From b2f594e84bbc4d5121b9df93c32137b002485c36 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Tue, 16 Apr 2024 12:52:46 -0500 Subject: [PATCH 1/6] fixes for --enable-32bit CFLAGS=-m32 --enable-fips=v6 (fixes "#error ED448 requires SHAKE256"). --- configure.ac | 8 ++++---- wolfcrypt/src/fe_448.c | 16 ++++++++-------- wolfcrypt/src/fe_operations.c | 16 ++++++++-------- wolfcrypt/src/fe_x25519_128.i | 8 ++++---- wolfcrypt/src/ge_448.c | 32 +++++++++++++++---------------- wolfssl/wolfcrypt/fe_operations.h | 4 ++-- 6 files changed, 42 insertions(+), 42 deletions(-) diff --git a/configure.ac b/configure.ac index 9e12a21e8..c0d1194f1 100644 --- a/configure.ac +++ b/configure.ac @@ -5363,7 +5363,7 @@ then fi # Ed448 -if test "$ENABLED_ED448" != "no" && test "$ENABLED_32BIT" = "no" +if test "$ENABLED_ED448" != "no" then if test "$ENABLED_ED448" = "small" || test "$ENABLED_LOWRESOURCE" = "yes" then @@ -5416,7 +5416,7 @@ fi AS_IF([test "x$ENABLED_FIPS" = "xyes" && test $HAVE_FIPS_VERSION -lt 6], [ENABLED_SHAKE128="no"]) -if test "$ENABLED_SHAKE128" != "no" && test "$ENABLED_32BIT" = "no" +if test "$ENABLED_SHAKE128" != "no" then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHAKE128" if test "$ENABLED_SHA3" = "no" @@ -5432,7 +5432,7 @@ fi AS_IF([test "x$ENABLED_FIPS" = "xyes" && test $HAVE_FIPS_VERSION -lt 6], [ENABLED_SHAKE256="no"]) -if test "$ENABLED_SHAKE256" != "no" && test "$ENABLED_32BIT" = "no" +if test "$ENABLED_SHAKE256" != "no" then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHAKE256" if test "$ENABLED_SHA3" = "no" @@ -8667,7 +8667,7 @@ then ENABLED_OPENSSLEXTRA="yes" fi -if test "$ENABLED_ED25519" != "no" && test "$ENABLED_32BIT" = "no" +if test "$ENABLED_ED25519" != "no" then if test "$ENABLED_ED25519" = "small" || test "$ENABLED_LOWRESOURCE" = "yes" then diff --git a/wolfcrypt/src/fe_448.c b/wolfcrypt/src/fe_448.c index 73853b79e..b73d7d5b6 100644 --- a/wolfcrypt/src/fe_448.c +++ b/wolfcrypt/src/fe_448.c @@ -1437,56 +1437,56 @@ void fe448_to_bytes(unsigned char* b, const sword32* a) b[ 0] = (byte)(in0 >> 0); b[ 1] = (byte)(in0 >> 8); b[ 2] = (byte)(in0 >> 16); - b[ 3] = (byte)(in0 >> 24) + ((in1 >> 0) << 4); + b[ 3] = (byte)((in0 >> 24) + ((in1 >> 0) << 4)); b[ 4] = (byte)(in1 >> 4); b[ 5] = (byte)(in1 >> 12); b[ 6] = (byte)(in1 >> 20); b[ 7] = (byte)(in2 >> 0); b[ 8] = (byte)(in2 >> 8); b[ 9] = (byte)(in2 >> 16); - b[10] = (byte)(in2 >> 24) + ((in3 >> 0) << 4); + b[10] = (byte)((in2 >> 24) + ((in3 >> 0) << 4)); b[11] = (byte)(in3 >> 4); b[12] = (byte)(in3 >> 12); b[13] = (byte)(in3 >> 20); b[14] = (byte)(in4 >> 0); b[15] = (byte)(in4 >> 8); b[16] = (byte)(in4 >> 16); - b[17] = (byte)(in4 >> 24) + ((in5 >> 0) << 4); + b[17] = (byte)((in4 >> 24) + ((in5 >> 0) << 4)); b[18] = (byte)(in5 >> 4); b[19] = (byte)(in5 >> 12); b[20] = (byte)(in5 >> 20); b[21] = (byte)(in6 >> 0); b[22] = (byte)(in6 >> 8); b[23] = (byte)(in6 >> 16); - b[24] = (byte)(in6 >> 24) + ((in7 >> 0) << 4); + b[24] = (byte)((in6 >> 24) + ((in7 >> 0) << 4)); b[25] = (byte)(in7 >> 4); b[26] = (byte)(in7 >> 12); b[27] = (byte)(in7 >> 20); b[28] = (byte)(in8 >> 0); b[29] = (byte)(in8 >> 8); b[30] = (byte)(in8 >> 16); - b[31] = (byte)(in8 >> 24) + ((in9 >> 0) << 4); + b[31] = (byte)((in8 >> 24) + ((in9 >> 0) << 4)); b[32] = (byte)(in9 >> 4); b[33] = (byte)(in9 >> 12); b[34] = (byte)(in9 >> 20); b[35] = (byte)(in10 >> 0); b[36] = (byte)(in10 >> 8); b[37] = (byte)(in10 >> 16); - b[38] = (byte)(in10 >> 24) + ((in11 >> 0) << 4); + b[38] = (byte)((in10 >> 24) + ((in11 >> 0) << 4)); b[39] = (byte)(in11 >> 4); b[40] = (byte)(in11 >> 12); b[41] = (byte)(in11 >> 20); b[42] = (byte)(in12 >> 0); b[43] = (byte)(in12 >> 8); b[44] = (byte)(in12 >> 16); - b[45] = (byte)(in12 >> 24) + ((in13 >> 0) << 4); + b[45] = (byte)((in12 >> 24) + ((in13 >> 0) << 4)); b[46] = (byte)(in13 >> 4); b[47] = (byte)(in13 >> 12); b[48] = (byte)(in13 >> 20); b[49] = (byte)(in14 >> 0); b[50] = (byte)(in14 >> 8); b[51] = (byte)(in14 >> 16); - b[52] = (byte)(in14 >> 24) + ((in15 >> 0) << 4); + b[52] = (byte)((in14 >> 24) + ((in15 >> 0) << 4)); b[53] = (byte)(in15 >> 4); b[54] = (byte)(in15 >> 12); b[55] = (byte)(in15 >> 20); diff --git a/wolfcrypt/src/fe_operations.c b/wolfcrypt/src/fe_operations.c index 18e2b05e8..5f4fd1fdc 100644 --- a/wolfcrypt/src/fe_operations.c +++ b/wolfcrypt/src/fe_operations.c @@ -58,24 +58,24 @@ t[0]+2^26 t[1]+2^51 t[2]+2^77 t[3]+2^102 t[4]+...+2^230 t[9]. Bounds on each t[i] vary depending on context. */ -word64 load_3(const unsigned char *in) +sword64 load_3(const unsigned char *in) { word64 result; result = (word64) in[0]; result |= ((word64) in[1]) << 8; result |= ((word64) in[2]) << 16; - return result; + return (sword64)result; } -word64 load_4(const unsigned char *in) +sword64 load_4(const unsigned char *in) { word64 result; result = (word64) in[0]; result |= ((word64) in[1]) << 8; result |= ((word64) in[2]) << 16; result |= ((word64) in[3]) << 24; - return result; + return (sword64)result; } #endif @@ -170,8 +170,8 @@ int curve25519(byte* q, const byte* n, const byte* p) #endif b &= 1; swap ^= b; - fe_cswap(x2,x3,swap); - fe_cswap(z2,z3,swap); + fe_cswap(x2,x3,(int)swap); + fe_cswap(z2,z3,(int)swap); swap = b; /* montgomery */ @@ -194,8 +194,8 @@ int curve25519(byte* q, const byte* n, const byte* p) fe_mul(z3,x1,z2); fe_mul(z2,tmp1,tmp0); } - fe_cswap(x2,x3,swap); - fe_cswap(z2,z3,swap); + fe_cswap(x2,x3,(int)swap); + fe_cswap(z2,z3,(int)swap); fe_invert(z2,z2); fe_mul(x2,x2,z2); diff --git a/wolfcrypt/src/fe_x25519_128.i b/wolfcrypt/src/fe_x25519_128.i index eff2d408e..afeea24b4 100644 --- a/wolfcrypt/src/fe_x25519_128.i +++ b/wolfcrypt/src/fe_x25519_128.i @@ -600,7 +600,7 @@ void fe_sq2(fe r, const fe a) * in An array of bytes. * returns a 64-bit word. */ -word64 load_3(const unsigned char *in) +sword64 load_3(const unsigned char *in) { word64 result; @@ -608,7 +608,7 @@ word64 load_3(const unsigned char *in) (((word64)in[1]) << 8) | (((word64)in[2]) << 16)); - return result; + return (sword64)result; } /* Load 4 little endian bytes into a 64-bit word. @@ -616,7 +616,7 @@ word64 load_3(const unsigned char *in) * in An array of bytes. * returns a 64-bit word. */ -word64 load_4(const unsigned char *in) +sword64 load_4(const unsigned char *in) { word64 result; @@ -625,6 +625,6 @@ word64 load_4(const unsigned char *in) (((word64)in[2]) << 16) | (((word64)in[3]) << 24)); - return result; + return (sword64)result; } diff --git a/wolfcrypt/src/ge_448.c b/wolfcrypt/src/ge_448.c index 5ce8ea75d..d2033af9a 100644 --- a/wolfcrypt/src/ge_448.c +++ b/wolfcrypt/src/ge_448.c @@ -5453,56 +5453,56 @@ void sc448_reduce(byte* b) b[ 0] = (byte)(d[0 ] >> 0); b[ 1] = (byte)(d[0 ] >> 8); b[ 2] = (byte)(d[0 ] >> 16); - b[ 3] = (byte)(d[0 ] >> 24) + ((d[1 ] >> 0) << 4); + b[ 3] = (byte)((d[0 ] >> 24) + ((d[1 ] >> 0) << 4)); b[ 4] = (byte)(d[1 ] >> 4); b[ 5] = (byte)(d[1 ] >> 12); b[ 6] = (byte)(d[1 ] >> 20); b[ 7] = (byte)(d[2 ] >> 0); b[ 8] = (byte)(d[2 ] >> 8); b[ 9] = (byte)(d[2 ] >> 16); - b[10] = (byte)(d[2 ] >> 24) + ((d[3 ] >> 0) << 4); + b[10] = (byte)((d[2 ] >> 24) + ((d[3 ] >> 0) << 4)); b[11] = (byte)(d[3 ] >> 4); b[12] = (byte)(d[3 ] >> 12); b[13] = (byte)(d[3 ] >> 20); b[14] = (byte)(d[4 ] >> 0); b[15] = (byte)(d[4 ] >> 8); b[16] = (byte)(d[4 ] >> 16); - b[17] = (byte)(d[4 ] >> 24) + ((d[5 ] >> 0) << 4); + b[17] = (byte)((d[4 ] >> 24) + ((d[5 ] >> 0) << 4)); b[18] = (byte)(d[5 ] >> 4); b[19] = (byte)(d[5 ] >> 12); b[20] = (byte)(d[5 ] >> 20); b[21] = (byte)(d[6 ] >> 0); b[22] = (byte)(d[6 ] >> 8); b[23] = (byte)(d[6 ] >> 16); - b[24] = (byte)(d[6 ] >> 24) + ((d[7 ] >> 0) << 4); + b[24] = (byte)((d[6 ] >> 24) + ((d[7 ] >> 0) << 4)); b[25] = (byte)(d[7 ] >> 4); b[26] = (byte)(d[7 ] >> 12); b[27] = (byte)(d[7 ] >> 20); b[28] = (byte)(d[8 ] >> 0); b[29] = (byte)(d[8 ] >> 8); b[30] = (byte)(d[8 ] >> 16); - b[31] = (byte)(d[8 ] >> 24) + ((d[9 ] >> 0) << 4); + b[31] = (byte)((d[8 ] >> 24) + ((d[9 ] >> 0) << 4)); b[32] = (byte)(d[9 ] >> 4); b[33] = (byte)(d[9 ] >> 12); b[34] = (byte)(d[9 ] >> 20); b[35] = (byte)(d[10] >> 0); b[36] = (byte)(d[10] >> 8); b[37] = (byte)(d[10] >> 16); - b[38] = (byte)(d[10] >> 24) + ((d[11] >> 0) << 4); + b[38] = (byte)((d[10] >> 24) + ((d[11] >> 0) << 4)); b[39] = (byte)(d[11] >> 4); b[40] = (byte)(d[11] >> 12); b[41] = (byte)(d[11] >> 20); b[42] = (byte)(d[12] >> 0); b[43] = (byte)(d[12] >> 8); b[44] = (byte)(d[12] >> 16); - b[45] = (byte)(d[12] >> 24) + ((d[13] >> 0) << 4); + b[45] = (byte)((d[12] >> 24) + ((d[13] >> 0) << 4)); b[46] = (byte)(d[13] >> 4); b[47] = (byte)(d[13] >> 12); b[48] = (byte)(d[13] >> 20); b[49] = (byte)(d[14] >> 0); b[50] = (byte)(d[14] >> 8); b[51] = (byte)(d[14] >> 16); - b[52] = (byte)(d[14] >> 24) + ((d[15] >> 0) << 4); + b[52] = (byte)((d[14] >> 24) + ((d[15] >> 0) << 4)); b[53] = (byte)(d[15] >> 4); b[54] = (byte)(d[15] >> 12); b[55] = (byte)(d[15] >> 20); @@ -6206,56 +6206,56 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d) r[ 0] = (byte)(rd[0 ] >> 0); r[ 1] = (byte)(rd[0 ] >> 8); r[ 2] = (byte)(rd[0 ] >> 16); - r[ 3] = (byte)(rd[0 ] >> 24) + ((rd[1 ] >> 0) << 4); + r[ 3] = (byte)((rd[0 ] >> 24) + ((rd[1 ] >> 0) << 4)); r[ 4] = (byte)(rd[1 ] >> 4); r[ 5] = (byte)(rd[1 ] >> 12); r[ 6] = (byte)(rd[1 ] >> 20); r[ 7] = (byte)(rd[2 ] >> 0); r[ 8] = (byte)(rd[2 ] >> 8); r[ 9] = (byte)(rd[2 ] >> 16); - r[10] = (byte)(rd[2 ] >> 24) + ((rd[3 ] >> 0) << 4); + r[10] = (byte)((rd[2 ] >> 24) + ((rd[3 ] >> 0) << 4)); r[11] = (byte)(rd[3 ] >> 4); r[12] = (byte)(rd[3 ] >> 12); r[13] = (byte)(rd[3 ] >> 20); r[14] = (byte)(rd[4 ] >> 0); r[15] = (byte)(rd[4 ] >> 8); r[16] = (byte)(rd[4 ] >> 16); - r[17] = (byte)(rd[4 ] >> 24) + ((rd[5 ] >> 0) << 4); + r[17] = (byte)((rd[4 ] >> 24) + ((rd[5 ] >> 0) << 4)); r[18] = (byte)(rd[5 ] >> 4); r[19] = (byte)(rd[5 ] >> 12); r[20] = (byte)(rd[5 ] >> 20); r[21] = (byte)(rd[6 ] >> 0); r[22] = (byte)(rd[6 ] >> 8); r[23] = (byte)(rd[6 ] >> 16); - r[24] = (byte)(rd[6 ] >> 24) + ((rd[7 ] >> 0) << 4); + r[24] = (byte)((rd[6 ] >> 24) + ((rd[7 ] >> 0) << 4)); r[25] = (byte)(rd[7 ] >> 4); r[26] = (byte)(rd[7 ] >> 12); r[27] = (byte)(rd[7 ] >> 20); r[28] = (byte)(rd[8 ] >> 0); r[29] = (byte)(rd[8 ] >> 8); r[30] = (byte)(rd[8 ] >> 16); - r[31] = (byte)(rd[8 ] >> 24) + ((rd[9 ] >> 0) << 4); + r[31] = (byte)((rd[8 ] >> 24) + ((rd[9 ] >> 0) << 4)); r[32] = (byte)(rd[9 ] >> 4); r[33] = (byte)(rd[9 ] >> 12); r[34] = (byte)(rd[9 ] >> 20); r[35] = (byte)(rd[10] >> 0); r[36] = (byte)(rd[10] >> 8); r[37] = (byte)(rd[10] >> 16); - r[38] = (byte)(rd[10] >> 24) + ((rd[11] >> 0) << 4); + r[38] = (byte)((rd[10] >> 24) + ((rd[11] >> 0) << 4)); r[39] = (byte)(rd[11] >> 4); r[40] = (byte)(rd[11] >> 12); r[41] = (byte)(rd[11] >> 20); r[42] = (byte)(rd[12] >> 0); r[43] = (byte)(rd[12] >> 8); r[44] = (byte)(rd[12] >> 16); - r[45] = (byte)(rd[12] >> 24) + ((rd[13] >> 0) << 4); + r[45] = (byte)((rd[12] >> 24) + ((rd[13] >> 0) << 4)); r[46] = (byte)(rd[13] >> 4); r[47] = (byte)(rd[13] >> 12); r[48] = (byte)(rd[13] >> 20); r[49] = (byte)(rd[14] >> 0); r[50] = (byte)(rd[14] >> 8); r[51] = (byte)(rd[14] >> 16); - r[52] = (byte)(rd[14] >> 24) + ((rd[15] >> 0) << 4); + r[52] = (byte)((rd[14] >> 24) + ((rd[15] >> 0) << 4)); r[53] = (byte)(rd[15] >> 4); r[54] = (byte)(rd[15] >> 12); r[55] = (byte)(rd[15] >> 20); diff --git a/wolfssl/wolfcrypt/fe_operations.h b/wolfssl/wolfcrypt/fe_operations.h index cdd27db5d..8a1cab7fe 100644 --- a/wolfssl/wolfcrypt/fe_operations.h +++ b/wolfssl/wolfcrypt/fe_operations.h @@ -116,8 +116,8 @@ WOLFSSL_LOCAL void fe_cmov(fe f, const fe g, int b); WOLFSSL_LOCAL void fe_pow22523(fe out,const fe z); /* 64 type needed for SHA512 */ -WOLFSSL_LOCAL word64 load_3(const unsigned char *in); -WOLFSSL_LOCAL word64 load_4(const unsigned char *in); +WOLFSSL_LOCAL sword64 load_3(const unsigned char *in); +WOLFSSL_LOCAL sword64 load_4(const unsigned char *in); #ifdef CURVED25519_ASM WOLFSSL_LOCAL void fe_cmov_table(fe* r, fe* base, signed char b); From 9f55dba2f2a7dd5c8378f89967d3ef1cfce6715d Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Tue, 16 Apr 2024 17:14:25 -0500 Subject: [PATCH 2/6] wolfcrypt/src/aes.c: in AES-XTS AESNI, use cautious strategy as in AESGCM_STREAM for SAVE_VECTOR_REGISTERS, due to random failures seen with DEBUG_VECTOR_REGISTER_ACCESS_FUZZING using the old per-call fallback strategy. --- wolfcrypt/src/aes.c | 50 ++++----------------------------------------- 1 file changed, 4 insertions(+), 46 deletions(-) diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 8a4f21a48..c24b3c953 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -12726,19 +12726,8 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, { #ifdef WOLFSSL_AESNI -#ifdef WC_AES_C_DYNAMIC_FALLBACK - int orig_use_aesni = aes->use_aesni; -#endif - - if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) { -#ifdef WC_AES_C_DYNAMIC_FALLBACK - aes->use_aesni = 0; - xaes->tweak.use_aesni = 0; -#else - return ret; -#endif - } if (aes->use_aesni) { + SAVE_VECTOR_REGISTERS(return _svr_ret;); #if defined(HAVE_INTEL_AVX1) if (IS_INTEL_AVX1(intel_flags)) { AES_XTS_encrypt_avx1(in, out, sz, i, @@ -12756,23 +12745,13 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, (int)aes->rounds); ret = 0; } + RESTORE_VECTOR_REGISTERS(); } else #endif { ret = AesXtsEncrypt_sw(xaes, out, in, sz, i); } - -#ifdef WOLFSSL_AESNI - if (aes->use_aesni) - RESTORE_VECTOR_REGISTERS(); -#ifdef WC_AES_C_DYNAMIC_FALLBACK - else if (orig_use_aesni) { - aes->use_aesni = orig_use_aesni; - xaes->tweak.use_aesni = orig_use_aesni; - } -#endif -#endif } return ret; @@ -12962,19 +12941,8 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, { #ifdef WOLFSSL_AESNI -#ifdef WC_AES_C_DYNAMIC_FALLBACK - int orig_use_aesni = aes->use_aesni; -#endif - - if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2() != 0))) { -#ifdef WC_AES_C_DYNAMIC_FALLBACK - aes->use_aesni = 0; - xaes->tweak.use_aesni = 0; -#else - return ret; -#endif - } if (aes->use_aesni) { + SAVE_VECTOR_REGISTERS(return _svr_ret;); #if defined(HAVE_INTEL_AVX1) if (IS_INTEL_AVX1(intel_flags)) { AES_XTS_decrypt_avx1(in, out, sz, i, @@ -12992,6 +12960,7 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, (int)aes->rounds); ret = 0; } + RESTORE_VECTOR_REGISTERS(); } else #endif @@ -12999,17 +12968,6 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, ret = AesXtsDecrypt_sw(xaes, out, in, sz, i); } -#ifdef WOLFSSL_AESNI - if (aes->use_aesni) - RESTORE_VECTOR_REGISTERS(); -#ifdef WC_AES_C_DYNAMIC_FALLBACK - else if (orig_use_aesni) { - aes->use_aesni = orig_use_aesni; - xaes->tweak.use_aesni = orig_use_aesni; - } -#endif -#endif - return ret; } } From 855175da4772d477d57294f01b191c8c2bce66a7 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 17 Apr 2024 00:35:41 -0500 Subject: [PATCH 3/6] wolfcrypt/src/fe_448.c: fix several out-of-order declarations in fe448_mul_8(). --- wolfcrypt/src/fe_448.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/fe_448.c b/wolfcrypt/src/fe_448.c index b73d7d5b6..36c609694 100644 --- a/wolfcrypt/src/fe_448.c +++ b/wolfcrypt/src/fe_448.c @@ -1834,6 +1834,7 @@ static WC_INLINE void fe448_mul_8(sword32* r, const sword32* a, const sword32* b sword64 t13 = (sword64)a[ 6] * b[ 7]; sword64 t113 = (sword64)a[ 7] * b[ 6]; sword64 t14 = (sword64)a[ 7] * b[ 7]; + sword64 o, t15; t1 += t101; t2 += t102; t2 += t202; t3 += t103; t3 += t203; t3 += t303; @@ -1850,8 +1851,8 @@ static WC_INLINE void fe448_mul_8(sword32* r, const sword32* a, const sword32* b t11 += t111; t11 += t211; t11 += t311; t12 += t112; t12 += t212; t13 += t113; - sword64 o = t14 >> 28; - sword64 t15 = o; + o = t14 >> 28; + t15 = o; t14 -= o << 28; o = (t0 >> 28); t1 += o; t = o << 28; t0 -= t; o = (t1 >> 28); t2 += o; t = o << 28; t1 -= t; From d0edb3d0a970130d34183958dc621dac00d0e9a6 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 17 Apr 2024 00:36:30 -0500 Subject: [PATCH 4/6] scripts/aria-cmake-build-test.sh: fix masked exit value. --- scripts/aria-cmake-build-test.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/aria-cmake-build-test.sh b/scripts/aria-cmake-build-test.sh index 1a6258fc4..0454fbb38 100644 --- a/scripts/aria-cmake-build-test.sh +++ b/scripts/aria-cmake-build-test.sh @@ -115,8 +115,7 @@ build_aria_test() { # View the available ciphers with: echo "checking wolfsl client ssl version numbers SSLv3(0) - TLS1.3(4):" - ./examples/client/client -V - if [ $? -eq 0 ]; then + if ./examples/client/client -V; then echo "Confirmed ./examples/client/client operational." else echo "ERROR ./examples/client/client error = $?" From fac834c80af93f990024373b160a72c32584fa1a Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 17 Apr 2024 00:40:39 -0500 Subject: [PATCH 5/6] configure.ac: in setup for enable-all and enable-all-crypto with enable-32bit, fix inconsistency whereby SHAKE was enabled but SHA512 and SHA3 weren't; remove unneeded+unwanted ENABLED_32BIT conditional force-off of SHA512, SHA384, SHA3, ED25519 (harmonizes with FIPS v6). --- configure.ac | 50 ++++++++++++++++++-------------------------------- 1 file changed, 18 insertions(+), 32 deletions(-) diff --git a/configure.ac b/configure.ac index c0d1194f1..152da7ed9 100644 --- a/configure.ac +++ b/configure.ac @@ -809,6 +809,8 @@ then test "$enable_camellia" = "" && enable_camellia=yes test "$enable_ripemd" = "" && enable_ripemd=yes test "$enable_sha224" = "" && enable_sha224=yes + test "$enable_sha512" = "" && enable_sha512=yes + test "$enable_sha3" = "" && enable_sha3=yes test "$enable_shake128" = "" && enable_shake128=yes test "$enable_shake256" = "" && enable_shake256=yes test "$enable_sessioncerts" = "" && enable_sessioncerts=yes @@ -867,12 +869,6 @@ then test "$enable_ech" = "" && enable_ech=yes test "$enable_srtp" = "" && enable_srtp=yes - if test "$ENABLED_32BIT" != "yes" - then - test "$enable_sha512" = "" && enable_sha512=yes - test "$enable_sha3" = "" && enable_sha3=yes - fi - if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" then test "$enable_compkey" = "" && enable_compkey=yes @@ -923,13 +919,10 @@ then test "$enable_pkcs7" = "" && enable_pkcs7=yes test "$enable_nullcipher" = "" && enable_nullcipher=yes test "$enable_mcast" = "" && enable_mcast=yes - if test "$ENABLED_32BIT" != "yes" - then - test "$enable_ed25519" = "" && enable_ed25519=yes - test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes - test "$enable_ed448" = "" && enable_ed448=yes - test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes - fi + test "$enable_ed25519" = "" && enable_ed25519=yes + test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes + test "$enable_ed448" = "" && enable_ed448=yes + test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" then @@ -1005,6 +998,8 @@ then test "$enable_camellia" = "" && enable_camellia=yes test "$enable_ripemd" = "" && enable_ripemd=yes test "$enable_sha224" = "" && enable_sha224=yes + test "$enable_sha512" = "" && enable_sha512=yes + test "$enable_sha3" = "" && enable_sha3=yes test "$enable_shake128" = "" && enable_shake128=yes test "$enable_shake256" = "" && enable_shake256=yes test "$enable_sessioncerts" = "" && enable_sessioncerts=yes @@ -1047,12 +1042,6 @@ then test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes test "$enable_srtp_kdf" = "" && enable_srtp_kdf=yes - if test "$ENABLED_32BIT" != "yes" - then - test "$enable_sha512" = "" && enable_sha512=yes - test "$enable_sha3" = "" && enable_sha3=yes - fi - if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" then test "$enable_compkey" = "" && enable_compkey=yes @@ -1074,13 +1063,10 @@ then test "$enable_xchacha" = "" && test "$enable_chacha" != "no" && enable_xchacha=yes test "$enable_pkcs7" = "" && enable_pkcs7=yes test "$enable_nullcipher" = "" && enable_nullcipher=yes - if test "$ENABLED_32BIT" != "yes" - then - test "$enable_ed25519" = "" && enable_ed25519=yes - test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes - test "$enable_ed448" = "" && enable_ed448=yes - test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes - fi + test "$enable_ed25519" = "" && enable_ed25519=yes + test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes + test "$enable_ed448" = "" && enable_ed448=yes + test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" then @@ -3433,7 +3419,7 @@ fi # set sha3 default SHA3_DEFAULT=no if (test "$host_cpu" = "x86_64" || test "$host_cpu" = "aarch64" || - test "$host_cpu" = "amd64") && test "$ENABLED_32BIT" = "no" + test "$host_cpu" = "amd64") then if test "x$ENABLED_FIPS" = "xno" || test "$HAVE_FIPS_VERSION" -ge 2 then @@ -3475,7 +3461,7 @@ AC_ARG_ENABLE([sha512], ) # options that don't require sha512 -if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_32BIT" = "yes" || test "$ENABLED_16BIT" = "yes" +if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_16BIT" = "yes" then ENABLED_SHA512="no" fi @@ -3501,7 +3487,7 @@ AC_ARG_ENABLE([sha384], ) # options that don't require sha384 -if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_32BIT" = "yes" || test "$ENABLED_16BIT" = "yes" +if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_16BIT" = "yes" then ENABLED_SHA384="no" fi @@ -5406,7 +5392,7 @@ then fi # Set SHA-3 flags -if test "$ENABLED_SHA3" != "no" && test "$ENABLED_32BIT" = "no" +if test "$ENABLED_SHA3" != "no" then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA3" fi @@ -8835,9 +8821,9 @@ AS_IF([test "x$ENABLED_CERTGEN" = "xyes"], AS_IF([test "x$ENABLED_CERTEXT" = "xyes"], [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_EXT"]) -AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"], +AS_IF([test "x$ENABLED_ED25519" = "xyes"], [AM_CFLAGS="$AM_CFLAGS -DHAVE_ED25519"]) -AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"], +AS_IF([test "x$ENABLED_ED25519" = "xyes"], [AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_ED25519"]) AS_IF([test "x$ENABLED_ED25519_SMALL" = "xyes"], From 3df11e7eab179f556ed5ddc636177d601f5b1f54 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 17 Apr 2024 01:00:41 -0500 Subject: [PATCH 6/6] fixes for cppcheck uninitvar src/pk.c (false positives) and nullPointerRedundantCheck in src/ssl_load.c (true positive). --- src/pk.c | 4 ++-- src/ssl_load.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/pk.c b/src/pk.c index 0947d8c2f..8842a89a7 100644 --- a/src/pk.c +++ b/src/pk.c @@ -16198,7 +16198,7 @@ int wolfSSL_PEM_write_bio_PKCS8PrivateKey(WOLFSSL_BIO* bio, int passwdSz, wc_pem_password_cb* cb, void* ctx) { byte* pem = NULL; - int pemSz; + int pemSz = 0; int res = 1; /* Validate parameters. */ @@ -16243,7 +16243,7 @@ int wolfSSL_PEM_write_PKCS8PrivateKey(XFILE f, WOLFSSL_EVP_PKEY* pkey, wc_pem_password_cb* cb, void* ctx) { byte* pem = NULL; - int pemSz; + int pemSz = 0; int res = 1; /* Validate parameters. */ diff --git a/src/ssl_load.c b/src/ssl_load.c index 43982c4dc..2d92e5f3d 100644 --- a/src/ssl_load.c +++ b/src/ssl_load.c @@ -1529,7 +1529,7 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl, if (ssl != NULL) { ssl->pkCurveOID = cert->pkCurveOID; } - else { + else if (ctx) { ctx->pkCurveOID = cert->pkCurveOID; } #endif @@ -1540,7 +1540,7 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl, if (ssl != NULL) { ssl->options.haveECC = ssl->options.haveECDSAsig; } - else { + else if (ctx) { ctx->haveECC = ctx->haveECDSAsig; } #endif /* !WC_STRICT_SIG */