wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-05 13:44:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8509 from kaleb-himes/WCv6.0.0-RC4-CHECKIN

Browse Source 
Disable XTS-384 as an allowed use in FIPS mode
This commit is contained in:
Daniel Pouzzner
2025-02-26 18:24:12 -06:00
committed by GitHub
parent c290907228 738462a6f0
commit 183d9b44d1
3 changed files with 13 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
fips-check.sh
View File

@@ -240,9 +240,9 @@ linuxv5|linuxv5.2.1)
) )
;; ;;
v6.0.0) v6.0.0)
WOLF_REPO_TAG='WCv6.0.0-RC3' WOLF_REPO_TAG='WCv6.0.0-RC4'
FIPS_REPO_TAG='WCv6.0.0-RC4' FIPS_REPO_TAG='WCv6.0.0-RC4'
ASM_PICKUPS_TAG='WCv6.0.0-RC3' ASM_PICKUPS_TAG='WCv6.0.0-RC4'
FIPS_OPTION='v6' FIPS_OPTION='v6'
FIPS_FILES=( FIPS_FILES=(
"wolfcrypt/src/fips.c:${FIPS_REPO_TAG}" "wolfcrypt/src/fips.c:${FIPS_REPO_TAG}"

5
wolfcrypt/src/aes.c
View File

@@ -12818,7 +12818,12 @@ int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key, word32 len, int dir)
} }
if ((len != (AES_128_KEY_SIZE*2)) && if ((len != (AES_128_KEY_SIZE*2)) &&
#ifndef HAVE_FIPS
/* XTS-384 not allowed by FIPS and can not be treated like
* RSA-4096 bit keys back in the day, can not vendor affirm
* the use of 2 concatenated 192-bit keys (XTS-384) */
(len != (AES_192_KEY_SIZE*2)) && (len != (AES_192_KEY_SIZE*2)) &&
#endif
(len != (AES_256_KEY_SIZE*2))) (len != (AES_256_KEY_SIZE*2)))
{ {
WOLFSSL_MSG("Unsupported key size"); WOLFSSL_MSG("Unsupported key size");

13
wolfcrypt/test/test.c
View File

@@ -11613,6 +11613,8 @@ static wc_test_ret_t aes_xts_128_test(void)
} }
#endif /* WOLFSSL_AES_128 */ #endif /* WOLFSSL_AES_128 */
#ifndef HAVE_FIPS
/* FIPS won't allow for XTS-384 (two 192-bit keys) */
#ifdef WOLFSSL_AES_192 #ifdef WOLFSSL_AES_192
static wc_test_ret_t aes_xts_192_test(void) static wc_test_ret_t aes_xts_192_test(void)
{ {
@@ -11703,7 +11705,6 @@ static wc_test_ret_t aes_xts_192_test(void)
0x65, 0x37, 0x15, 0x53, 0xf1, 0x98, 0xab, 0xb4 0x65, 0x37, 0x15, 0x53, 0xf1, 0x98, 0xab, 0xb4
}; };
#ifndef HAVE_FIPS /* FIPS requires different keys for main and tweak. */
WOLFSSL_SMALL_STACK_STATIC unsigned char k3[] = { WOLFSSL_SMALL_STACK_STATIC unsigned char k3[] = {
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
@@ -11730,7 +11731,6 @@ static wc_test_ret_t aes_xts_192_test(void)
0xe8, 0xc5, 0x99, 0x3d, 0x58, 0x3c, 0xeb, 0xba, 0xe8, 0xc5, 0x99, 0x3d, 0x58, 0x3c, 0xeb, 0xba,
0x86, 0xea, 0x2c, 0x7e, 0x1f, 0xba, 0x81, 0xde 0x86, 0xea, 0x2c, 0x7e, 0x1f, 0xba, 0x81, 0xde
}; };
#endif /* HAVE_FIPS */
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if ((aes = (XtsAes *)XMALLOC(sizeof *aes, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL) if ((aes = (XtsAes *)XMALLOC(sizeof *aes, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL)
@@ -12045,8 +12045,6 @@ static wc_test_ret_t aes_xts_192_test(void)
if (XMEMCMP(p2, buf, sizeof(p2))) if (XMEMCMP(p2, buf, sizeof(p2)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out); ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#ifndef HAVE_FIPS
/* Test ciphertext stealing in-place. */ /* Test ciphertext stealing in-place. */
XMEMCPY(buf, p3, sizeof(p3)); XMEMCPY(buf, p3, sizeof(p3));
ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_ENCRYPTION);
@@ -12130,8 +12128,6 @@ static wc_test_ret_t aes_xts_192_test(void)
ERROR_OUT(WC_TEST_RET_ENC_NC, out); ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif /* WOLFSSL_AESXTS_STREAM */ #endif /* WOLFSSL_AESXTS_STREAM */
#endif /* !HAVE_FIPS */
#if !defined(BENCH_EMBEDDED) && !defined(HAVE_CAVIUM) && \ #if !defined(BENCH_EMBEDDED) && !defined(HAVE_CAVIUM) && \
!defined(WOLFSSL_AFALG) !defined(WOLFSSL_AFALG)
{ {
@@ -12316,7 +12312,7 @@ static wc_test_ret_t aes_xts_192_test(void)
return ret; return ret;
} }
#endif /* WOLFSSL_AES_192 */ #endif /* WOLFSSL_AES_192 */
#endif /* HAVE_FIPS */
#ifdef WOLFSSL_AES_256 #ifdef WOLFSSL_AES_256
static wc_test_ret_t aes_xts_256_test(void) static wc_test_ret_t aes_xts_256_test(void)
@@ -14665,11 +14661,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_xts_test(void)
return ret; return ret;
#endif #endif
/* FIPS won't allow for XTS-384 (two 192-bit keys) */
#ifndef HAVE_FIPS
#ifdef WOLFSSL_AES_192 #ifdef WOLFSSL_AES_192
ret = aes_xts_192_test(); ret = aes_xts_192_test();
if (ret != 0) if (ret != 0)
return ret; return ret;
#endif #endif
#endif
#ifdef WOLFSSL_AES_256 #ifdef WOLFSSL_AES_256
ret = aes_xts_256_test(); ret = aes_xts_256_test();