feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #7434 from douzzer/20240416-fips-v6-fixes

Browse Source 
20240416-fips-v6-fixes
This commit is contained in:
JacobBarthelmeh
2024-04-17 13:52:35 -06:00
committed by GitHub
parent 03ed52bd81 3df11e7eab
commit 58167a2ebb
10 changed files with 72 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
configure.ac
View File

@@ -809,6 +809,8 @@ then
test "$enable_camellia" = "" && enable_camellia=yes
test "$enable_ripemd" = "" && enable_ripemd=yes
test "$enable_sha224" = "" && enable_sha224=yes
test "$enable_sha512" = "" && enable_sha512=yes
test "$enable_sha3" = "" && enable_sha3=yes
test "$enable_shake128" = "" && enable_shake128=yes
test "$enable_shake256" = "" && enable_shake256=yes
test "$enable_sessioncerts" = "" && enable_sessioncerts=yes
@@ -867,12 +869,6 @@ then
test "$enable_ech" = "" && enable_ech=yes
test "$enable_srtp" = "" && enable_srtp=yes
if test "$ENABLED_32BIT" != "yes"
then
test "$enable_sha512" = "" && enable_sha512=yes
test "$enable_sha3" = "" && enable_sha3=yes
fi
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
then
test "$enable_compkey" = "" && enable_compkey=yes
@@ -923,13 +919,10 @@ then
test "$enable_pkcs7" = "" && enable_pkcs7=yes
test "$enable_nullcipher" = "" && enable_nullcipher=yes
test "$enable_mcast" = "" && enable_mcast=yes
if test "$ENABLED_32BIT" != "yes"
then
test "$enable_ed25519" = "" && enable_ed25519=yes
test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
test "$enable_ed448" = "" && enable_ed448=yes
test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
fi
test "$enable_ed25519" = "" && enable_ed25519=yes
test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
test "$enable_ed448" = "" && enable_ed448=yes
test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
then
@@ -1005,6 +998,8 @@ then
test "$enable_camellia" = "" && enable_camellia=yes
test "$enable_ripemd" = "" && enable_ripemd=yes
test "$enable_sha224" = "" && enable_sha224=yes
test "$enable_sha512" = "" && enable_sha512=yes
test "$enable_sha3" = "" && enable_sha3=yes
test "$enable_shake128" = "" && enable_shake128=yes
test "$enable_shake256" = "" && enable_shake256=yes
test "$enable_sessioncerts" = "" && enable_sessioncerts=yes
@@ -1047,12 +1042,6 @@ then
test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes
test "$enable_srtp_kdf" = "" && enable_srtp_kdf=yes
if test "$ENABLED_32BIT" != "yes"
then
test "$enable_sha512" = "" && enable_sha512=yes
test "$enable_sha3" = "" && enable_sha3=yes
fi
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
then
test "$enable_compkey" = "" && enable_compkey=yes
@@ -1074,13 +1063,10 @@ then
test "$enable_xchacha" = "" && test "$enable_chacha" != "no" && enable_xchacha=yes
test "$enable_pkcs7" = "" && enable_pkcs7=yes
test "$enable_nullcipher" = "" && enable_nullcipher=yes
if test "$ENABLED_32BIT" != "yes"
then
test "$enable_ed25519" = "" && enable_ed25519=yes
test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
test "$enable_ed448" = "" && enable_ed448=yes
test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
fi
test "$enable_ed25519" = "" && enable_ed25519=yes
test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
test "$enable_ed448" = "" && enable_ed448=yes
test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
then
@@ -3433,7 +3419,7 @@ fi
# set sha3 default
SHA3_DEFAULT=no
if (test "$host_cpu" = "x86_64" || test "$host_cpu" = "aarch64" ||
test "$host_cpu" = "amd64") && test "$ENABLED_32BIT" = "no"
test "$host_cpu" = "amd64")
then
if test "x$ENABLED_FIPS" = "xno" || test "$HAVE_FIPS_VERSION" -ge 2
then
@@ -3475,7 +3461,7 @@ AC_ARG_ENABLE([sha512],
)
# options that don't require sha512
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_32BIT" = "yes" || test "$ENABLED_16BIT" = "yes"
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_16BIT" = "yes"
then
ENABLED_SHA512="no"
fi
@@ -3501,7 +3487,7 @@ AC_ARG_ENABLE([sha384],
)
# options that don't require sha384
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_32BIT" = "yes" || test "$ENABLED_16BIT" = "yes"
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_16BIT" = "yes"
then
ENABLED_SHA384="no"
fi
@@ -5363,7 +5349,7 @@ then
fi
# Ed448
if test "$ENABLED_ED448" != "no" && test "$ENABLED_32BIT" = "no"
if test "$ENABLED_ED448" != "no"
then
if test "$ENABLED_ED448" = "small" || test "$ENABLED_LOWRESOURCE" = "yes"
then
@@ -5406,7 +5392,7 @@ then
fi
# Set SHA-3 flags
if test "$ENABLED_SHA3" != "no" && test "$ENABLED_32BIT" = "no"
if test "$ENABLED_SHA3" != "no"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA3"
fi
@@ -5416,7 +5402,7 @@ fi
AS_IF([test "x$ENABLED_FIPS" = "xyes" && test $HAVE_FIPS_VERSION -lt 6],
[ENABLED_SHAKE128="no"])
if test "$ENABLED_SHAKE128" != "no" && test "$ENABLED_32BIT" = "no"
if test "$ENABLED_SHAKE128" != "no"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHAKE128"
if test "$ENABLED_SHA3" = "no"
@@ -5432,7 +5418,7 @@ fi
AS_IF([test "x$ENABLED_FIPS" = "xyes" && test $HAVE_FIPS_VERSION -lt 6],
[ENABLED_SHAKE256="no"])
if test "$ENABLED_SHAKE256" != "no" && test "$ENABLED_32BIT" = "no"
if test "$ENABLED_SHAKE256" != "no"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHAKE256"
if test "$ENABLED_SHA3" = "no"
@@ -8667,7 +8653,7 @@ then
ENABLED_OPENSSLEXTRA="yes"
fi
if test "$ENABLED_ED25519" != "no" && test "$ENABLED_32BIT" = "no"
if test "$ENABLED_ED25519" != "no"
then
if test "$ENABLED_ED25519" = "small" || test "$ENABLED_LOWRESOURCE" = "yes"
then
@@ -8835,9 +8821,9 @@ AS_IF([test "x$ENABLED_CERTGEN" = "xyes"],
AS_IF([test "x$ENABLED_CERTEXT" = "xyes"],
[AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_EXT"])
AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"],
AS_IF([test "x$ENABLED_ED25519" = "xyes"],
[AM_CFLAGS="$AM_CFLAGS -DHAVE_ED25519"])
AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"],
AS_IF([test "x$ENABLED_ED25519" = "xyes"],
[AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_ED25519"])
AS_IF([test "x$ENABLED_ED25519_SMALL" = "xyes"],

3
scripts/aria-cmake-build-test.sh
View File

@@ -115,8 +115,7 @@ build_aria_test() {
# View the available ciphers with:
echo "checking wolfsl client ssl version numbers SSLv3(0) - TLS1.3(4):"
./examples/client/client -V
if [ $? -eq 0 ]; then
if ./examples/client/client -V; then
echo "Confirmed ./examples/client/client operational."
else
echo "ERROR ./examples/client/client error = $?"

4
src/pk.c
View File

@@ -16198,7 +16198,7 @@ int wolfSSL_PEM_write_bio_PKCS8PrivateKey(WOLFSSL_BIO* bio,
int passwdSz, wc_pem_password_cb* cb, void* ctx)
{
byte* pem = NULL;
int pemSz;
int pemSz = 0;
int res = 1;
/* Validate parameters. */
@@ -16243,7 +16243,7 @@ int wolfSSL_PEM_write_PKCS8PrivateKey(XFILE f, WOLFSSL_EVP_PKEY* pkey,
wc_pem_password_cb* cb, void* ctx)
{
byte* pem = NULL;
int pemSz;
int pemSz = 0;
int res = 1;
/* Validate parameters. */

4
src/ssl_load.c
View File

@@ -1529,7 +1529,7 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
if (ssl != NULL) {
ssl->pkCurveOID = cert->pkCurveOID;
}
else {
else if (ctx) {
ctx->pkCurveOID = cert->pkCurveOID;
}
#endif
@@ -1540,7 +1540,7 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
if (ssl != NULL) {
ssl->options.haveECC = ssl->options.haveECDSAsig;
}
else {
else if (ctx) {
ctx->haveECC = ctx->haveECDSAsig;
}
#endif /* !WC_STRICT_SIG */

50
wolfcrypt/src/aes.c
View File

@@ -12726,19 +12726,8 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
{
#ifdef WOLFSSL_AESNI
#ifdef WC_AES_C_DYNAMIC_FALLBACK
int orig_use_aesni = aes->use_aesni;
#endif
if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) {
#ifdef WC_AES_C_DYNAMIC_FALLBACK
aes->use_aesni = 0;
xaes->tweak.use_aesni = 0;
#else
return ret;
#endif
}
if (aes->use_aesni) {
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#if defined(HAVE_INTEL_AVX1)
if (IS_INTEL_AVX1(intel_flags)) {
AES_XTS_encrypt_avx1(in, out, sz, i,
@@ -12756,23 +12745,13 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
(int)aes->rounds);
ret = 0;
}
RESTORE_VECTOR_REGISTERS();
}
else
#endif
{
ret = AesXtsEncrypt_sw(xaes, out, in, sz, i);
}
#ifdef WOLFSSL_AESNI
if (aes->use_aesni)
RESTORE_VECTOR_REGISTERS();
#ifdef WC_AES_C_DYNAMIC_FALLBACK
else if (orig_use_aesni) {
aes->use_aesni = orig_use_aesni;
xaes->tweak.use_aesni = orig_use_aesni;
}
#endif
#endif
}
return ret;
@@ -12962,19 +12941,8 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
{
#ifdef WOLFSSL_AESNI
#ifdef WC_AES_C_DYNAMIC_FALLBACK
int orig_use_aesni = aes->use_aesni;
#endif
if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2() != 0))) {
#ifdef WC_AES_C_DYNAMIC_FALLBACK
aes->use_aesni = 0;
xaes->tweak.use_aesni = 0;
#else
return ret;
#endif
}
if (aes->use_aesni) {
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#if defined(HAVE_INTEL_AVX1)
if (IS_INTEL_AVX1(intel_flags)) {
AES_XTS_decrypt_avx1(in, out, sz, i,
@@ -12992,6 +12960,7 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
(int)aes->rounds);
ret = 0;
}
RESTORE_VECTOR_REGISTERS();
}
else
#endif
@@ -12999,17 +12968,6 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
ret = AesXtsDecrypt_sw(xaes, out, in, sz, i);
}
#ifdef WOLFSSL_AESNI
if (aes->use_aesni)
RESTORE_VECTOR_REGISTERS();
#ifdef WC_AES_C_DYNAMIC_FALLBACK
else if (orig_use_aesni) {
aes->use_aesni = orig_use_aesni;
xaes->tweak.use_aesni = orig_use_aesni;
}
#endif
#endif
return ret;
}
}

21
wolfcrypt/src/fe_448.c
View File

@@ -1437,56 +1437,56 @@ void fe448_to_bytes(unsigned char* b, const sword32* a)
b[ 0] = (byte)(in0 >> 0);
b[ 1] = (byte)(in0 >> 8);
b[ 2] = (byte)(in0 >> 16);
b[ 3] = (byte)(in0 >> 24) + ((in1 >> 0) << 4);
b[ 3] = (byte)((in0 >> 24) + ((in1 >> 0) << 4));
b[ 4] = (byte)(in1 >> 4);
b[ 5] = (byte)(in1 >> 12);
b[ 6] = (byte)(in1 >> 20);
b[ 7] = (byte)(in2 >> 0);
b[ 8] = (byte)(in2 >> 8);
b[ 9] = (byte)(in2 >> 16);
b[10] = (byte)(in2 >> 24) + ((in3 >> 0) << 4);
b[10] = (byte)((in2 >> 24) + ((in3 >> 0) << 4));
b[11] = (byte)(in3 >> 4);
b[12] = (byte)(in3 >> 12);
b[13] = (byte)(in3 >> 20);
b[14] = (byte)(in4 >> 0);
b[15] = (byte)(in4 >> 8);
b[16] = (byte)(in4 >> 16);
b[17] = (byte)(in4 >> 24) + ((in5 >> 0) << 4);
b[17] = (byte)((in4 >> 24) + ((in5 >> 0) << 4));
b[18] = (byte)(in5 >> 4);
b[19] = (byte)(in5 >> 12);
b[20] = (byte)(in5 >> 20);
b[21] = (byte)(in6 >> 0);
b[22] = (byte)(in6 >> 8);
b[23] = (byte)(in6 >> 16);
b[24] = (byte)(in6 >> 24) + ((in7 >> 0) << 4);
b[24] = (byte)((in6 >> 24) + ((in7 >> 0) << 4));
b[25] = (byte)(in7 >> 4);
b[26] = (byte)(in7 >> 12);
b[27] = (byte)(in7 >> 20);
b[28] = (byte)(in8 >> 0);
b[29] = (byte)(in8 >> 8);
b[30] = (byte)(in8 >> 16);
b[31] = (byte)(in8 >> 24) + ((in9 >> 0) << 4);
b[31] = (byte)((in8 >> 24) + ((in9 >> 0) << 4));
b[32] = (byte)(in9 >> 4);
b[33] = (byte)(in9 >> 12);
b[34] = (byte)(in9 >> 20);
b[35] = (byte)(in10 >> 0);
b[36] = (byte)(in10 >> 8);
b[37] = (byte)(in10 >> 16);
b[38] = (byte)(in10 >> 24) + ((in11 >> 0) << 4);
b[38] = (byte)((in10 >> 24) + ((in11 >> 0) << 4));
b[39] = (byte)(in11 >> 4);
b[40] = (byte)(in11 >> 12);
b[41] = (byte)(in11 >> 20);
b[42] = (byte)(in12 >> 0);
b[43] = (byte)(in12 >> 8);
b[44] = (byte)(in12 >> 16);
b[45] = (byte)(in12 >> 24) + ((in13 >> 0) << 4);
b[45] = (byte)((in12 >> 24) + ((in13 >> 0) << 4));
b[46] = (byte)(in13 >> 4);
b[47] = (byte)(in13 >> 12);
b[48] = (byte)(in13 >> 20);
b[49] = (byte)(in14 >> 0);
b[50] = (byte)(in14 >> 8);
b[51] = (byte)(in14 >> 16);
b[52] = (byte)(in14 >> 24) + ((in15 >> 0) << 4);
b[52] = (byte)((in14 >> 24) + ((in15 >> 0) << 4));
b[53] = (byte)(in15 >> 4);
b[54] = (byte)(in15 >> 12);
b[55] = (byte)(in15 >> 20);
@@ -1834,6 +1834,7 @@ static WC_INLINE void fe448_mul_8(sword32* r, const sword32* a, const sword32* b
sword64 t13 = (sword64)a[ 6] * b[ 7];
sword64 t113 = (sword64)a[ 7] * b[ 6];
sword64 t14 = (sword64)a[ 7] * b[ 7];
sword64 o, t15;
t1 += t101;
t2 += t102; t2 += t202;
t3 += t103; t3 += t203; t3 += t303;
@@ -1850,8 +1851,8 @@ static WC_INLINE void fe448_mul_8(sword32* r, const sword32* a, const sword32* b
t11 += t111; t11 += t211; t11 += t311;
t12 += t112; t12 += t212;
t13 += t113;
sword64 o = t14 >> 28;
sword64 t15 = o;
o = t14 >> 28;
t15 = o;
t14 -= o << 28;
o = (t0 >> 28); t1 += o; t = o << 28; t0 -= t;
o = (t1 >> 28); t2 += o; t = o << 28; t1 -= t;

16
wolfcrypt/src/fe_operations.c
View File

@@ -58,24 +58,24 @@ t[0]+2^26 t[1]+2^51 t[2]+2^77 t[3]+2^102 t[4]+...+2^230 t[9].
Bounds on each t[i] vary depending on context.
*/
word64 load_3(const unsigned char *in)
sword64 load_3(const unsigned char *in)
{
word64 result;
result = (word64) in[0];
result |= ((word64) in[1]) << 8;
result |= ((word64) in[2]) << 16;
return result;
return (sword64)result;
}
word64 load_4(const unsigned char *in)
sword64 load_4(const unsigned char *in)
{
word64 result;
result = (word64) in[0];
result |= ((word64) in[1]) << 8;
result |= ((word64) in[2]) << 16;
result |= ((word64) in[3]) << 24;
return result;
return (sword64)result;
}
#endif
@@ -170,8 +170,8 @@ int curve25519(byte* q, const byte* n, const byte* p)
#endif
b &= 1;
swap ^= b;
fe_cswap(x2,x3,swap);
fe_cswap(z2,z3,swap);
fe_cswap(x2,x3,(int)swap);
fe_cswap(z2,z3,(int)swap);
swap = b;
/* montgomery */
@@ -194,8 +194,8 @@ int curve25519(byte* q, const byte* n, const byte* p)
fe_mul(z3,x1,z2);
fe_mul(z2,tmp1,tmp0);
}
fe_cswap(x2,x3,swap);
fe_cswap(z2,z3,swap);
fe_cswap(x2,x3,(int)swap);
fe_cswap(z2,z3,(int)swap);
fe_invert(z2,z2);
fe_mul(x2,x2,z2);

8
wolfcrypt/src/fe_x25519_128.i
View File

@@ -600,7 +600,7 @@ void fe_sq2(fe r, const fe a)
* in An array of bytes.
* returns a 64-bit word.
*/
word64 load_3(const unsigned char *in)
sword64 load_3(const unsigned char *in)
{
word64 result;
@@ -608,7 +608,7 @@ word64 load_3(const unsigned char *in)
(((word64)in[1]) << 8) |
(((word64)in[2]) << 16));
return result;
return (sword64)result;
}
/* Load 4 little endian bytes into a 64-bit word.
@@ -616,7 +616,7 @@ word64 load_3(const unsigned char *in)
* in An array of bytes.
* returns a 64-bit word.
*/
word64 load_4(const unsigned char *in)
sword64 load_4(const unsigned char *in)
{
word64 result;
@@ -625,6 +625,6 @@ word64 load_4(const unsigned char *in)
(((word64)in[2]) << 16) |
(((word64)in[3]) << 24));
return result;
return (sword64)result;
}

32
wolfcrypt/src/ge_448.c
View File

@@ -5453,56 +5453,56 @@ void sc448_reduce(byte* b)
b[ 0] = (byte)(d[0 ] >> 0);
b[ 1] = (byte)(d[0 ] >> 8);
b[ 2] = (byte)(d[0 ] >> 16);
b[ 3] = (byte)(d[0 ] >> 24) + ((d[1 ] >> 0) << 4);
b[ 3] = (byte)((d[0 ] >> 24) + ((d[1 ] >> 0) << 4));
b[ 4] = (byte)(d[1 ] >> 4);
b[ 5] = (byte)(d[1 ] >> 12);
b[ 6] = (byte)(d[1 ] >> 20);
b[ 7] = (byte)(d[2 ] >> 0);
b[ 8] = (byte)(d[2 ] >> 8);
b[ 9] = (byte)(d[2 ] >> 16);
b[10] = (byte)(d[2 ] >> 24) + ((d[3 ] >> 0) << 4);
b[10] = (byte)((d[2 ] >> 24) + ((d[3 ] >> 0) << 4));
b[11] = (byte)(d[3 ] >> 4);
b[12] = (byte)(d[3 ] >> 12);
b[13] = (byte)(d[3 ] >> 20);
b[14] = (byte)(d[4 ] >> 0);
b[15] = (byte)(d[4 ] >> 8);
b[16] = (byte)(d[4 ] >> 16);
b[17] = (byte)(d[4 ] >> 24) + ((d[5 ] >> 0) << 4);
b[17] = (byte)((d[4 ] >> 24) + ((d[5 ] >> 0) << 4));
b[18] = (byte)(d[5 ] >> 4);
b[19] = (byte)(d[5 ] >> 12);
b[20] = (byte)(d[5 ] >> 20);
b[21] = (byte)(d[6 ] >> 0);
b[22] = (byte)(d[6 ] >> 8);
b[23] = (byte)(d[6 ] >> 16);
b[24] = (byte)(d[6 ] >> 24) + ((d[7 ] >> 0) << 4);
b[24] = (byte)((d[6 ] >> 24) + ((d[7 ] >> 0) << 4));
b[25] = (byte)(d[7 ] >> 4);
b[26] = (byte)(d[7 ] >> 12);
b[27] = (byte)(d[7 ] >> 20);
b[28] = (byte)(d[8 ] >> 0);
b[29] = (byte)(d[8 ] >> 8);
b[30] = (byte)(d[8 ] >> 16);
b[31] = (byte)(d[8 ] >> 24) + ((d[9 ] >> 0) << 4);
b[31] = (byte)((d[8 ] >> 24) + ((d[9 ] >> 0) << 4));
b[32] = (byte)(d[9 ] >> 4);
b[33] = (byte)(d[9 ] >> 12);
b[34] = (byte)(d[9 ] >> 20);
b[35] = (byte)(d[10] >> 0);
b[36] = (byte)(d[10] >> 8);
b[37] = (byte)(d[10] >> 16);
b[38] = (byte)(d[10] >> 24) + ((d[11] >> 0) << 4);
b[38] = (byte)((d[10] >> 24) + ((d[11] >> 0) << 4));
b[39] = (byte)(d[11] >> 4);
b[40] = (byte)(d[11] >> 12);
b[41] = (byte)(d[11] >> 20);
b[42] = (byte)(d[12] >> 0);
b[43] = (byte)(d[12] >> 8);
b[44] = (byte)(d[12] >> 16);
b[45] = (byte)(d[12] >> 24) + ((d[13] >> 0) << 4);
b[45] = (byte)((d[12] >> 24) + ((d[13] >> 0) << 4));
b[46] = (byte)(d[13] >> 4);
b[47] = (byte)(d[13] >> 12);
b[48] = (byte)(d[13] >> 20);
b[49] = (byte)(d[14] >> 0);
b[50] = (byte)(d[14] >> 8);
b[51] = (byte)(d[14] >> 16);
b[52] = (byte)(d[14] >> 24) + ((d[15] >> 0) << 4);
b[52] = (byte)((d[14] >> 24) + ((d[15] >> 0) << 4));
b[53] = (byte)(d[15] >> 4);
b[54] = (byte)(d[15] >> 12);
b[55] = (byte)(d[15] >> 20);
@@ -6206,56 +6206,56 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
r[ 0] = (byte)(rd[0 ] >> 0);
r[ 1] = (byte)(rd[0 ] >> 8);
r[ 2] = (byte)(rd[0 ] >> 16);
r[ 3] = (byte)(rd[0 ] >> 24) + ((rd[1 ] >> 0) << 4);
r[ 3] = (byte)((rd[0 ] >> 24) + ((rd[1 ] >> 0) << 4));
r[ 4] = (byte)(rd[1 ] >> 4);
r[ 5] = (byte)(rd[1 ] >> 12);
r[ 6] = (byte)(rd[1 ] >> 20);
r[ 7] = (byte)(rd[2 ] >> 0);
r[ 8] = (byte)(rd[2 ] >> 8);
r[ 9] = (byte)(rd[2 ] >> 16);
r[10] = (byte)(rd[2 ] >> 24) + ((rd[3 ] >> 0) << 4);
r[10] = (byte)((rd[2 ] >> 24) + ((rd[3 ] >> 0) << 4));
r[11] = (byte)(rd[3 ] >> 4);
r[12] = (byte)(rd[3 ] >> 12);
r[13] = (byte)(rd[3 ] >> 20);
r[14] = (byte)(rd[4 ] >> 0);
r[15] = (byte)(rd[4 ] >> 8);
r[16] = (byte)(rd[4 ] >> 16);
r[17] = (byte)(rd[4 ] >> 24) + ((rd[5 ] >> 0) << 4);
r[17] = (byte)((rd[4 ] >> 24) + ((rd[5 ] >> 0) << 4));
r[18] = (byte)(rd[5 ] >> 4);
r[19] = (byte)(rd[5 ] >> 12);
r[20] = (byte)(rd[5 ] >> 20);
r[21] = (byte)(rd[6 ] >> 0);
r[22] = (byte)(rd[6 ] >> 8);
r[23] = (byte)(rd[6 ] >> 16);
r[24] = (byte)(rd[6 ] >> 24) + ((rd[7 ] >> 0) << 4);
r[24] = (byte)((rd[6 ] >> 24) + ((rd[7 ] >> 0) << 4));
r[25] = (byte)(rd[7 ] >> 4);
r[26] = (byte)(rd[7 ] >> 12);
r[27] = (byte)(rd[7 ] >> 20);
r[28] = (byte)(rd[8 ] >> 0);
r[29] = (byte)(rd[8 ] >> 8);
r[30] = (byte)(rd[8 ] >> 16);
r[31] = (byte)(rd[8 ] >> 24) + ((rd[9 ] >> 0) << 4);
r[31] = (byte)((rd[8 ] >> 24) + ((rd[9 ] >> 0) << 4));
r[32] = (byte)(rd[9 ] >> 4);
r[33] = (byte)(rd[9 ] >> 12);
r[34] = (byte)(rd[9 ] >> 20);
r[35] = (byte)(rd[10] >> 0);
r[36] = (byte)(rd[10] >> 8);
r[37] = (byte)(rd[10] >> 16);
r[38] = (byte)(rd[10] >> 24) + ((rd[11] >> 0) << 4);
r[38] = (byte)((rd[10] >> 24) + ((rd[11] >> 0) << 4));
r[39] = (byte)(rd[11] >> 4);
r[40] = (byte)(rd[11] >> 12);
r[41] = (byte)(rd[11] >> 20);
r[42] = (byte)(rd[12] >> 0);
r[43] = (byte)(rd[12] >> 8);
r[44] = (byte)(rd[12] >> 16);
r[45] = (byte)(rd[12] >> 24) + ((rd[13] >> 0) << 4);
r[45] = (byte)((rd[12] >> 24) + ((rd[13] >> 0) << 4));
r[46] = (byte)(rd[13] >> 4);
r[47] = (byte)(rd[13] >> 12);
r[48] = (byte)(rd[13] >> 20);
r[49] = (byte)(rd[14] >> 0);
r[50] = (byte)(rd[14] >> 8);
r[51] = (byte)(rd[14] >> 16);
r[52] = (byte)(rd[14] >> 24) + ((rd[15] >> 0) << 4);
r[52] = (byte)((rd[14] >> 24) + ((rd[15] >> 0) << 4));
r[53] = (byte)(rd[15] >> 4);
r[54] = (byte)(rd[15] >> 12);
r[55] = (byte)(rd[15] >> 20);

4
wolfssl/wolfcrypt/fe_operations.h
View File

@@ -116,8 +116,8 @@ WOLFSSL_LOCAL void fe_cmov(fe f, const fe g, int b);
WOLFSSL_LOCAL void fe_pow22523(fe out,const fe z);
/* 64 type needed for SHA512 */
WOLFSSL_LOCAL word64 load_3(const unsigned char *in);
WOLFSSL_LOCAL word64 load_4(const unsigned char *in);
WOLFSSL_LOCAL sword64 load_3(const unsigned char *in);
WOLFSSL_LOCAL sword64 load_4(const unsigned char *in);
#ifdef CURVED25519_ASM
WOLFSSL_LOCAL void fe_cmov_table(fe* r, fe* base, signed char b);