wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:ColtonWilley/wolfssl into x509_store_add_cert_ref_count

Browse Source
This commit is contained in:
Colton Willey
2024-12-03 09:52:34 -08:00
parent 5684e56e0e 42afede3fc
commit 20e8ecec75
15 changed files with 571 additions and 192 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
IDE/STM32Cube/README.md
View File

@@ -37,6 +37,9 @@ You need both the STM32 IDE and the STM32 initialization code generator (STM32Cu
8. The Benchmark example uses float. To enable go to "Project Properties" -> "C/C++ Build" -> "Settings" -> "Tool Settings" -> "MCU Settings" -> Check "Use float with printf".
9. To enable printf make the `main.c` changes below in the [STM32 Printf](#stm32-printf) section.
**Note:** The STM32MP13 will likely require you to use DDR RAM, as well as enabling MMU and caches for optimum performance. Please see the `STM32MP13.md` file in `wolfcrypt/src/port/st` for more information on how to do this.
### Creating your own STM32CubeMX configuration
If none of the examples fit your STM32 type then you can create your own in STM32CubeMX by doing the following:
@@ -90,10 +93,11 @@ The section for "Hardware platform" may need to be adjusted depending on your pr
* To enable STM32WL support define `WOLFSSL_STM32WL`.
* To enable STM32U5 support define `WOLFSSL_STM32U5`.
* To enable STM32H5 support define `WOLFSSL_STM32H5`.
* To enable STM32MP13 support define `WOLFSSL_STM32MP13`.
To use the STM32 Cube HAL support make sure `WOLFSSL_STM32_CUBEMX` is defined.
The PKA acceleration for ECC is available on some U5, L5 and WB55 chips.
The PKA acceleration for ECC is available on some U5, L5, WB55 and MP13 chips.
This is enabled with `WOLFSSL_STM32_PKA`. You can see some of the benchmarks [here](STM32_Benchmarks.md).
To disable hardware crypto acceleration you can define:

12
IDE/STM32Cube/default_conf.ftl
View File

@@ -165,14 +165,22 @@ extern ${variable.value} ${variable.name};
#define HAL_CONSOLE_UART huart3
#define STM32_HAL_V2
#undef NO_STM32_HASH
#elif defined(STM32MP135Fxx)
#define WOLFSSL_STM32MP13
#define HAL_CONSOLE_UART huart4
#define STM32_HAL_V2
#undef NO_STM32_HASH
#undef NO_STM32_CRYPTO
#define WOLFSSL_STM32_PKA
#define WOLFSSL_STM32_PKA_V2
#else
#warning Please define a hardware platform!
/* This means there is not a pre-defined platform for your board/CPU */
/* You need to define a CPU type, HW crypto and debug UART */
/* CPU Type: WOLFSSL_STM32F1, WOLFSSL_STM32F2, WOLFSSL_STM32F4,
WOLFSSL_STM32F7, WOLFSSL_STM32H7, WOLFSSL_STM32L4, WOLFSSL_STM32L5,
WOLFSSL_STM32G0, WOLFSSL_STM32G4, WOLFSSL_STM32WB and WOLFSSL_STM32U5 */
WOLFSSL_STM32G0, WOLFSSL_STM32G4, WOLFSSL_STM32WB, WOLFSSL_STM32U5 and
WOLFSSL_STM32MP13 */
#define WOLFSSL_STM32F4
/* Debug UART used for printf */

1
IDE/STM32Cube/wolfssl_example.c
View File

@@ -1759,6 +1759,7 @@ static int tls13_uart_client(void)
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_KYBER_LEVEL1) != WOLFSSL_SUCCESS) {
printf("wolfSSL_UseKeyShare Error!!");
}
#endif
#endif
do {

8
configure.ac
View File

@@ -8261,10 +8261,12 @@ if test "$ENABLED_SP_RSA" = "yes" || test "$ENABLED_SP_DH" = "yes"; then
case $host_cpu in
*x86_64* | *aarch64* | *amd64*)
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_LARGE_CODE"
;;
if test "$ENABLED_SP_SMALL" = "no"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_LARGE_CODE"
fi
;;
*)
;;
;;
esac
fi
if test "$ENABLED_ECC" != "no" && test "$ENABLED_SP_ECC" = "yes"; then

16
wolfcrypt/src/port/st/stm32.c
View File

@@ -137,6 +137,9 @@ static void wc_Stm32_Hash_SaveContext(STM32_HASH_Context* ctx)
ctx->HASH_IMR = HASH->IMR;
ctx->HASH_STR = HASH->STR;
ctx->HASH_CR = HASH->CR;
#ifdef STM32_HASH_SHA3
ctx->SHA3CFGR = HASH->SHA3CFGR;
#endif
for (i=0; i<HASH_CR_SIZE; i++) {
ctx->HASH_CSR[i] = HASH->CSR[i];
}
@@ -184,6 +187,9 @@ static void wc_Stm32_Hash_RestoreContext(STM32_HASH_Context* ctx, int algo)
HASH->IMR = ctx->HASH_IMR;
HASH->STR = ctx->HASH_STR;
HASH->CR = ctx->HASH_CR;
#ifdef STM32_HASH_SHA3
HASH->SHA3CFGR = ctx->SHA3CFGR;
#endif
/* Initialize the hash processor */
HASH->CR |= HASH_CR_INIT;
@@ -329,11 +335,11 @@ int wc_Stm32_Hash_Update(STM32_HASH_Context* stmCtx, word32 algo,
while (len) {
word32 add;
/* fill the FIFO plus one additional to flush the block */
chunkSz = ((STM32_HASH_FIFO_SIZE + 1) * STM32_HASH_REG_SIZE);
/* account for extra bytes in the FIFO (use mask 0x3F to get remain) */
chunkSz -= (stmCtx->fifoBytes &
((STM32_HASH_FIFO_SIZE * STM32_HASH_REG_SIZE)-1));
chunkSz = blockSize;
/* fill the FIFO plus one additional to flush the first block */
if (!stmCtx->fifoBytes) {
chunkSz += STM32_HASH_REG_SIZE;
}
add = min(len, chunkSz - stmCtx->buffLen);
XMEMCPY(&local[stmCtx->buffLen], data, add);

87
wolfcrypt/src/sha3.c
View File

@@ -299,7 +299,7 @@ void BlockSha3(word64* s)
*/
#define ROTL64(a, n) (((a)<<(n))|((a)>>(64-(n))))
#if !defined(STM32_HASH_SHA3)
/* An array of values to XOR for block operation. */
static const word64 hash_keccak_r[24] =
{
@@ -316,6 +316,7 @@ static const word64 hash_keccak_r[24] =
W64LIT(0x8000000080008081), W64LIT(0x8000000000008080),
W64LIT(0x0000000080000001), W64LIT(0x8000000080008008)
};
#endif
/* Indices used in swap and rotate operation. */
#define KI_0 6
@@ -533,6 +534,7 @@ do { \
while (0)
#endif /* SHA3_BY_SPEC */
#if !defined(STM32_HASH_SHA3)
/* The block operation performed on the state.
*
* s The state.
@@ -562,8 +564,10 @@ void BlockSha3(word64* s)
}
}
#endif /* WOLFSSL_SHA3_SMALL */
#endif /* STM32_HASH_SHA3 */
#endif /* !WOLFSSL_ARMASM && !WOLFSSL_RISCV_ASM */
#if !defined(STM32_HASH_SHA3)
static WC_INLINE word64 Load64Unaligned(const unsigned char *a)
{
return ((word64)a[0] << 0) |
@@ -617,6 +621,7 @@ static word64 Load64BitBigEndian(const byte* a)
* sha3 wc_Sha3 object holding state.
* returns 0 on success.
*/
static int InitSha3(wc_Sha3* sha3)
{
int i;
@@ -797,6 +802,84 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
return 0;
}
#endif
#if defined(STM32_HASH_SHA3)
/* Supports CubeMX HAL or Standard Peripheral Library */
static int wc_InitSha3(wc_Sha3* sha3, void* heap, int devId)
{
if (sha3 == NULL)
return BAD_FUNC_ARG;
(void)devId;
(void)heap;
XMEMSET(sha3, 0, sizeof(wc_Sha3));
wc_Stm32_Hash_Init(&sha3->stmCtx);
return 0;
}
static int Stm32GetAlgo(byte p)
{
switch(p) {
case WC_SHA3_224_COUNT:
return HASH_ALGOSELECTION_SHA3_224;
case WC_SHA3_256_COUNT:
return HASH_ALGOSELECTION_SHA3_256;
case WC_SHA3_384_COUNT:
return HASH_ALGOSELECTION_SHA3_384;
case WC_SHA3_512_COUNT:
return HASH_ALGOSELECTION_SHA3_512;
}
/* Should never get here */
return WC_SHA3_224_COUNT;
}
static int wc_Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
{
int ret = 0;
if (sha3 == NULL) {
return BAD_FUNC_ARG;
}
if (data == NULL && len == 0) {
/* valid, but do nothing */
return 0;
}
if (data == NULL) {
return BAD_FUNC_ARG;
}
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_Stm32_Hash_Update(&sha3->stmCtx,
Stm32GetAlgo(p), data, len, p * 8);
wolfSSL_CryptHwMutexUnLock();
}
return ret;
}
static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len)
{
int ret = 0;
if (sha3 == NULL || hash == NULL) {
return BAD_FUNC_ARG;
}
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_Stm32_Hash_Final(&sha3->stmCtx,
Stm32GetAlgo(p), hash, len);
wolfSSL_CryptHwMutexUnLock();
}
(void)wc_InitSha3(sha3, NULL, 0); /* reset state */
return ret;
}
#else
/* Initialize the state for a SHA-3 hash operation.
*
@@ -944,7 +1027,7 @@ static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len)
return InitSha3(sha3); /* reset state */
}
#endif
/* Dispose of any dynamically allocated data from the SHA3-384 operation.
* (Required for async ops.)
*

251
wolfcrypt/src/sha512.c
View File

@@ -219,6 +219,66 @@
{
se050_hash_free(&sha512->se050Ctx);
}
#elif defined(STM32_HASH_SHA512)
/* Supports CubeMX HAL or Standard Peripheral Library */
int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
{
if (sha512 == NULL)
return BAD_FUNC_ARG;
(void)devId;
(void)heap;
XMEMSET(sha512, 0, sizeof(wc_Sha512));
wc_Stm32_Hash_Init(&sha512->stmCtx);
return 0;
}
int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
{
int ret = 0;
if (sha512 == NULL) {
return BAD_FUNC_ARG;
}
if (data == NULL && len == 0) {
/* valid, but do nothing */
return 0;
}
if (data == NULL) {
return BAD_FUNC_ARG;
}
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_Stm32_Hash_Update(&sha512->stmCtx,
HASH_ALGOSELECTION_SHA512, data, len, WC_SHA512_BLOCK_SIZE);
wolfSSL_CryptHwMutexUnLock();
}
return ret;
}
int wc_Sha512Final(wc_Sha512* sha512, byte* hash)
{
int ret = 0;
if (sha512 == NULL || hash == NULL) {
return BAD_FUNC_ARG;
}
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_Stm32_Hash_Final(&sha512->stmCtx,
HASH_ALGOSELECTION_SHA512, hash, WC_SHA512_DIGEST_SIZE);
wolfSSL_CryptHwMutexUnLock();
}
(void)wc_InitSha512(sha512); /* reset state */
return ret;
}
#else
@@ -1174,7 +1234,7 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
#elif defined(MAX3266X_SHA)
/* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
#elif defined(STM32_HASH_SHA512)
#else
static WC_INLINE int Sha512Final(wc_Sha512* sha512)
@@ -1337,7 +1397,7 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
#elif defined(MAX3266X_SHA)
/* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
#elif defined(STM32_HASH_SHA512)
#else
static int Sha512FinalRaw(wc_Sha512* sha512, byte* hash, size_t digestSz)
@@ -1407,10 +1467,12 @@ static int Sha512_Family_Final(wc_Sha512* sha512, byte* hash, size_t digestSz,
return initfp(sha512);
}
#ifndef STM32_HASH_SHA512
int wc_Sha512Final(wc_Sha512* sha512, byte* hash)
{
return Sha512_Family_Final(sha512, hash, WC_SHA512_DIGEST_SIZE, InitSha512);
}
#endif
#endif /* WOLFSSL_KCAPI_HASH */
@@ -1592,6 +1654,64 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
#elif defined(MAX3266X_SHA)
/* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
#elif defined(STM32_HASH_SHA384)
int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
{
if (sha384 == NULL)
return BAD_FUNC_ARG;
(void)devId;
(void)heap;
XMEMSET(sha384, 0, sizeof(wc_Sha384));
wc_Stm32_Hash_Init(&sha384->stmCtx);
return 0;
}
int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len)
{
int ret = 0;
if (sha384 == NULL) {
return BAD_FUNC_ARG;
}
if (data == NULL && len == 0) {
/* valid, but do nothing */
return 0;
}
if (data == NULL) {
return BAD_FUNC_ARG;
}
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_Stm32_Hash_Update(&sha384->stmCtx,
HASH_ALGOSELECTION_SHA384, data, len, WC_SHA384_BLOCK_SIZE);
wolfSSL_CryptHwMutexUnLock();
}
return ret;
}
int wc_Sha384Final(wc_Sha384* sha384, byte* hash)
{
int ret = 0;
if (sha384 == NULL || hash == NULL) {
return BAD_FUNC_ARG;
}
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_Stm32_Hash_Final(&sha384->stmCtx,
HASH_ALGOSELECTION_SHA384, hash, WC_SHA384_DIGEST_SIZE);
wolfSSL_CryptHwMutexUnLock();
}
(void)wc_InitSha384(sha384); /* reset state */
return ret;
}
#else
@@ -2011,17 +2131,75 @@ int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags)
#if !defined(WOLFSSL_NOSHA512_224) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
#if defined(STM32_HASH_SHA512_224)
int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId)
{
if (sha512 == NULL)
return BAD_FUNC_ARG;
(void)devId;
(void)heap;
XMEMSET(sha512, 0, sizeof(wc_Sha512));
wc_Stm32_Hash_Init(&sha512->stmCtx);
return 0;
}
int wc_Sha512_224Update(wc_Sha512* sha512, const byte* data, word32 len)
{
int ret = 0;
if (sha512 == NULL) {
return BAD_FUNC_ARG;
}
if (data == NULL && len == 0) {
/* valid, but do nothing */
return 0;
}
if (data == NULL) {
return BAD_FUNC_ARG;
}
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_Stm32_Hash_Update(&sha512->stmCtx,
HASH_ALGOSELECTION_SHA512_224, data, len, WC_SHA512_224_BLOCK_SIZE);
wolfSSL_CryptHwMutexUnLock();
}
return ret;
}
int wc_Sha512_224Final(wc_Sha512* sha512, byte* hash)
{
int ret = 0;
if (sha512 == NULL || hash == NULL) {
return BAD_FUNC_ARG;
}
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_Stm32_Hash_Final(&sha512->stmCtx,
HASH_ALGOSELECTION_SHA512_224, hash, WC_SHA512_224_DIGEST_SIZE);
wolfSSL_CryptHwMutexUnLock();
}
(void)wc_InitSha512_224(sha512); /* reset state */
return ret;
}
#endif
int wc_InitSha512_224(wc_Sha512* sha)
{
return wc_InitSha512_224_ex(sha, NULL, INVALID_DEVID);
}
#if !defined(STM32_HASH_SHA512_224)
int wc_Sha512_224Update(wc_Sha512* sha, const byte* data, word32 len)
{
return wc_Sha512Update(sha, data, len);
}
#endif
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
#elif defined(WOLFSSL_RENESAS_RSIP) && \
@@ -2029,6 +2207,7 @@ int wc_Sha512_224Update(wc_Sha512* sha, const byte* data, word32 len)
/* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#elif defined(STM32_HASH_SHA512_224)
#else
int wc_Sha512_224FinalRaw(wc_Sha512* sha, byte* hash)
@@ -2091,16 +2270,75 @@ int wc_Sha512_224Transform(wc_Sha512* sha, const unsigned char* data)
#if !defined(WOLFSSL_NOSHA512_256) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
#if defined(STM32_HASH_SHA512_256)
int wc_InitSha512_256_ex(wc_Sha512* sha512, void* heap, int devId)
{
if (sha512 == NULL)
return BAD_FUNC_ARG;
(void)devId;
(void)heap;
XMEMSET(sha512, 0, sizeof(wc_Sha512));
wc_Stm32_Hash_Init(&sha512->stmCtx);
return 0;
}
int wc_Sha512_256Update(wc_Sha512* sha512, const byte* data, word32 len)
{
int ret = 0;
if (sha512 == NULL) {
return BAD_FUNC_ARG;
}
if (data == NULL && len == 0) {
/* valid, but do nothing */
return 0;
}
if (data == NULL) {
return BAD_FUNC_ARG;
}
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_Stm32_Hash_Update(&sha512->stmCtx,
HASH_ALGOSELECTION_SHA512_256, data, len, WC_SHA512_256_BLOCK_SIZE);
wolfSSL_CryptHwMutexUnLock();
}
return ret;
}
int wc_Sha512_256Final(wc_Sha512* sha512, byte* hash)
{
int ret = 0;
if (sha512 == NULL || hash == NULL) {
return BAD_FUNC_ARG;
}
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_Stm32_Hash_Final(&sha512->stmCtx,
HASH_ALGOSELECTION_SHA512_256, hash, WC_SHA512_256_DIGEST_SIZE);
wolfSSL_CryptHwMutexUnLock();
}
(void)wc_InitSha512_256(sha512); /* reset state */
return ret;
}
#endif
int wc_InitSha512_256(wc_Sha512* sha)
{
return wc_InitSha512_256_ex(sha, NULL, INVALID_DEVID);
}
#if !defined(STM32_HASH_SHA512_256)
int wc_Sha512_256Update(wc_Sha512* sha, const byte* data, word32 len)
{
return wc_Sha512Update(sha, data, len);
}
#endif
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
#elif defined(WOLFSSL_RENESAS_RSIP) && \
@@ -2108,7 +2346,7 @@ int wc_Sha512_256Update(wc_Sha512* sha, const byte* data, word32 len)
/* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#elif defined(STM32_HASH_SHA512_256)
#else
int wc_Sha512_256FinalRaw(wc_Sha512* sha, byte* hash)
{
@@ -2176,6 +2414,7 @@ int wc_Sha512_256Transform(wc_Sha512* sha, const unsigned char* data)
/* functions defined in wolfcrypt/src/port/renesas/renesas_fspsm_sha.c */
#elif defined(MAX3266X_SHA)
/* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
#else
int wc_Sha384GetHash(wc_Sha384* sha384, byte* hash)

49
wolfcrypt/src/sp_int.c
View File

@@ -5087,52 +5087,6 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp, int ct);
static void _sp_mont_setup(const sp_int* m, sp_int_digit* rho);
#endif
/* Determine when mp_add_d is required. */
#if !defined(NO_PWDBASED) || defined(WOLFSSL_KEY_GEN) || !defined(NO_DH) || \
!defined(NO_DSA) || defined(HAVE_ECC) || \
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
defined(OPENSSL_EXTRA)
#define WOLFSSL_SP_ADD_D
#endif
/* Determine when mp_sub_d is required. */
#if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
!defined(NO_DH) || defined(HAVE_ECC) || !defined(NO_DSA)
#define WOLFSSL_SP_SUB_D
#endif
/* Determine when mp_read_radix with a radix of 10 is required. */
#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)) || defined(HAVE_ECC) || \
!defined(NO_DSA) || defined(OPENSSL_EXTRA)
#define WOLFSSL_SP_READ_RADIX_16
#endif
/* Determine when mp_read_radix with a radix of 10 is required. */
#if defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
#define WOLFSSL_SP_READ_RADIX_10
#endif
/* Determine when mp_invmod is required. */
#if defined(HAVE_ECC) || !defined(NO_DSA) || defined(OPENSSL_EXTRA) || \
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
#define WOLFSSL_SP_INVMOD
#endif
/* Determine when mp_invmod_mont_ct is required. */
#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)
#define WOLFSSL_SP_INVMOD_MONT_CT
#endif
/* Determine when mp_prime_gen is required. */
#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY)) || !defined(NO_DH) || \
(!defined(NO_RSA) && defined(WOLFSSL_KEY_GEN))
#define WOLFSSL_SP_PRIME_GEN
#endif
#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
(defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)) || defined(OPENSSL_EXTRA)
/* Determine when mp_mul_d is required */
#define WOLFSSL_SP_MUL_D
#endif
/* Set the multi-precision number to zero.
*
@@ -14058,7 +14012,8 @@ int sp_exptmod_ex(const sp_int* b, const sp_int* e, int digits, const sp_int* m,
if ((!done) && (err == MP_OKAY)) {
/* Use code optimized for specific sizes if possible */
#if (defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
(defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))
((defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
defined(WOLFSSL_HAVE_SP_DH))
#ifndef WOLFSSL_SP_NO_2048
if ((mBits == 1024) && sp_isodd(m) && (bBits <= 1024) &&
(eBits <= 1024)) {

15
wolfcrypt/test/test.c
View File

@@ -13753,11 +13753,12 @@ static wc_test_ret_t aes_direct_test(Aes* enc, Aes* dec, byte* cipher, byte* pla
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif /* HAVE_AES_DECRYPT */
}
(void)dec;
(void)plain;
#endif /* WOLFSSL_AES_256 */
out:
#endif /* WOLFSSL_AES_256 */
(void)enc;
(void)dec;
(void)cipher;
(void)plain;
return ret;
}
#endif /* WOLFSSL_AES_DIRECT */
@@ -24986,7 +24987,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void)
#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)
/* Expect failure with MD5 + HMAC when using FIPS 140-3. */
if (HMAC(EVP_md5(), "JefeJefeJefeJefe", 16, (byte*)c.input, (int)c.inLen,
if (wolfSSL_HMAC(wolfSSL_EVP_md5(), "JefeJefeJefeJefe", 16, (byte*)c.input, (int)c.inLen,
hash, 0) != NULL)
#else
if (wolfSSL_HMAC(wolfSSL_EVP_md5(), "JefeJefeJefeJefe", 16, (byte*)c.input, (int)c.inLen,
@@ -54765,7 +54766,7 @@ static wc_test_ret_t mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
mp_digit rho;
int size;
#endif
#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH)
#ifdef WOLFSSL_SP_PRIME_GEN
int result;
#endif
#if (defined(HAVE_ECC) && defined(HAVE_COMP_KEY)) || \
@@ -55463,7 +55464,7 @@ static wc_test_ret_t mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
return WC_TEST_RET_ENC_EC(ret);
#endif
#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH)
#ifdef WOLFSSL_SP_PRIME_GEN
ret = mp_prime_is_prime(NULL, 1, NULL);
if (ret != WC_NO_ERR_TRACE(MP_VAL))
return WC_TEST_RET_ENC_EC(ret);

215
wolfssl/openssl/x509.h
View File

@@ -109,126 +109,109 @@
#define XN_FLAG_MULTILINE WOLFSSL_XN_FLAG_MULTILINE
#define XN_FLAG_ONELINE WOLFSSL_XN_FLAG_ONELINE
#define X509_V_ERR_UNABLE_TO_GET_CRL WOLFSSL_X509_V_ERR_UNABLE_TO_GET_CRL
#define X509_V_ERR_CRL_HAS_EXPIRED WOLFSSL_X509_V_ERR_CRL_HAS_EXPIRED
/*
* All of these aren't actually used in wolfSSL. Some are included to
* satisfy OpenSSL compatibility consumers to prevent compilation errors.
* The list was taken from
* https://github.com/openssl/openssl/blob/master/include/openssl/x509_vfy.h.in
* One requirement for HAProxy is that the values should be literal constants.
* Not all of these X509_V_ERR values are used in wolfSSL. Some are included to
* satisfy OpenSSL compatibility compilation errors.
* For HAProxy the values should be literal constants.
*/
#define X509_V_OK 0
#define X509_V_ERR_UNSPECIFIED 1
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
#define X509_V_ERR_UNABLE_TO_GET_CRL WOLFSSL_X509_V_ERR_UNABLE_TO_GET_CRL
#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
#define X509_V_ERR_CERT_NOT_YET_VALID 9
#define X509_V_ERR_CERT_HAS_EXPIRED 10
#define X509_V_ERR_CRL_NOT_YET_VALID 11
#define X509_V_ERR_CRL_HAS_EXPIRED WOLFSSL_X509_V_ERR_CRL_HAS_EXPIRED
#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
#define X509_V_ERR_OUT_OF_MEM 17
#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
#define X509_V_ERR_CERT_REVOKED 23
#define X509_V_ERR_NO_ISSUER_PUBLIC_KEY 24
#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
#define X509_V_ERR_INVALID_PURPOSE 26
#define X509_V_ERR_CERT_UNTRUSTED 27
#define X509_V_ERR_CERT_REJECTED 28
/* These are 'informational' when looking for issuer cert */
#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
#define X509_V_ERR_AKID_SKID_MISMATCH 30
#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
#define X509_V_ERR_INVALID_NON_CA 37
#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
#define X509_V_ERR_INVALID_EXTENSION 41
#define X509_V_ERR_INVALID_POLICY_EXTENSION 42
#define X509_V_ERR_NO_EXPLICIT_POLICY 43
#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
#define X509_V_ERR_UNNESTED_RESOURCE 46
#define X509_V_ERR_PERMITTED_VIOLATION 47
#define X509_V_ERR_EXCLUDED_VIOLATION 48
#define X509_V_ERR_SUBTREE_MINMAX 49
/* The application is not happy */
#define X509_V_ERR_APPLICATION_VERIFICATION 50
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
/* Another issuer check debug option */
#define X509_V_ERR_PATH_LOOP 55
/* Suite B mode algorithm violation */
#define X509_V_ERR_SUITE_B_INVALID_VERSION 56
#define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
#define X509_V_ERR_SUITE_B_INVALID_CURVE 58
#define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
#define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
#define X509_V_OK 0
#define X509_V_ERR_UNSPECIFIED 1
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
#define X509_V_ERR_CERT_NOT_YET_VALID 9
#define X509_V_ERR_CERT_HAS_EXPIRED 10
#define X509_V_ERR_CRL_NOT_YET_VALID 11
#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
#define X509_V_ERR_OUT_OF_MEM 17
#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
#define X509_V_ERR_CERT_REVOKED 23
#define X509_V_ERR_NO_ISSUER_PUBLIC_KEY 24
#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
#define X509_V_ERR_INVALID_PURPOSE 26
#define X509_V_ERR_CERT_UNTRUSTED 27
#define X509_V_ERR_CERT_REJECTED 28
#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
#define X509_V_ERR_AKID_SKID_MISMATCH 30
#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
#define X509_V_ERR_INVALID_NON_CA 37
#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
#define X509_V_ERR_INVALID_EXTENSION 41
#define X509_V_ERR_INVALID_POLICY_EXTENSION 42
#define X509_V_ERR_NO_EXPLICIT_POLICY 43
#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
#define X509_V_ERR_UNNESTED_RESOURCE 46
#define X509_V_ERR_PERMITTED_VIOLATION 47
#define X509_V_ERR_EXCLUDED_VIOLATION 48
#define X509_V_ERR_SUBTREE_MINMAX 49
#define X509_V_ERR_APPLICATION_VERIFICATION 50
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
#define X509_V_ERR_PATH_LOOP 55
#define X509_V_ERR_SUITE_B_INVALID_VERSION 56
#define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
#define X509_V_ERR_SUITE_B_INVALID_CURVE 58
#define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
#define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
#define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
/* Host, email and IP check errors */
#define X509_V_ERR_HOSTNAME_MISMATCH 62
#define X509_V_ERR_EMAIL_MISMATCH 63
#define X509_V_ERR_IP_ADDRESS_MISMATCH 64
/* DANE TLSA errors */
#define X509_V_ERR_DANE_NO_MATCH 65
/* security level errors */
#define X509_V_ERR_EE_KEY_TOO_SMALL 66
#define X509_V_ERR_CA_KEY_TOO_SMALL 67
#define X509_V_ERR_CA_MD_TOO_WEAK 68
/* Caller error */
#define X509_V_ERR_INVALID_CALL 69
/* Issuer lookup error */
#define X509_V_ERR_STORE_LOOKUP 70
/* Certificate transparency */
#define X509_V_ERR_NO_VALID_SCTS 71
#define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 72
/* OCSP status errors */
#define X509_V_ERR_OCSP_VERIFY_NEEDED 73
#define X509_V_ERR_OCSP_VERIFY_FAILED 74
#define X509_V_ERR_OCSP_CERT_UNKNOWN 75
#define X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM 76
#define X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH 77
/* Errors in case a check in X509_V_FLAG_X509_STRICT mode fails */
#define X509_V_ERR_SIGNATURE_ALGORITHM_INCONSISTENCY 78
#define X509_V_ERR_INVALID_CA 79
#define X509_V_ERR_PATHLEN_INVALID_FOR_NON_CA 80
#define X509_V_ERR_PATHLEN_WITHOUT_KU_KEY_CERT_SIGN 81
#define X509_V_ERR_KU_KEY_CERT_SIGN_INVALID_FOR_NON_CA 82
#define X509_V_ERR_ISSUER_NAME_EMPTY 83
#define X509_V_ERR_SUBJECT_NAME_EMPTY 84
#define X509_V_ERR_MISSING_AUTHORITY_KEY_IDENTIFIER 85
#define X509_V_ERR_MISSING_SUBJECT_KEY_IDENTIFIER 86
#define X509_V_ERR_EMPTY_SUBJECT_ALT_NAME 87
#define X509_V_ERR_EMPTY_SUBJECT_SAN_NOT_CRITICAL 88
#define X509_V_ERR_CA_BCONS_NOT_CRITICAL 89
#define X509_V_ERR_AUTHORITY_KEY_IDENTIFIER_CRITICAL 90
#define X509_V_ERR_SUBJECT_KEY_IDENTIFIER_CRITICAL 91
#define X509_V_ERR_CA_CERT_MISSING_KEY_USAGE 92
#define X509_V_ERR_EXTENSIONS_REQUIRE_VERSION_3 93
#define X509_V_ERR_EC_KEY_EXPLICIT_PARAMS 94
#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
#define X509_V_ERR_HOSTNAME_MISMATCH 62
#define X509_V_ERR_EMAIL_MISMATCH 63
#define X509_V_ERR_IP_ADDRESS_MISMATCH 64
#define X509_V_ERR_DANE_NO_MATCH 65
#define X509_V_ERR_EE_KEY_TOO_SMALL 66
#define X509_V_ERR_CA_KEY_TOO_SMALL 67
#define X509_V_ERR_CA_MD_TOO_WEAK 68
#define X509_V_ERR_INVALID_CALL 69
#define X509_V_ERR_STORE_LOOKUP 70
#define X509_V_ERR_NO_VALID_SCTS 71
#define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 72
#define X509_V_ERR_OCSP_VERIFY_NEEDED 73
#define X509_V_ERR_OCSP_VERIFY_FAILED 74
#define X509_V_ERR_OCSP_CERT_UNKNOWN 75
#define X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM 76
#define X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH 77
#define X509_V_ERR_SIGNATURE_ALGORITHM_INCONSISTENCY 78
#define X509_V_ERR_INVALID_CA 79
#define X509_V_ERR_PATHLEN_INVALID_FOR_NON_CA 80
#define X509_V_ERR_PATHLEN_WITHOUT_KU_KEY_CERT_SIGN 81
#define X509_V_ERR_KU_KEY_CERT_SIGN_INVALID_FOR_NON_CA 82
#define X509_V_ERR_ISSUER_NAME_EMPTY 83
#define X509_V_ERR_SUBJECT_NAME_EMPTY 84
#define X509_V_ERR_MISSING_AUTHORITY_KEY_IDENTIFIER 85
#define X509_V_ERR_MISSING_SUBJECT_KEY_IDENTIFIER 86
#define X509_V_ERR_EMPTY_SUBJECT_ALT_NAME 87
#define X509_V_ERR_EMPTY_SUBJECT_SAN_NOT_CRITICAL 88
#define X509_V_ERR_CA_BCONS_NOT_CRITICAL 89
#define X509_V_ERR_AUTHORITY_KEY_IDENTIFIER_CRITICAL 90
#define X509_V_ERR_SUBJECT_KEY_IDENTIFIER_CRITICAL 91
#define X509_V_ERR_CA_CERT_MISSING_KEY_USAGE 92
#define X509_V_ERR_EXTENSIONS_REQUIRE_VERSION_3 93
#define X509_V_ERR_EC_KEY_EXPLICIT_PARAMS 94
#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
#define X509_EXTENSION_set_critical wolfSSL_X509_EXTENSION_set_critical
#define X509_EXTENSION_set_object wolfSSL_X509_EXTENSION_set_object

9
wolfssl/ssl.h
View File

@@ -117,6 +117,9 @@
#include <openssl/hmac.h>
#include <openssl/bn.h>
#include <openssl/crypto.h>
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
FIPS_VERSION3_GE(5,2,0))
#include <openssl/aes.h>
#include <openssl/blowfish.h>
#include <openssl/camellia.h>
@@ -163,6 +166,10 @@
#include <openssl/rc5.h>
#include <openssl/ripemd.h>
#include <openssl/rsa.h>
#if defined(HAVE_FIPS_VERSION) && FIPS_VERSION3_LT(7,0,0)
/* clear conflicting name */
#undef RSA_PKCS1_PADDING_SIZE
#endif
#include <openssl/seed.h>
#include <openssl/self_test.h>
#include <openssl/sha.h>
@@ -173,6 +180,8 @@
#include <openssl/txt_db.h>
#include <openssl/ui.h>
#include <openssl/whrlpool.h>
#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(5,2,0)) */
#endif
#elif (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))

23
wolfssl/wolfcrypt/port/st/stm32.h
View File

@@ -35,13 +35,20 @@
#ifdef HASH_DIGEST
/* The HASH_DIGEST register indicates SHA224/SHA256 support */
#define STM32_HASH_SHA2
#if defined(WOLFSSL_STM32H5)
#if defined(WOLFSSL_STM32H5) || defined(WOLFSSL_STM32MP13)
#define HASH_CR_SIZE 103
#define HASH_MAX_DIGEST 64 /* Up to SHA512 */
#else
#define HASH_CR_SIZE 54
#define HASH_MAX_DIGEST 32
#endif
#if defined(WOLFSSL_STM32MP13)
#define STM32_HASH_SHA512
#define STM32_HASH_SHA512_224
#define STM32_HASH_SHA512_256
#define STM32_HASH_SHA384
#define STM32_HASH_SHA3
#endif
#else
#define HASH_CR_SIZE 50
#define HASH_MAX_DIGEST 20
@@ -69,7 +76,15 @@
/* STM32 register size in bytes */
#define STM32_HASH_REG_SIZE 4
#define STM32_HASH_FIFO_SIZE 16 /* FIFO is 16 deep 32-bits wide */
/* Maximum FIFO buffer is 64 bits for SHA256, 128 bits for SHA512 and 144 bits
* for SHA3 */
#if defined(STM32_HASH_SHA3)
#define STM32_HASH_FIFO_SIZE 36
#elif defined(STM32_HASH_SHA512) || defined(STM32_HASH_SHA384)
#define STM32_HASH_FIFO_SIZE 32
#else
#define STM32_HASH_FIFO_SIZE 16
#endif
/* STM32 Hash Context */
typedef struct {
@@ -78,6 +93,9 @@ typedef struct {
uint32_t HASH_STR;
uint32_t HASH_CR;
uint32_t HASH_CSR[HASH_CR_SIZE];
#ifdef STM32_HASH_SHA3
uint32_t SHA3CFGR;
#endif
/* Hash state / buffers */
word32 buffer[STM32_HASH_FIFO_SIZE+1]; /* partial word buffer */
@@ -112,7 +130,6 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
#define HASH_AlgoSelection_MD5 HASH_ALGOSELECTION_MD5
#define HASH_AlgoSelection_SHA1 HASH_ALGOSELECTION_SHA1
#define HASH_AlgoSelection_SHA224 HASH_ALGOSELECTION_SHA224
#define HASH_AlgoSelection_SHA256 HASH_ALGOSELECTION_SHA256
#define STM32_NOMD5 /* The HASH HAL has no MD5 implementation */

57
wolfssl/wolfcrypt/settings.h
View File

@@ -2835,6 +2835,58 @@ extern void uITRON4_free(void *p) ;
#endif
/*----------------------------------------------------------------------------*/
/* SP Math specific options */
/* Determine when mp_add_d is required. */
#if !defined(NO_PWDBASED) || defined(WOLFSSL_KEY_GEN) || !defined(NO_DH) || \
!defined(NO_DSA) || defined(HAVE_ECC) || \
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
defined(OPENSSL_EXTRA)
#define WOLFSSL_SP_ADD_D
#endif
/* Determine when mp_sub_d is required. */
#if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
!defined(NO_DH) || defined(HAVE_ECC) || !defined(NO_DSA)
#define WOLFSSL_SP_SUB_D
#endif
/* Determine when mp_read_radix with a radix of 10 is required. */
#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)) || defined(HAVE_ECC) || \
!defined(NO_DSA) || defined(OPENSSL_EXTRA)
#define WOLFSSL_SP_READ_RADIX_16
#endif
/* Determine when mp_read_radix with a radix of 10 is required. */
#if defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
#define WOLFSSL_SP_READ_RADIX_10
#endif
/* Determine when mp_invmod is required. */
#if defined(HAVE_ECC) || !defined(NO_DSA) || defined(OPENSSL_EXTRA) || \
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
#define WOLFSSL_SP_INVMOD
#endif
/* Determine when mp_invmod_mont_ct is required. */
#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)
#define WOLFSSL_SP_INVMOD_MONT_CT
#endif
/* Determine when mp_prime_gen is required. */
#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY)) || !defined(NO_DH) || \
(!defined(NO_RSA) && defined(WOLFSSL_KEY_GEN))
#define WOLFSSL_SP_PRIME_GEN
#endif
#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
(defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)) || defined(OPENSSL_EXTRA)
/* Determine when mp_mul_d is required */
#define WOLFSSL_SP_MUL_D
#endif
/* user can specify what curves they want with ECC_USER_CURVES otherwise
@@ -3660,6 +3712,11 @@ extern void uITRON4_free(void *p) ;
#ifndef NO_OLD_WC_NAMES
#define NO_OLD_WC_NAMES
#endif
#if defined(HAVE_SELFTEST) || \
(defined(HAVE_FIPS) && FIPS_VERSION3_LT(5,0,0))
/* old FIPS needs this remapping. */
#define Sha3 wc_Sha3
#endif
#endif
#if defined(NO_OLD_WC_NAMES) || defined(OPENSSL_EXTRA)

7
wolfssl/wolfcrypt/sha3.h
View File

@@ -45,6 +45,10 @@
#include <wolfssl/wolfcrypt/async.h>
#endif
#ifdef STM32_HASH
#include <wolfssl/wolfcrypt/port/st/stm32.h>
#endif
/* in bytes */
enum {
/* SHAKE-128 */
@@ -140,6 +144,9 @@ struct wc_Sha3 {
#ifdef WOLFSSL_HASH_FLAGS
word32 flags; /* enum wc_HashFlags in hash.h */
#endif
#if defined(STM32_HASH_SHA3)
STM32_HASH_Context stmCtx;
#endif
};
#ifndef WC_SHA3_TYPE_DEFINED

7
wolfssl/wolfcrypt/sha512.h
View File

@@ -73,6 +73,10 @@
#include "fsl_caam.h"
#endif
#ifdef STM32_HASH
#include <wolfssl/wolfcrypt/port/st/stm32.h>
#endif
#if defined(_MSC_VER)
#define SHA512_NOINLINE __declspec(noinline)
#elif defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
@@ -202,6 +206,9 @@ struct wc_Sha512 {
#ifdef HAVE_ARIA
MC_HSESSION hSession;
#endif
#if defined(STM32_HASH_SHA512)
STM32_HASH_Context stmCtx;
#endif
#endif /* WOLFSSL_PSOC6_CRYPTO */
};