From 91681f378f960a28866c1a48571d6b6dde3940fe Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Fri, 9 Feb 2024 00:46:54 -0600 Subject: [PATCH] configure.ac: * add srtp to enable-all * add srtp-kdf to enable-all-crypto * fix typo in enable-all[-crypto] where ENABLED_FIPS was used when FIPS_VERSION was needed. * in enable-all[-crypto], conditionalize aesxts on !FIPS || FIPS_VERSION == dev. * move AES-XTS CFLAG setup after FIPS settings, to allow non-dev FIPS to force it off, and add clause to FIPS v5 setup to do that. * in FIPS v5 setup, add AES-XTS to the list of modes that forces -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB. wolfcrypt/src/kdf.c: fix several benign -Wconversions. wolfcrypt/test/test.c: add aes_cfb_test() and aes_xts_test() as top-level tests with separate "pass" messages, for transparency that those modes have indeed been tested in builds that activate them. --- configure.ac | 31 ++++++----- wolfcrypt/src/kdf.c | 12 ++--- wolfcrypt/test/test.c | 121 +++++++++++++++++++++++++++--------------- 3 files changed, 104 insertions(+), 60 deletions(-) diff --git a/configure.ac b/configure.ac index dbb7c5977..2265a0817 100644 --- a/configure.ac +++ b/configure.ac @@ -745,7 +745,6 @@ then test "$enable_psk" = "" && enable_psk=yes test "$enable_cmac" = "" && enable_cmac=yes test "$enable_siphash" = "" && enable_siphash=yes - test "$enable_aesxts" = "" && enable_aesxts=yes test "$enable_ocsp" = "" && enable_ocsp=yes test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes @@ -787,6 +786,7 @@ then test "$enable_session_ticket" = "" && enable_session_ticket=yes test "$enable_earlydata" = "" && enable_earlydata=yes test "$enable_ech" = "" && enable_ech=yes + test "$enable_srtp" = "" && enable_srtp=yes if test "$ENABLED_32BIT" != "yes" then @@ -861,7 +861,8 @@ then fi fi - if test "$ENABLED_FIPS" = "no" || test "$ENABLED_FIPS" = "dev"; then + if test "$ENABLED_FIPS" = "no" || test "$FIPS_VERSION" = "dev"; then + test "$enable_aesxts" = "" && enable_aesxts=yes test "$enable_aessiv" = "" && enable_aessiv=yes fi @@ -933,7 +934,6 @@ then test "$enable_psk" = "" && enable_psk=yes test "$enable_cmac" = "" && enable_cmac=yes test "$enable_siphash" = "" && enable_siphash=yes - test "$enable_aesxts" = "" && enable_aesxts=yes test "$enable_ocsp" = "" && enable_ocsp=yes test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes @@ -959,6 +959,7 @@ then test "$enable_cryptocb" = "" && enable_cryptocb=yes test "$enable_anon" = "" && enable_anon=yes test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes + test "$enable_srtp_kdf" = "" && enable_srtp_kdf=yes if test "$ENABLED_32BIT" != "yes" then @@ -1001,7 +1002,8 @@ then fi fi - if test "$ENABLED_FIPS" = "no" || test "$ENABLED_FIPS" = "dev"; then + if test "$ENABLED_FIPS" = "no" || test "$FIPS_VERSION" = "dev"; then + test "$enable_aesxts" = "" && enable_aesxts=yes test "$enable_aessiv" = "" && enable_aessiv=yes fi @@ -4848,13 +4850,6 @@ AC_ARG_ENABLE([xts], [ ENABLED_AESXTS=$enableval ] ) -AS_IF([test "x$ENABLED_AESXTS" = "xyes"], - [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_XTS -DWOLFSSL_AES_DIRECT"]) -AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_INTELASM" = "xyes"], - [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"]) -AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_AESNI" = "xyes"], - [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"]) - # Web Server Build AC_ARG_ENABLE([webserver], [AS_HELP_STRING([--enable-webserver],[Enable Web Server (default: disabled)])], @@ -4953,6 +4948,9 @@ AS_CASE([$FIPS_VERSION], AS_IF([test "$ENABLED_AESCCM" != "yes" && (test "$FIPS_VERSION" != "dev" || test "$enable_aesccm" != "no")], [ENABLED_AESCCM="yes"; AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM"]) + AS_IF([test "$ENABLED_AESXTS" = "yes" && (test "$FIPS_VERSION" != "dev" || test "$enable_aesxts" != "yes")], + [ENABLED_AESXTS="no"]) + AS_IF([test "$ENABLED_RSAPSS" != "yes" && (test "$FIPS_VERSION" != "dev" || test "$enable_rsapss" != "no")], [ENABLED_RSAPSS="yes"; AM_CFLAGS="$AM_CFLAGS -DWC_RSA_PSS"]) @@ -4994,7 +4992,8 @@ AS_CASE([$FIPS_VERSION], AS_IF([(test "$ENABLED_AESCCM" = "yes" && test "$HAVE_AESCCM_PORT" != "yes") || (test "$ENABLED_AESCTR" = "yes" && test "$HAVE_AESCTR_PORT" != "yes") || (test "$ENABLED_AESGCM" = "yes" && test "$HAVE_AESGCM_PORT" != "yes") || - (test "$ENABLED_AESOFB" = "yes" && test "$HAVE_AESOFB_PORT" != "yes")], + (test "$ENABLED_AESOFB" = "yes" && test "$HAVE_AESOFB_PORT" != "yes") || + (test "$ENABLED_AESXTS" = "yes" && test "$HAVE_AESXTS_PORT" != "yes")], [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB"]) ], @@ -5100,6 +5099,14 @@ AS_CASE([$SELFTEST_VERSION], ]) +AS_IF([test "x$ENABLED_AESXTS" = "xyes"], + [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_XTS -DWOLFSSL_AES_DIRECT"]) +AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_INTELASM" = "xyes"], + [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"]) +AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_AESNI" = "xyes"], + [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"]) + + # Set SHA-3 flags if test "$ENABLED_SHA3" != "no" && test "$ENABLED_32BIT" = "no" then diff --git a/wolfcrypt/src/kdf.c b/wolfcrypt/src/kdf.c index 2bda46ef7..55b7ab0c3 100644 --- a/wolfcrypt/src/kdf.c +++ b/wolfcrypt/src/kdf.c @@ -888,12 +888,12 @@ int wc_SSH_KDF(byte hashId, byte keyId, byte* key, word32 keySz, * @param [out] block First block to encrypt. */ static void wc_srtp_kdf_first_block(const byte* salt, word32 saltSz, int kdrIdx, - const byte* index, byte indexSz, unsigned char* block) + const byte* index, int indexSz, unsigned char* block) { - word32 i; + int i; /* XOR salt into zeroized buffer. */ - for (i = 0; i < WC_SRTP_MAX_SALT - saltSz; i++) { + for (i = 0; i < WC_SRTP_MAX_SALT - (int)saltSz; i++) { block[i] = 0; } XMEMCPY(block + WC_SRTP_MAX_SALT - saltSz, salt, saltSz); @@ -942,13 +942,13 @@ static int wc_srtp_kdf_derive_key(byte* block, byte indexSz, byte label, int i; int ret = 0; /* Calculate the number of full blocks needed for derived key. */ - int blocks = keySz / AES_BLOCK_SIZE; + int blocks = (int)(keySz / AES_BLOCK_SIZE); /* XOR in label. */ block[WC_SRTP_MAX_SALT - indexSz - 1] ^= label; for (i = 0; (ret == 0) && (i < blocks); i++) { /* Set counter. */ - block[15] = i; + block[15] = (byte)i; /* Encrypt block into key buffer. */ ret = wc_AesEcbEncrypt(aes, key, block, AES_BLOCK_SIZE); /* Reposition for more derived key. */ @@ -960,7 +960,7 @@ static int wc_srtp_kdf_derive_key(byte* block, byte indexSz, byte label, if ((ret == 0) && (keySz > 0)) { byte enc[AES_BLOCK_SIZE]; /* Set counter. */ - block[15] = i; + block[15] = (byte)i; /* Encrypt block into temporary. */ ret = wc_AesEcbEncrypt(aes, enc, block, AES_BLOCK_SIZE); if (ret == 0) { diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index b0ba4eec8..0b390f00b 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -536,6 +536,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha20Poly1305_test(void); WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des_test(void); WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des3_test(void); WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void); +#if defined(WOLFSSL_AES_CFB) +WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cfb_test(void); +#endif +#ifdef WOLFSSL_AES_XTS +WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_xts_test(void); +#endif WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void); WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void); WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesofb_test(void); @@ -1463,7 +1469,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\ if ( (ret = aesofb_test()) != 0) TEST_FAIL("AES-OFB test failed!\n", ret); else - TEST_PASS("AESOFB test passed!\n"); + TEST_PASS("AES-OFB test passed!\n"); #endif #ifdef HAVE_AESGCM @@ -1490,6 +1496,21 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\ else TEST_PASS("AES-CCM test passed!\n"); #endif + +#ifdef WOLFSSL_AES_CFB + if ( (ret = aes_cfb_test()) != 0) + TEST_FAIL("AES-CFB test failed!\n", ret); + else + TEST_PASS("AES-CFB test passed!\n"); +#endif + +#ifdef WOLFSSL_AES_XTS + if ( (ret = aes_xts_test()) != 0) + TEST_FAIL("AES-XTS test failed!\n", ret); + else + TEST_PASS("AES-XTS test passed!\n"); +#endif + #ifdef HAVE_AES_KEYWRAP if ( (ret = aeskeywrap_test()) != 0) TEST_FAIL("AES Key Wrap test failed!\n", ret); @@ -8433,8 +8454,10 @@ EVP_TEST_END: #endif /* WOLFSSL_AES_OFB */ #if defined(WOLFSSL_AES_CFB) - /* Test cases from NIST SP 800-38A, Recommendation for Block Cipher Modes of Operation Methods an*/ - static wc_test_ret_t aescfb_test(void) + /* Test cases from NIST SP 800-38A, Recommendation for Block Cipher Modes of + * Operation Methods and Techniques + */ + static wc_test_ret_t aescfb_test_0(void) { #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) Aes *enc = NULL; @@ -9360,7 +9383,7 @@ static wc_test_ret_t aes_key_size_test(void) return ret; } -#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) +#if defined(WOLFSSL_AES_XTS) /* test vectors from http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html */ #ifdef WOLFSSL_AES_128 @@ -11770,44 +11793,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void) goto out; #endif -#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) - #ifdef WOLFSSL_AES_128 - ret = aes_xts_128_test(); - if (ret != 0) - goto out; - #endif - #ifdef WOLFSSL_AES_256 - ret = aes_xts_256_test(); - if (ret != 0) - goto out; - #endif - #if defined(WOLFSSL_AES_128) && defined(WOLFSSL_AES_256) - ret = aes_xts_sector_test(); - if (ret != 0) - goto out; - #endif - #ifdef WOLFSSL_AES_128 - ret = aes_xts_args_test(); - if (ret != 0) - goto out; - #endif -#endif - -#if defined(WOLFSSL_AES_CFB) - ret = aescfb_test(); - if (ret != 0) - goto out; -#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - ret = aescfb1_test(); - if (ret != 0) - goto out; - - ret = aescfb8_test(); - if (ret != 0) - goto out; -#endif -#endif - #if defined(HAVE_AES_ECB) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) ret = aesecb_test(); if (ret != 0) @@ -11846,6 +11831,54 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void) return ret; } +#if defined(WOLFSSL_AES_CFB) +WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cfb_test(void) +{ + int ret; + ret = aescfb_test_0(); + if (ret != 0) + return ret; +#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) + ret = aescfb1_test(); + if (ret != 0) + return ret; + + ret = aescfb8_test(); + if (ret != 0) + return ret; +#endif + return 0; +} +#endif + +#if defined(WOLFSSL_AES_XTS) +WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_xts_test(void) +{ + int ret = 0; + #ifdef WOLFSSL_AES_128 + ret = aes_xts_128_test(); + if (ret != 0) + return ret; + #endif + #ifdef WOLFSSL_AES_256 + ret = aes_xts_256_test(); + if (ret != 0) + return ret; + #endif + #if defined(WOLFSSL_AES_128) && defined(WOLFSSL_AES_256) + ret = aes_xts_sector_test(); + if (ret != 0) + return ret; + #endif + #ifdef WOLFSSL_AES_128 + ret = aes_xts_args_test(); + if (ret != 0) + return ret; + #endif + return 0; +} +#endif + #ifdef WOLFSSL_AES_192 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void) { @@ -49672,6 +49705,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void) if (ret == 0) ret = aes_test(); #endif + #ifdef WOLFSSL_AES_XTS + if (ret == 0) + ret = aes_xts_test(); + #endif #if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128) if (ret == 0) ret = aesccm_test();