Multithreaded decrypt: improvements

Split out decryption in software for TLSv13.
Call software decryption in async decrypt.
Support ChaCha20-Poly1305.

src/dtls13.c

@@ -956,8 +956,18 @@ static int Dtls13SendOneFragmentRtx(WOLFSSL* ssl,
         handshakeType, hashOutput, Dtls13SendNow(ssl, handshakeType));
 
     if (rtxRecord != NULL) {
-        if (ret == 0 || ret == WC_NO_ERR_TRACE(WANT_WRITE))
+        if (ret == 0 || ret == WC_NO_ERR_TRACE(WANT_WRITE)) {
+        #ifdef WOLFSSL_RW_THREADED
+            int lockRet = wc_LockMutex(&ssl->dtls13Rtx.mutex);
+            if (lockRet < 0) {
+                return lockRet;
+            }
+        #endif
             Dtls13RtxAddRecord(&ssl->dtls13Rtx, rtxRecord);
+        #ifdef WOLFSSL_RW_THREADED
+            wc_UnLockMutex(&ssl->dtls13Rtx.mutex);
+        #endif
+        }
         else
             Dtls13FreeRtxBufferRecord(ssl, rtxRecord);
     }
@@ -1534,8 +1544,15 @@ static void Dtls13RtxMoveToEndOfList(WOLFSSL* ssl, Dtls13RtxRecord** prevNext,
         return;
 
     Dtls13RtxRecordUnlink(ssl, prevNext, r);
+#ifdef WOLFSSL_RW_THREADED
+    if (wc_LockMutex(&ssl->dtls13Rtx.mutex) != 0)
+        return;
+#endif
     /* add to the end */
     Dtls13RtxAddRecord(&ssl->dtls13Rtx, r);
+#ifdef WOLFSSL_RW_THREADED
+    wc_UnLockMutex(&ssl->dtls13Rtx.mutex);
+#endif
 }
 
 static int Dtls13RtxSendBuffered(WOLFSSL* ssl)

src/internal.c

@@ -2844,11 +2844,17 @@ void InitCiphers(WOLFSSL* ssl)
 #endif
 #if defined(HAVE_POLY1305) && defined(HAVE_ONE_TIME_AUTH)
     ssl->auth.poly1305 = NULL;
+#ifdef WOLFSSL_RW_THREADED
+    ssl->decAuth.poly1305 = NULL;
+#endif
 #endif
     ssl->encrypt.setup = 0;
     ssl->decrypt.setup = 0;
 #ifdef HAVE_ONE_TIME_AUTH
     ssl->auth.setup    = 0;
+#ifdef WOLFSSL_RW_THREADED
+    ssl->decAuth.setup = 0;
+#endif
 #endif
 
 #ifdef WOLFSSL_DTLS13
@@ -2926,6 +2932,12 @@ void FreeCiphers(WOLFSSL* ssl)
         ForceZero(ssl->auth.poly1305, sizeof(Poly1305));
     XFREE(ssl->auth.poly1305, ssl->heap, DYNAMIC_TYPE_CIPHER);
     ssl->auth.poly1305 = NULL;
+#ifdef WOLFSSL_RW_THREADED
+    if (ssl->decAuth.poly1305)
+        ForceZero(ssl->decAuth.poly1305, sizeof(Poly1305));
+    XFREE(ssl->decAuth.poly1305, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    ssl->decAuth.poly1305 = NULL;
+#endif
 #endif
 
 #ifdef WOLFSSL_DTLS13
@@ -21321,7 +21333,6 @@ static int ReceiveAsyncData(WOLFSSL* ssl)
                 int ret;
                 int error;
 
-
                 /* Parse record header again. */
                 GrowInputBuffer(ssl, decrypt->recordHdrLen, 0);
                 XMEMCPY(ssl->buffers.inputBuffer.buffer, decrypt->recordHdr,

src/keys.c

@@ -3550,7 +3550,13 @@ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side)
     if (!ssl->auth.setup && ssl->specs.bulk_cipher_algorithm == wolfssl_chacha){
         ret = SetAuthKeys(&ssl->auth, keys, &ssl->specs, ssl->heap, ssl->devId);
         if (ret != 0)
-           return ret;
+            return ret;
+    #ifdef WOLFSSL_RW_THREADED
+        ret = SetAuthKeys(&ssl->decAuth, keys, &ssl->specs, ssl->heap,
+            ssl->devId);
+        if (ret != 0)
+            return ret;
+    #endif
     }
 #endif
 

src/ssl.c

@@ -23920,13 +23920,13 @@ int wolfSSL_AsyncEncrypt(WOLFSSL* ssl, int idx)
     word32 dataSz = encrypt->cryptLen - ssl->specs.aead_mac_size;
 
     ret = EncryptTls13Sw(ssl->specs.bulk_cipher_algorithm, &encrypt->cipher,
-#ifdef HAVE_ONE_TIME_AUTH
+    #ifdef HAVE_ONE_TIME_AUTH
         &encrypt->auth,
-#else
+    #else
         NULL,
-#endif
+    #endif
         out, out, dataSz, encrypt->nonce, encrypt->additional, RECORD_HEADER_SZ,
-        ssl->specs.aead_mac_size, 1);
+        ssl->specs.aead_mac_size);
 #ifdef WOLFSSL_DTLS13
     if (ret == 0 && ssl->options.dtls) {
         ret = Dtls13EncryptRecordNumber(ssl, encrypt->buffer.buffer,
@@ -23984,21 +23984,20 @@ int wolfSSL_AsyncDecryptStop(WOLFSSL* ssl, int idx)
 
 int wolfSSL_AsyncDecrypt(WOLFSSL* ssl, int idx)
 {
-    int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
+    int ret;
     ThreadCrypt* decrypt = &ssl->buffers.decrypt[idx];
+    unsigned char* out = decrypt->buffer.buffer + decrypt->offset;
 
-    if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
-        unsigned char* out = decrypt->buffer.buffer + decrypt->offset;
-        unsigned char* input = decrypt->buffer.buffer + decrypt->offset;
-        unsigned char* tag = input + decrypt->cryptLen;
+    ret = DecryptTls13Sw(ssl->specs.bulk_cipher_algorithm, &decrypt->cipher,
+    #ifdef HAVE_ONE_TIME_AUTH
+        &decrypt->auth,
+    #else
+        NULL,
+    #endif
+        out, out, decrypt->cryptLen, decrypt->nonce, decrypt->additional,
+        RECORD_HEADER_SZ, ssl->specs.aead_mac_size, ssl->specs.hash_size);
 
-        ret = wc_AesGcmDecrypt(decrypt->cipher.aes, out, input,
-               decrypt->cryptLen,
-               decrypt->nonce, AESGCM_NONCE_SZ,
-               tag, ssl->specs.aead_mac_size,
-               decrypt->additional, RECORD_HEADER_SZ);
-        decrypt->done = 1;
-    }
+    decrypt->done = 1;
 
     return ret;
 }