feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Various cleanups and fixes:

Browse Source 
* Fix to properly set configure.ac LMS/XMSS enables and build of those code files.
* Remove duplicate aes.c `wc_AesSetKeyLocal` call to `wc_AesSetIV`. Moved earlier in function in commit a10260ca5f.
* Benchmark missing time.h with NO_ASN_TIME.
* Added option to support disabling AES CFB 1/8 `WOLFSSL_NO_AES_CFB_1_8`.
* Fixes for building with combinations of `WOLFSSL_RSA_VERIFY_ONLY` and `WOLFSSL_RSA_PUBLIC_ONLY`.
* Fix for building `--enable-stacksize=verbose` with single threaded.
* Various tab and formatting cleanups.
ZD 18996
This commit is contained in:
David Garske
2024-12-06 16:45:33 -08:00
parent 1bfbdb6c7f
commit 017f931f8b
8 changed files with 62 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
IDE/GCC-ARM/Source/benchmark_main.c
View File

@@ -39,16 +39,16 @@ int main(void)
{ {
int ret; int ret;
#ifndef NO_CRYPT_BENCHMARK #ifndef NO_CRYPT_BENCHMARK
wolfCrypt_Init(); wolfCrypt_Init();
printf("\nBenchmark Test\n"); printf("\nBenchmark Test\n");
benchmark_test(&args); benchmark_test(&args);
ret = args.return_code; ret = args.return_code;
printf("Benchmark Test: Return code %d\n", ret); printf("Benchmark Test: Return code %d\n", ret);
wolfCrypt_Cleanup(); wolfCrypt_Cleanup();
#else #else
ret = NOT_COMPILED_IN; ret = NOT_COMPILED_IN;
#endif #endif
return ret; return ret;
} }

12
IDE/GCC-ARM/Source/test_main.c
View File

@@ -40,16 +40,16 @@ int main(void)
{ {
int ret; int ret;
#ifndef NO_CRYPT_TEST #ifndef NO_CRYPT_TEST
wolfCrypt_Init(); wolfCrypt_Init();
printf("\nCrypt Test\n"); printf("\nCrypt Test\n");
wolfcrypt_test(&args); wolfcrypt_test(&args);
ret = args.return_code; ret = args.return_code;
printf("Crypt Test: Return code %d\n", ret); printf("Crypt Test: Return code %d\n", ret);
wolfCrypt_Cleanup(); wolfCrypt_Cleanup();
#else #else
ret = NOT_COMPILED_IN; ret = NOT_COMPILED_IN;
#endif #endif
return ret; return ret;
} }

4
configure.ac
View File

@@ -1492,6 +1492,7 @@ then
fi fi
# XMSS # XMSS
ENABLED_WC_XMSS=no
AC_ARG_ENABLE([xmss], AC_ARG_ENABLE([xmss],
[AS_HELP_STRING([--enable-xmss],[Enable stateful XMSS/XMSS^MT signatures (default: disabled)])], [AS_HELP_STRING([--enable-xmss],[Enable stateful XMSS/XMSS^MT signatures (default: disabled)])],
[ ENABLED_XMSS=$enableval ], [ ENABLED_XMSS=$enableval ],
@@ -1583,6 +1584,7 @@ then
fi fi
# LMS # LMS
ENABLED_WC_LMS=no
AC_ARG_ENABLE([lms], AC_ARG_ENABLE([lms],
[AS_HELP_STRING([--enable-lms],[Enable stateful LMS/HSS signatures (default: disabled)])], [AS_HELP_STRING([--enable-lms],[Enable stateful LMS/HSS signatures (default: disabled)])],
[ ENABLED_LMS=$enableval ], [ ENABLED_LMS=$enableval ],
@@ -4524,7 +4526,7 @@ fi
if test "$ENABLED_STACKSIZE" = "verbose" if test "$ENABLED_STACKSIZE" = "verbose"
then then
if test "$thread_ls_on" != "yes" if test "$thread_ls_on" != "yes" && test "x$ENABLED_SINGLETHREADED" = "xno"
then then
AC_MSG_ERROR(stacksize-verbose needs thread-local storage.) AC_MSG_ERROR(stacksize-verbose needs thread-local storage.)
fi fi

1
wolfcrypt/benchmark/benchmark.c
View File

@@ -14657,6 +14657,7 @@ void bench_sphincsKeySign(byte level, byte optim)
#else #else
#include <time.h>
#include <sys/time.h> #include <sys/time.h>
double current_time(int reset) double current_time(int reset)

8
wolfcrypt/src/aes.c
View File

@@ -4662,8 +4662,6 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
} }
#endif #endif
ret = wc_AesSetIV(aes, iv);
#if defined(WOLFSSL_DEVCRYPTO) && \ #if defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)) (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
aes->ctx.cfd = -1; aes->ctx.cfd = -1;
@@ -11909,7 +11907,8 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackDecrypt(
/* consume any unused bytes left in aes->tmp */ /* consume any unused bytes left in aes->tmp */
processed = min(aes->left, sz); processed = min(aes->left, sz);
xorbufout(out, in, (byte*)aes->tmp + WC_AES_BLOCK_SIZE - aes->left, processed); xorbufout(out, in, (byte*)aes->tmp + WC_AES_BLOCK_SIZE - aes->left,
processed);
aes->left -= processed; aes->left -= processed;
out += processed; out += processed;
in += processed; in += processed;
@@ -12003,7 +12002,7 @@ int wc_AesCfbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
} }
#endif /* HAVE_AES_DECRYPT */ #endif /* HAVE_AES_DECRYPT */
#ifndef WOLFSSL_NO_AES_CFB_1_8
/* shift the whole WC_AES_BLOCK_SIZE array left by 8 or 1 bits */ /* shift the whole WC_AES_BLOCK_SIZE array left by 8 or 1 bits */
static void shiftLeftArray(byte* ary, byte shift) static void shiftLeftArray(byte* ary, byte shift)
{ {
@@ -12221,6 +12220,7 @@ int wc_AesCfb8Decrypt(Aes* aes, byte* out, const byte* in, word32 sz)
return wc_AesFeedbackCFB8(aes, out, in, sz, AES_DECRYPTION); return wc_AesFeedbackCFB8(aes, out, in, sz, AES_DECRYPTION);
} }
#endif /* HAVE_AES_DECRYPT */ #endif /* HAVE_AES_DECRYPT */
#endif /* !WOLFSSL_NO_AES_CFB_1_8 */
#endif /* WOLFSSL_AES_CFB */ #endif /* WOLFSSL_AES_CFB */
#ifdef WOLFSSL_AES_OFB #ifdef WOLFSSL_AES_OFB

3
wolfcrypt/src/rsa.c
View File

@@ -3110,7 +3110,8 @@ int cc310_RsaSSL_Verify(const byte* in, word32 inLen, byte* sig,
#endif /* WOLFSSL_CRYPTOCELL */ #endif /* WOLFSSL_CRYPTOCELL */
#ifndef WOLF_CRYPTO_CB_ONLY_RSA #ifndef WOLF_CRYPTO_CB_ONLY_RSA
#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(TEST_UNPAD_CONSTANT_TIME) && !defined(NO_RSA_BOUNDS_CHECK) #if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(TEST_UNPAD_CONSTANT_TIME) && \
!defined(NO_RSA_BOUNDS_CHECK)
/* Check that 1 < in < n-1. (Requirement of 800-56B.) */ /* Check that 1 < in < n-1. (Requirement of 800-56B.) */
int RsaFunctionCheckIn(const byte* in, word32 inLen, RsaKey* key, int RsaFunctionCheckIn(const byte* in, word32 inLen, RsaKey* key,
int checkSmallCt) int checkSmallCt)

61
wolfcrypt/test/test.c
View File

@@ -9926,7 +9926,9 @@ EVP_TEST_END:
return ret; return ret;
} }
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)) #if !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)) && \
!defined(WOLFSSL_NO_AES_CFB_1_8)
static wc_test_ret_t aescfb1_test(void) static wc_test_ret_t aescfb1_test(void)
{ {
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -10399,7 +10401,7 @@ EVP_TEST_END:
return ret; return ret;
} }
#endif /* !HAVE_SELFTEST && !HAVE_FIPS */ #endif /* !HAVE_SELFTEST && !HAVE_FIPS && !WOLFSSL_NO_AES_CFB_1_8 */
#endif /* WOLFSSL_AES_CFB */ #endif /* WOLFSSL_AES_CFB */
#ifndef HAVE_RENESAS_SYNC #ifndef HAVE_RENESAS_SYNC
@@ -14269,7 +14271,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cfb_test(void)
ret = aescfb_test_0(); ret = aescfb_test_0();
if (ret != 0) if (ret != 0)
return ret; return ret;
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) #if !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)) && \
!defined(WOLFSSL_NO_AES_CFB_1_8)
ret = aescfb1_test(); ret = aescfb1_test();
if (ret != 0) if (ret != 0)
return ret; return ret;
@@ -21853,8 +21857,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void)
#endif #endif
#if !defined(WC_NO_RNG) && !defined(WC_NO_RSA_OAEP) && \ #if !defined(WC_NO_RNG) && !defined(WC_NO_RSA_OAEP) && \
((!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \ !defined(WOLFSSL_RSA_VERIFY_ONLY) && defined(WOLFSSL_PUBLIC_MP) && \
defined(WOLFSSL_PUBLIC_MP)) && !defined(WOLF_CRYPTO_CB_ONLY_RSA) !defined(WOLF_CRYPTO_CB_ONLY_RSA)
idx = (word32)ret; idx = (word32)ret;
XMEMSET(plain, 0, plainSz); XMEMSET(plain, 0, plainSz);
do { do {
@@ -54595,17 +54599,20 @@ static wc_test_ret_t mp_test_shift(mp_int* a, mp_int* r1, WC_RNG* rng)
return WC_TEST_RET_ENC_EC(ret); return WC_TEST_RET_ENC_EC(ret);
for (i = 0; i < 4; i++) { for (i = 0; i < 4; i++) {
mp_copy(r1, a); mp_copy(r1, a);
#if !defined(NO_DH) || defined(HAVE_ECC) || (!defined(NO_RSA) && \
defined(WC_RSA_BLINDING) && !defined(WOLFSSL_RSA_VERIFY_ONLY))
ret = mp_lshd(r1, i); ret = mp_lshd(r1, i);
if (ret != MP_OKAY) if (ret != MP_OKAY)
return WC_TEST_RET_ENC_EC(ret); return WC_TEST_RET_ENC_EC(ret);
#ifndef WOLFSSL_SP_MATH #ifndef WOLFSSL_SP_MATH
mp_rshd(r1, i); mp_rshd(r1, i);
#else #else
mp_rshb(r1, i * SP_WORD_SIZE); mp_rshb(r1, i * SP_WORD_SIZE);
#endif #endif
ret = mp_cmp(a, r1); ret = mp_cmp(a, r1);
if (ret != MP_EQ) if (ret != MP_EQ)
return WC_TEST_RET_ENC_NC; return WC_TEST_RET_ENC_NC;
#endif
} }
#ifndef WOLFSSL_SP_MATH #ifndef WOLFSSL_SP_MATH
for (i = 0; i < DIGIT_BIT+1; i++) { for (i = 0; i < DIGIT_BIT+1; i++) {
@@ -54970,7 +54977,7 @@ static wc_test_ret_t mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
mp_zero(NULL); mp_zero(NULL);
#if !defined(NO_DH) || defined(HAVE_ECC) || defined(WC_RSA_BLINDING) || \ #if !defined(NO_DH) || defined(HAVE_ECC) || defined(WC_RSA_BLINDING) || \
!defined(WOLFSSL_RSA_VERIFY_ONLY) !defined(WOLFSSL_RSA_PUBLIC_ONLY)
ret = mp_lshd(NULL, 0); ret = mp_lshd(NULL, 0);
if (ret != WC_NO_ERR_TRACE(MP_VAL)) if (ret != WC_NO_ERR_TRACE(MP_VAL))
return WC_TEST_RET_ENC_EC(ret); return WC_TEST_RET_ENC_EC(ret);
@@ -55299,7 +55306,8 @@ static wc_test_ret_t mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
return WC_TEST_RET_ENC_EC(ret); return WC_TEST_RET_ENC_EC(ret);
#endif #endif
#if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ #if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
defined(HAVE_ECC) || !defined(NO_DSA) || defined(OPENSSL_EXTRA) defined(HAVE_ECC) || !defined(NO_DSA) || defined(OPENSSL_EXTRA)
ret = mp_invmod(NULL, NULL, NULL); ret = mp_invmod(NULL, NULL, NULL);
if (ret != WC_NO_ERR_TRACE(MP_VAL)) if (ret != WC_NO_ERR_TRACE(MP_VAL))
@@ -56002,7 +56010,8 @@ static wc_test_ret_t mp_test_cmp(mp_int* a, mp_int* b)
return 0; return 0;
} }
#if !defined(NO_DH) || defined(HAVE_ECC) || !defined(WOLFSSL_RSA_VERIFY_ONLY) #if !defined(NO_DH) || defined(HAVE_ECC) || (!defined(NO_RSA) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY))
static wc_test_ret_t mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng) static wc_test_ret_t mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng)
{ {
wc_test_ret_t ret; wc_test_ret_t ret;
@@ -56071,9 +56080,8 @@ static wc_test_ret_t mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng)
} }
#endif #endif
#if defined(WOLFSSL_SP_MATH_ALL) || !defined(NO_DH) || defined(HAVE_ECC) || \ #if !defined(NO_DH) || defined(HAVE_ECC) || \
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \ (!defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY))
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
static wc_test_ret_t mp_test_div(mp_int* a, mp_int* d, mp_int* r, mp_int* rem, static wc_test_ret_t mp_test_div(mp_int* a, mp_int* d, mp_int* r, mp_int* rem,
WC_RNG* rng) WC_RNG* rng)
{ {
@@ -56624,8 +56632,9 @@ static wc_test_ret_t mp_test_mul_sqr(mp_int* a, mp_int* b, mp_int* r1, mp_int* r
return 0; return 0;
} }
#if !defined(NO_RSA) || defined(HAVE_ECC) || !defined(NO_DSA) || \ #if (!defined(NO_RSA) && \
defined(OPENSSL_EXTRA) !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
defined(HAVE_ECC) || !defined(NO_DSA) || defined(OPENSSL_EXTRA)
static wc_test_ret_t mp_test_invmod(mp_int* a, mp_int* m, mp_int* r) static wc_test_ret_t mp_test_invmod(mp_int* a, mp_int* m, mp_int* r)
{ {
wc_test_ret_t ret; wc_test_ret_t ret;
@@ -57026,7 +57035,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void)
#endif #endif
WOLFSSL_ENTER("mp_test"); WOLFSSL_ENTER("mp_test");
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(NO_DH) || defined(HAVE_ECC)
ret = mp_init_multi(a, b, r1, r2, NULL, NULL); ret = mp_init_multi(a, b, r1, r2, NULL, NULL);
#else
ret = mp_init(a);
ret |= mp_init(b);
ret |= mp_init(r1);
ret |= mp_init(r2);
#endif
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
@@ -57234,7 +57250,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void)
#endif #endif
if ((ret = mp_test_cmp(a, r1)) != 0) if ((ret = mp_test_cmp(a, r1)) != 0)
goto done; goto done;
#if !defined(NO_DH) || defined(HAVE_ECC) || !defined(WOLFSSL_RSA_VERIFY_ONLY) #if !defined(NO_DH) || defined(HAVE_ECC) || (!defined(NO_RSA) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY))
if ((ret = mp_test_shbd(a, b, &rng)) != 0) if ((ret = mp_test_shbd(a, b, &rng)) != 0)
goto done; goto done;
#endif #endif
@@ -57242,9 +57259,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void)
if ((ret = mp_test_set_is_bit(a)) != 0) if ((ret = mp_test_set_is_bit(a)) != 0)
goto done; goto done;
#endif #endif
#if defined(WOLFSSL_SP_MATH_ALL) || !defined(NO_DH) || defined(HAVE_ECC) || \ #if !defined(NO_DH) || defined(HAVE_ECC) || \
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \ (!defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY))
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
if ((ret = mp_test_div(a, b, r1, r2, &rng)) != 0) if ((ret = mp_test_div(a, b, r1, r2, &rng)) != 0)
goto done; goto done;
#endif #endif
@@ -57269,8 +57285,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void)
#endif #endif
if ((ret = mp_test_mul_sqr(a, b, r1, r2, &rng)) != 0) if ((ret = mp_test_mul_sqr(a, b, r1, r2, &rng)) != 0)
goto done; goto done;
#if !defined(NO_RSA) || defined(HAVE_ECC) || !defined(NO_DSA) || \ #if (!defined(NO_RSA) && \
defined(OPENSSL_EXTRA) !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
defined(HAVE_ECC) || !defined(NO_DSA) || defined(OPENSSL_EXTRA)
if ((ret = mp_test_invmod(a, b, r1)) != 0) if ((ret = mp_test_invmod(a, b, r1)) != 0)
goto done; goto done;
#endif #endif

2
wolfssl/wolfcrypt/types.h
View File

@@ -1398,7 +1398,7 @@ typedef struct w64wrapper {
#endif #endif
#ifdef SINGLE_THREADED #ifdef SINGLE_THREADED
#if defined(WC_32BIT_CPU) #if defined(WC_32BIT_CPU) || defined(HAVE_STACK_SIZE)
typedef void* THREAD_RETURN; typedef void* THREAD_RETURN;
#else #else
typedef unsigned int THREAD_RETURN; typedef unsigned int THREAD_RETURN;