+        if (err != CRYPTOCB_UNAVAILABLE)
+            return err;
+        /* fall-through when unavailable */
+        #endif
+        #ifdef WOLF_CRYPTO_CB_ONLY_ECC
+        if (err == CRYPTOCB_UNAVAILABLE) {
+            err = NO_VALID_DEVID;
+        }
+        #endif
     }
-    #endif
 #endif
 
 #ifndef WOLF_CRYPTO_CB_ONLY_ECC

wolfcrypt/src/random.c

@@ -1829,10 +1829,15 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
         return 0;
 
 #ifdef WOLF_CRYPTO_CB
-    ret = wc_CryptoCb_RandomBlock(rng, output, sz);
-    if (ret != CRYPTOCB_UNAVAILABLE)
-        return ret;
-    /* fall-through when unavailable */
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (rng->devId != INVALID_DEVID)
+    #endif
+    {
+        ret = wc_CryptoCb_RandomBlock(rng, output, sz);
+        if (ret != CRYPTOCB_UNAVAILABLE)
+            return ret;
+        /* fall-through when unavailable */
+    }
 #endif
 
 #ifdef HAVE_INTEL_RDRAND
@@ -2581,7 +2586,11 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 #ifdef WOLF_CRYPTO_CB
     int ret;
 
-    if (os != NULL) {
+    if (os != NULL
+    #ifndef WOLF_CRYPTO_CB_FIND
+        && os->devId != INVALID_DEVID)
+    #endif
+    {
         ret = wc_CryptoCb_RandomSeed(os, output, sz);
         if (ret != CRYPTOCB_UNAVAILABLE)
             return ret;
@@ -3700,6 +3709,9 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
         }
 
     #ifdef WOLF_CRYPTO_CB
+        #ifndef WOLF_CRYPTO_CB_FIND
+        if (os->devId != INVALID_DEVID)
+        #endif
         {
             ret = wc_CryptoCb_RandomSeed(os, output, sz);
             if (ret != CRYPTOCB_UNAVAILABLE)