From 295ba3b416df45b97fb07996fbf7cd5bef10b377 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Fri, 21 Mar 2025 17:20:32 +1000
Subject: [PATCH 1/2] Intel x86_64, gcc, icc: put branches on 32 byte boundary

Improved security with compile flag.
---
 configure.ac                    | 13 +++++++++++++
 wolfcrypt/benchmark/benchmark.c |  8 ++++----
 wolfcrypt/src/kdf.c             | 16 ----------------
 3 files changed, 17 insertions(+), 20 deletions(-)

diff --git a/configure.ac b/configure.ac
index 983278a2a..fc042932e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -175,6 +175,19 @@ DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL"
 LIB_ADD=
 LIB_STATIC_ADD=
 
+EXTRA_OPTS_CFLAGS=
+if test "$host_cpu" = "x86_64"
+then
+    if test "$CC" = "gcc" || test "$CC" = "icc"
+    then
+        EXTRA_OPTS_CFLAGS="$EXTRA_OPTS_CFLAGS -Wa,-mbranches-within-32B-boundaries"
+    fi
+fi
+OPTIMIZE_CFLAGS="$OPTIMIZE_CFLAGS $EXTRA_OPTS_CFLAGS"
+OPTIMIZE_FAST_CFLAGS="$OPTIMIZE_FAST_CFLAGS $EXTRA_OPTS_CFLAGS"
+OPTIMIZE_HUGE_CFLAGS="$OPTIMIZE_HUGE_CFLAGS $EXTRA_OPTS_CFLAGS"
+DEBUG_VFLAGS="$DEBUG_VFLAGS $EXTRA_OPTS_CFLAGS"
+
 if test "$output_objdir" = ""
 then
     output_objdir=.
diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c
index d2f93c66d..fd82b55fe 100644
--- a/wolfcrypt/benchmark/benchmark.c
+++ b/wolfcrypt/benchmark/benchmark.c
@@ -8637,7 +8637,7 @@ void bench_srtpkdf(void)
     bench_stats_start(&count, &start);
     PRIVATE_KEY_UNLOCK();
     do {
-        for (i = 0; i < numBlocks; i++) {
+        for (i = 0; i < numBlocks * 1000; i++) {
             ret = wc_SRTP_KDF(key, AES_128_KEY_SIZE, salt, sizeof(salt),
                 kdrIdx, index, keyE, AES_128_KEY_SIZE, keyA, sizeof(keyA),
                 keyS, sizeof(keyS));
@@ -8660,7 +8660,7 @@ void bench_srtpkdf(void)
     bench_stats_start(&count, &start);
     PRIVATE_KEY_UNLOCK();
     do {
-        for (i = 0; i < numBlocks; i++) {
+        for (i = 0; i < numBlocks * 1000; i++) {
             ret = wc_SRTP_KDF(key, AES_256_KEY_SIZE, salt, sizeof(salt),
                 kdrIdx, index, keyE, AES_256_KEY_SIZE, keyA, sizeof(keyA),
                 keyS, sizeof(keyS));
@@ -8683,7 +8683,7 @@ void bench_srtpkdf(void)
     bench_stats_start(&count, &start);
     PRIVATE_KEY_UNLOCK();
     do {
-        for (i = 0; i < numBlocks; i++) {
+        for (i = 0; i < numBlocks * 1000; i++) {
             ret = wc_SRTCP_KDF(key, AES_128_KEY_SIZE, salt, sizeof(salt),
                 kdrIdx, index, keyE, AES_128_KEY_SIZE, keyA, sizeof(keyA),
                 keyS, sizeof(keyS));
@@ -8706,7 +8706,7 @@ void bench_srtpkdf(void)
     bench_stats_start(&count, &start);
     PRIVATE_KEY_UNLOCK();
     do {
-        for (i = 0; i < numBlocks; i++) {
+        for (i = 0; i < numBlocks * 1000; i++) {
             ret = wc_SRTCP_KDF(key, AES_256_KEY_SIZE, salt, sizeof(salt),
                 kdrIdx, index, keyE, AES_256_KEY_SIZE, keyA, sizeof(keyA),
                 keyS, sizeof(keyS));
diff --git a/wolfcrypt/src/kdf.c b/wolfcrypt/src/kdf.c
index 9ee2791ac..e9442187d 100644
--- a/wolfcrypt/src/kdf.c
+++ b/wolfcrypt/src/kdf.c
@@ -1051,11 +1051,7 @@ int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
             ret = MEMORY_E;
         }
     }
-    if (aes != NULL)
 #endif
-    {
-        XMEMSET(aes, 0, sizeof(Aes));
-    }
 
     /* Setup AES object. */
     if (ret == 0) {
@@ -1155,11 +1151,7 @@ int wc_SRTCP_KDF_ex(const byte* key, word32 keySz, const byte* salt, word32 salt
             ret = MEMORY_E;
         }
     }
-    if (aes != NULL)
 #endif
-    {
-        XMEMSET(aes, 0, sizeof(Aes));
-    }
 
     /* Setup AES object. */
     if (ret == 0) {
@@ -1256,11 +1248,7 @@ int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
             ret = MEMORY_E;
         }
     }
-    if (aes != NULL)
 #endif
-    {
-        XMEMSET(aes, 0, sizeof(Aes));
-    }
 
     /* Setup AES object. */
     if (ret == 0) {
@@ -1339,11 +1327,7 @@ int wc_SRTCP_KDF_label(const byte* key, word32 keySz, const byte* salt,
             ret = MEMORY_E;
         }
     }
-    if (aes != NULL)
 #endif
-    {
-        XMEMSET(aes, 0, sizeof(Aes));
-    }
 
     /* Setup AES object. */
     if (ret == 0) {

From 50304cfb1c5825f72183d5260f617505b678a808 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Tue, 25 Mar 2025 09:40:01 +1000
Subject: [PATCH 2/2] Intel x86_64, gcc, icc: align loops to 64 byte boundary

Improved security with compile flag.
---
 configure.ac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index fc042932e..dd6142534 100644
--- a/configure.ac
+++ b/configure.ac
@@ -180,7 +180,7 @@ if test "$host_cpu" = "x86_64"
 then
     if test "$CC" = "gcc" || test "$CC" = "icc"
     then
-        EXTRA_OPTS_CFLAGS="$EXTRA_OPTS_CFLAGS -Wa,-mbranches-within-32B-boundaries"
+        EXTRA_OPTS_CFLAGS="$EXTRA_OPTS_CFLAGS -Wa,-mbranches-within-32B-boundaries -falign-loops=64"
     fi
 fi
 OPTIMIZE_CFLAGS="$OPTIMIZE_CFLAGS $EXTRA_OPTS_CFLAGS"