Merge branch 'master' of https://github.com/wolfSSL/wolfssl into gh7735

This commit is contained in:
Kareem
2026-01-22 15:13:15 -07:00
69 changed files with 3099 additions and 544 deletions
+1 -1
View File
@@ -24,7 +24,7 @@ jobs:
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -47,7 +47,7 @@ jobs:
ref: [ 9.18.0, 9.18.28, 9.18.33 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 10
needs: build_wolfssl
+1 -1
View File
@@ -14,7 +14,7 @@ concurrency:
jobs:
codespell:
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
+1 -1
View File
@@ -10,7 +10,7 @@ on:
jobs:
coverity:
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
with:
+2 -2
View File
@@ -16,7 +16,7 @@ jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -40,7 +40,7 @@ jobs:
test_curl:
name: ${{ matrix.curl_ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 15
needs: build_wolfssl
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -48,7 +48,7 @@ jobs:
ref: [ 2.1.28 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
needs: build_wolfssl
+1 -1
View File
@@ -36,7 +36,7 @@ jobs:
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+3 -3
View File
@@ -15,7 +15,7 @@ jobs:
espressif_latest:
name: latest Docker container
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 12
container:
@@ -29,7 +29,7 @@ jobs:
espressif_v4_4:
name: v4.4 Docker container
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
container:
image: espressif/idf:release-v4.4
steps:
@@ -39,7 +39,7 @@ jobs:
espressif_v5_0:
name: v5.0 Docker container
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
container:
image: espressif/idf:release-v5.0
steps:
+2 -2
View File
@@ -18,7 +18,7 @@ jobs:
build_library:
name: Compile libwolfssl.so
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
container:
@@ -42,7 +42,7 @@ jobs:
compile_container:
name: Compile container
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 2
needs: build_library
+1 -1
View File
@@ -28,7 +28,7 @@ jobs:
# This should be a safe limit for the tests to run.
timeout-minutes: 30
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
name: ${{ matrix.config }}
steps:
- name: Download fil-c release
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 10
steps:
@@ -52,7 +52,7 @@ jobs:
h2_ssl_cert_test h2_ssl_session_reuse_test
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 30
needs: build_wolfssl
+2 -2
View File
@@ -16,7 +16,7 @@ jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -40,7 +40,7 @@ jobs:
test_haproxy:
name: ${{ matrix.haproxy_ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 15
needs: build_wolfssl
+1 -1
View File
@@ -22,7 +22,7 @@ jobs:
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+3 -3
View File
@@ -18,7 +18,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -48,11 +48,11 @@ jobs:
git_ref: [ c3939dac2c060651361fc71516806f9ab8c38901 ]
name: ${{ matrix.git_ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
needs: build_wolfssl
steps:
- name: Install dependencies
run: export DEBIAN_FRONTEND=noninteractive && sudo apt-get update && sudo apt-get install -y libreadline8
run: export DEBIAN_FRONTEND=noninteractive && sudo apt-get update && sudo apt-get install -y libreadline-dev
- name: Download lib
uses: actions/download-artifact@v4
with:
+3 -3
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
# Just to keep it the same as the testing target
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -47,9 +47,9 @@ jobs:
matrix:
config:
- ref: 0.7.0
runner: ubuntu-22.04
runner: ubuntu-24.04
- ref: 0.6.0
runner: ubuntu-22.04
runner: ubuntu-24.04
name: ${{ matrix.config.ref }}
runs-on: ${{ matrix.config.runner }}
needs: build_wolfssl
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -46,7 +46,7 @@ jobs:
ref: [ 3.7.0 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
needs: build_wolfssl
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
# Just to keep it the same as the testing target
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -47,7 +47,7 @@ jobs:
ref: [ 0.9.13, 0.9.14 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
needs: build_wolfssl
steps:
- name: Download lib
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
# Just to keep it the same as the testing target
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
@@ -48,7 +48,7 @@ jobs:
- ref: 1.6.22
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
needs: build_wolfssl
steps:
- name: Download lib
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
# Just to keep it the same as the testing target
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -45,7 +45,7 @@ jobs:
ref: [ 2.0.18 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
needs: build_wolfssl
+3 -9
View File
@@ -31,18 +31,12 @@ jobs:
- CC: gcc-12
CXX: g++-12
OS: ubuntu-24.04
- CC: clang-11
CXX: clang++-11
OS: ubuntu-22.04
- CC: clang-12
CXX: clang++-12
OS: ubuntu-22.04
- CC: clang-13
CXX: clang++-13
OS: ubuntu-22.04
- CC: clang-14
CXX: clang++-14
OS: ubuntu-24.04
- CC: clang-19
CXX: clang++-19
OS: ubuntu-24.04
if: github.repository_owner == 'wolfssl'
runs-on: ${{ matrix.OS }}
# This should be a safe limit for the tests to run.
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -48,7 +48,7 @@ jobs:
test_opts: -e 'agentxperl'
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
needs: build_wolfssl
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -107,7 +107,7 @@ jobs:
stream_proxy_ssl_verify.t
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
needs: build_wolfssl
+1 -1
View File
@@ -22,7 +22,7 @@ jobs:
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+1 -1
View File
@@ -22,7 +22,7 @@ jobs:
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+2 -2
View File
@@ -21,7 +21,7 @@ jobs:
build_nss:
name: Build nss
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 30
steps:
@@ -60,7 +60,7 @@ jobs:
nss_test:
name: Test interop with nss
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
needs: build_nss
timeout-minutes: 10
steps:
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -47,7 +47,7 @@ jobs:
ref: [ 4.2.8p15, 4.2.8p17 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 10
needs: build_wolfssl
+1 -1
View File
@@ -16,7 +16,7 @@ jobs:
ocsp_stapling:
name: ocsp stapling
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 10
steps:
- name: Checkout wolfSSL
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -51,7 +51,7 @@ jobs:
git_ref: OPENLDAP_REL_ENG_2_6_7
name: ${{ matrix.osp_ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 20
needs: build_wolfssl
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -71,7 +71,7 @@ jobs:
connection-timeout
name: ${{ matrix.osp_ver }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
needs: build_wolfssl
steps:
- name: Download lib
+1 -1
View File
@@ -23,7 +23,7 @@ jobs:
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -46,7 +46,7 @@ jobs:
ref: [ release/2.6, master ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 10
needs: build_wolfssl
+4 -4
View File
@@ -17,7 +17,7 @@ jobs:
strategy:
fail-fast: false
matrix:
os: [ ubuntu-22.04, macos-latest ]
os: [ ubuntu-24.04, macos-latest ]
config: [
# Add new configs here
'',
@@ -87,7 +87,7 @@ jobs:
strategy:
fail-fast: false
matrix:
os: [ ubuntu-22.04, macos-latest ]
os: [ ubuntu-24.04, macos-latest ]
user-settings: [
# Add new user_settings.h here
'examples/configs/user_settings_all.h',
@@ -109,7 +109,7 @@ jobs:
strategy:
fail-fast: false
matrix:
os: [ ubuntu-22.04, macos-latest ]
os: [ ubuntu-24.04, macos-latest ]
user-settings: [
# Add new user_settings.h here
'examples/configs/user_settings_eccnonblock.h',
@@ -140,7 +140,7 @@ jobs:
strategy:
fail-fast: false
matrix:
os: [ ubuntu-22.04, macos-latest ]
os: [ ubuntu-24.04, macos-latest ]
name: make user_setting.h (with sed)
if: github.repository_owner == 'wolfssl'
runs-on: ${{ matrix.os }}
+1 -1
View File
@@ -16,7 +16,7 @@ jobs:
build_wolfssl:
name: Package wolfSSL
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 10
steps:
+2 -2
View File
@@ -18,7 +18,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -48,7 +48,7 @@ jobs:
git_ref: [ e4b13e6725abb178f62ee897fe1c0e81b06a9431 ]
name: ${{ matrix.git_ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
needs: build_wolfssl
steps:
- name: Install dependencies
+1 -1
View File
@@ -25,7 +25,7 @@ jobs:
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+1 -1
View File
@@ -24,7 +24,7 @@ jobs:
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -47,7 +47,7 @@ jobs:
ref: [ 6.16 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
needs: build_wolfssl
+1 -1
View File
@@ -37,7 +37,7 @@ jobs:
]
name: build library
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+2 -2
View File
@@ -16,7 +16,7 @@ jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 4
steps:
- name: Build wolfSSL
@@ -39,7 +39,7 @@ jobs:
socat_check:
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 30
needs: build_wolfssl
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 10
steps:
@@ -47,7 +47,7 @@ jobs:
ref: [ 2.6.1 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 20
needs: build_wolfssl
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
if: github.repository_owner == 'wolfssl'
name: Build wolfSSL
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -47,7 +47,7 @@ jobs:
ref: [ 2.9.1 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
container:
image: quay.io/sssd/ci-client-devel:ubuntu-latest
env:
+2 -2
View File
@@ -17,7 +17,7 @@ jobs:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
@@ -46,7 +46,7 @@ jobs:
ref: [ 5.67 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 4
needs: build_wolfssl
+1 -1
View File
@@ -21,7 +21,7 @@ jobs:
]
name: make and analyze
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+1 -1
View File
@@ -9,7 +9,7 @@ on:
jobs:
build:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 10
steps:
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
]
name: build library
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
steps:
+1 -1
View File
@@ -42,7 +42,7 @@ jobs:
make gcc gcc-multilib g++-multilib libsdl2-dev libmagic1 \
autoconf automake bison build-essential ca-certificates cargo ccache chrpath cmake \
cpio device-tree-compiler dfu-util diffstat dos2unix doxygen file flex g++ gawk gcc \
gcovr git git-core gnupg gperf gtk-sharp2 help2man iproute2 lcov libcairo2-dev \
gcovr git git-core gnupg gperf gtk-sharp3 help2man iproute2 lcov libcairo2-dev \
libglib2.0-dev libgtk2.0-0 liblocale-gettext-perl libncurses5-dev libpcap-dev \
libpopt0 libsdl1.2-dev libsdl2-dev libssl-dev libtool libtool-bin locales make \
net-tools ninja-build openssh-client parallel pkg-config python3-dev python3-pip \
+6
View File
@@ -545,6 +545,11 @@ STM32WL55xx
STM32_AESGCM_PARTIAL
STM32_HW_CLOCK_AUTO
STM32_NUTTX_RNG
STSAFE_HOST_KEY_CIPHER
STSAFE_HOST_KEY_MAC
STSAFE_I2C_BUS
STSE_CONF_ECC_BRAINPOOL_P_256
STSE_CONF_ECC_BRAINPOOL_P_384
TASK_EXTRA_STACK_SIZE
TCP_NODELAY
TFM_ALREADY_SET
@@ -802,6 +807,7 @@ WOLFSSL_NO_COPY_KEY
WOLFSSL_NO_CRL_DATE_CHECK
WOLFSSL_NO_CRL_NEXT_DATE
WOLFSSL_NO_CT_MAX_MIN
WOLFSSL_NO_DEBUG_CERTS
WOLFSSL_NO_DECODE_EXTRA
WOLFSSL_NO_DER_TO_PEM
WOLFSSL_NO_DH186
+20 -17
View File
@@ -314,6 +314,11 @@ AC_ARG_ENABLE([32bit],
[ ENABLED_32BIT=no ]
)
if test "$ENABLED_32BIT" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWC_32BIT_CPU"
fi
# 16-bit compiler support
AC_ARG_ENABLE([16bit],
[AS_HELP_STRING([--enable-16bit],[Enables 16-bit support (default: disabled)])],
@@ -941,9 +946,21 @@ AC_ARG_ENABLE([fasthugemath],
[ ENABLED_FASTHUGEMATH=no ]
)
# ssl bump build
AC_ARG_ENABLE([bump],
[AS_HELP_STRING([--enable-bump],[Enable SSL Bump build (default: disabled)])],
[ ENABLED_BUMP=$enableval ],
[ ENABLED_BUMP=no ]
)
if test "$ENABLED_BUMP" = "yes"
then
ENABLED_FASTHUGEMATH="yes"
AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DWOLFSSL_CERT_GEN -DWOLFSSL_KEY_GEN -DHUGE_SESSION_CACHE -DWOLFSSL_DER_LOAD -DWOLFSSL_ALT_NAMES -DWOLFSSL_TEST_CERT"
DEFAULT_MAX_CLASSIC_ASYM_KEY_BITS=4096
if test "$ENABLED_SP_MATH" = "no" && test "$ENABLED_SP_MATH_ALL" = "no"
then
ENABLED_FASTHUGEMATH="yes"
fi
fi
if test "$ENABLED_FASTHUGEMATH" = "yes"
@@ -951,7 +968,8 @@ then
ENABLED_FASTMATH="yes"
fi
if test "$host_cpu" = "x86_64" || test "$host_cpu" = "amd64"
if (test "$host_cpu" = "x86_64" || test "$host_cpu" = "amd64") &&
test "$ENABLED_32BIT" != "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_X86_64_BUILD"
fi
@@ -2488,13 +2506,6 @@ AC_ARG_ENABLE([qt],
[ ENABLED_QT=no ]
)
# ssl bump build
AC_ARG_ENABLE([bump],
[AS_HELP_STRING([--enable-bump],[Enable SSL Bump build (default: disabled)])],
[ ENABLED_BUMP=$enableval ],
[ ENABLED_BUMP=no ]
)
# SNIFFER
AC_ARG_ENABLE([sniffer],
[AS_HELP_STRING([--enable-sniffer],[Enable wolfSSL sniffer support (default: disabled)])],
@@ -2798,14 +2809,6 @@ then
AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DWOLFSSL_ALWAYS_VERIFY_CB -DWOLFSSL_AES_COUNTER -DWOLFSSL_AES_DIRECT -DWOLFSSL_DER_LOAD -DWOLFSSL_KEY_GEN"
fi
if test "$ENABLED_BUMP" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DWOLFSSL_CERT_GEN -DWOLFSSL_KEY_GEN -DHUGE_SESSION_CACHE -DWOLFSSL_DER_LOAD -DWOLFSSL_ALT_NAMES -DWOLFSSL_TEST_CERT"
DEFAULT_MAX_CLASSIC_ASYM_KEY_BITS=4096
fi
# lean TLS build (TLS 1.2 client only (no client auth), ECC256, AES128 and SHA256 w/o Shamir)
AC_ARG_ENABLE([leantls],
[AS_HELP_STRING([--enable-leantls],[Enable Lean TLS build (default: disabled)])],
+1
View File
@@ -23,6 +23,7 @@ EXTRA_DIST += m4/ax_linuxkm.m4 \
linuxkm/wolfcrypt.lds \
linuxkm/patches/5.10.17/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-5v10v17.patch \
linuxkm/patches/5.10.236/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-5v10v236.patch \
linuxkm/patches/5.14.0-570.58.1.el9_6/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-5v14-570v58v1-el9_6.patch \
linuxkm/patches/5.15/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-5v15.patch \
linuxkm/patches/5.17/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-5v17.patch \
linuxkm/patches/5.17-ubuntu-jammy-tegra/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-5v17-ubuntu-jammy-tegra.patch \
@@ -0,0 +1,462 @@
--- 5.14.0-570.58.1.el9_6/drivers/char/random.c.dist 2026-01-12 10:50:48.537243229 -0600
+++ 5.14.0-570.58.1.el9_6/drivers/char/random.c 2026-01-12 11:17:45.002091787 -0600
@@ -63,6 +63,260 @@
#include <asm/irq_regs.h>
#include <asm/io.h>
+#ifdef WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS
+
+#include <linux/delay.h>
+
+static atomic_long_t random_bytes_cb_owner =
+ ATOMIC_INIT((long)NULL);
+static atomic_t random_bytes_cb_refcnt =
+ ATOMIC_INIT(0); /* 0 if unregistered, 1 if no calls in flight. */
+static _get_random_bytes_cb_t _get_random_bytes_cb = NULL;
+static get_random_bytes_user_cb_t get_random_bytes_user_cb = NULL;
+static crng_ready_cb_t crng_ready_cb = NULL;
+static mix_pool_bytes_cb_t mix_pool_bytes_cb = NULL;
+static credit_init_bits_cb_t credit_init_bits_cb = NULL;
+static crng_reseed_cb_t crng_reseed_cb = NULL;
+
+int wolfssl_linuxkm_register_random_bytes_handlers(
+ struct module *new_random_bytes_cb_owner,
+ const struct wolfssl_linuxkm_random_bytes_handlers *handlers)
+{
+ if ((! new_random_bytes_cb_owner) ||
+ (! handlers) ||
+ (! handlers->_get_random_bytes) ||
+ (! handlers->get_random_bytes_user))
+ {
+ return -EINVAL;
+ }
+
+ /* random_bytes_cb_owner is used to enforce serialization of
+ * wolfssl_register_random_bytes_handlers() and
+ * wolfssl_unregister_random_bytes_handlers().
+ */
+ if (atomic_long_cmpxchg(&random_bytes_cb_owner,
+ (long)NULL,
+ (long)new_random_bytes_cb_owner)
+ != (long)NULL)
+ {
+ return -EBUSY;
+ }
+
+ {
+ int current_random_bytes_cb_refcnt = atomic_read(&random_bytes_cb_refcnt);
+ if (current_random_bytes_cb_refcnt) {
+ pr_err("BUG: random_bytes_cb_refcnt == %d with null random_bytes_cb_owner", current_random_bytes_cb_refcnt);
+ atomic_long_set(&random_bytes_cb_owner, (long)NULL);
+ return -EFAULT;
+ }
+ }
+
+ if (! try_module_get(new_random_bytes_cb_owner)) {
+ atomic_long_set(&random_bytes_cb_owner, (long)NULL);
+ return -ENODEV;
+ }
+
+ _get_random_bytes_cb = handlers->_get_random_bytes;
+ get_random_bytes_user_cb = handlers->get_random_bytes_user;
+ crng_ready_cb = handlers->crng_ready;
+ mix_pool_bytes_cb = handlers->mix_pool_bytes;
+ credit_init_bits_cb = handlers->credit_init_bits;
+ crng_reseed_cb = handlers->crng_reseed;
+
+ barrier();
+ atomic_set_release(&random_bytes_cb_refcnt, 1);
+
+ return 0;
+}
+EXPORT_SYMBOL_GPL(wolfssl_linuxkm_register_random_bytes_handlers);
+
+int wolfssl_linuxkm_unregister_random_bytes_handlers(void)
+{
+ int current_random_bytes_cb_refcnt;
+ int n_tries;
+ if (! atomic_long_read(&random_bytes_cb_owner))
+ return -ENODEV;
+
+ /* we're racing the kernel at large to try to catch random_bytes_cb_refcnt
+ * with no callers in flight -- retry and relax up to 100 times.
+ */
+ for (n_tries = 0; n_tries < 100; ++n_tries) {
+ current_random_bytes_cb_refcnt = atomic_cmpxchg(&random_bytes_cb_refcnt, 1, 0);
+ if (current_random_bytes_cb_refcnt == 1)
+ break;
+ if (current_random_bytes_cb_refcnt < 0) {
+ pr_err("BUG: random_bytes_cb_refcnt is %d in wolfssl_linuxkm_unregister_random_bytes_handlers.", current_random_bytes_cb_refcnt);
+ break;
+ }
+ if (msleep_interruptible(10) != 0)
+ return -EINTR;
+ }
+ if (current_random_bytes_cb_refcnt != 1) {
+ pr_warn("WARNING: wolfssl_unregister_random_bytes_handlers called with random_bytes_cb_refcnt == %d", current_random_bytes_cb_refcnt);
+ return -EBUSY;
+ }
+
+ _get_random_bytes_cb = NULL;
+ get_random_bytes_user_cb = NULL;
+ crng_ready_cb = NULL;
+ mix_pool_bytes_cb = NULL;
+ credit_init_bits_cb = NULL;
+ crng_reseed_cb = NULL;
+
+ module_put((struct module *)atomic_long_read(&random_bytes_cb_owner));
+ barrier();
+ atomic_long_set(&random_bytes_cb_owner, (long)NULL);
+
+ return 0;
+}
+EXPORT_SYMBOL_GPL(wolfssl_linuxkm_unregister_random_bytes_handlers);
+
+static __always_inline int reserve_random_bytes_cb(void) {
+ int current_random_bytes_cb_refcnt =
+ atomic_read_acquire(&random_bytes_cb_refcnt);
+
+ if (! current_random_bytes_cb_refcnt)
+ return -ENODEV;
+
+ if (current_random_bytes_cb_refcnt < 0) {
+ pr_err("BUG: random_bytes_cb_refcnt is %d in reserve_random_bytes_cb.", current_random_bytes_cb_refcnt);
+ return -EFAULT;
+ }
+
+ for (;;) {
+ int orig_random_bytes_cb_refcnt =
+ atomic_cmpxchg(
+ &random_bytes_cb_refcnt,
+ current_random_bytes_cb_refcnt,
+ current_random_bytes_cb_refcnt + 1);
+ if (orig_random_bytes_cb_refcnt == current_random_bytes_cb_refcnt)
+ return 0;
+ else if (! orig_random_bytes_cb_refcnt)
+ return -ENODEV;
+ else
+ current_random_bytes_cb_refcnt = orig_random_bytes_cb_refcnt;
+ }
+
+ __builtin_unreachable();
+}
+
+static __always_inline void release_random_bytes_cb(void) {
+ atomic_dec(&random_bytes_cb_refcnt);
+}
+
+static inline int call__get_random_bytes_cb(void *buf, size_t len)
+{
+ int ret;
+
+ if (! _get_random_bytes_cb)
+ return -ENODEV;
+
+ ret = reserve_random_bytes_cb();
+ if (ret)
+ return ret;
+
+ ret = _get_random_bytes_cb(buf, len);
+
+ release_random_bytes_cb();
+
+ return ret;
+}
+
+static inline ssize_t call_get_random_bytes_user_cb(struct iov_iter *iter)
+{
+ ssize_t ret;
+
+ if (! get_random_bytes_user_cb)
+ return -ECANCELED;
+
+ ret = (ssize_t)reserve_random_bytes_cb();
+ if (ret)
+ return ret;
+
+ ret = get_random_bytes_user_cb(iter);
+
+ release_random_bytes_cb();
+
+ return ret;
+}
+
+static inline bool call_crng_ready_cb(void)
+{
+ bool ret;
+
+ /* Null crng_ready_cb signifies that the DRBG is always ready, i.e. that if
+ * called, it will always have or obtain sufficient entropy to fulfill the
+ * call.
+ */
+ if (! crng_ready_cb)
+ return 1;
+
+ if (reserve_random_bytes_cb() != 0)
+ return 0;
+
+ ret = crng_ready_cb();
+
+ release_random_bytes_cb();
+
+ return ret;
+}
+
+static inline int call_mix_pool_bytes_cb(const void *buf, size_t len)
+{
+ int ret;
+
+ if (! mix_pool_bytes_cb)
+ return -ENODEV;
+
+ ret = reserve_random_bytes_cb();
+ if (ret)
+ return ret;
+
+ ret = mix_pool_bytes_cb(buf, len);
+
+ release_random_bytes_cb();
+
+ return ret;
+}
+
+static inline int call_credit_init_bits_cb(size_t bits)
+{
+ int ret;
+
+ if (! credit_init_bits_cb)
+ return -ENODEV;
+
+ ret = reserve_random_bytes_cb();
+ if (ret)
+ return ret;
+
+ ret = credit_init_bits_cb(bits);
+
+ release_random_bytes_cb();
+
+ return ret;
+}
+
+static inline int call_crng_reseed_cb(void)
+{
+ int ret;
+
+ if (! crng_reseed_cb)
+ return -ENODEV;
+
+ ret = reserve_random_bytes_cb();
+ if (ret)
+ return ret;
+
+ ret = crng_reseed_cb();
+
+ release_random_bytes_cb();
+
+ return ret;
+}
+
+#endif /* WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS */
+
/*********************************************************************
*
* Initialization and readiness waiting.
@@ -83,7 +337,15 @@ static enum {
CRNG_READY = 2 /* Fully initialized with POOL_READY_BITS collected */
} crng_init __read_mostly = CRNG_EMPTY;
static DEFINE_STATIC_KEY_FALSE(crng_is_ready);
+
#define crng_ready() (static_branch_likely(&crng_is_ready) || crng_init >= CRNG_READY)
+#ifdef WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS
+ #define crng_ready_by_cb() (atomic_read(&random_bytes_cb_refcnt) && call_crng_ready_cb())
+ #define crng_ready_maybe_cb() (atomic_read(&random_bytes_cb_refcnt) ? (call_crng_ready_cb() || crng_ready()) : crng_ready())
+#else
+ #define crng_ready_maybe_cb() crng_ready()
+#endif
+
/* Various types of waiters for crng_init->CRNG_READY transition. */
static DECLARE_WAIT_QUEUE_HEAD(crng_init_wait);
static struct fasync_struct *fasync;
@@ -108,7 +370,7 @@ MODULE_PARM_DESC(ratelimit_disable, "Dis
*/
bool rng_is_initialized(void)
{
- return crng_ready();
+ return crng_ready_maybe_cb();
}
EXPORT_SYMBOL(rng_is_initialized);
@@ -132,11 +394,11 @@ static void try_to_generate_entropy(void
*/
int wait_for_random_bytes(void)
{
- while (!crng_ready()) {
+ while (!crng_ready_maybe_cb()) {
int ret;
try_to_generate_entropy();
- ret = wait_event_interruptible_timeout(crng_init_wait, crng_ready(), HZ);
+ ret = wait_event_interruptible_timeout(crng_init_wait, crng_ready_maybe_cb(), HZ);
if (ret)
return ret > 0 ? 0 : ret;
}
@@ -165,7 +427,7 @@ int __cold execute_with_initialized_rng(
}
#define warn_unseeded_randomness() \
- if (IS_ENABLED(CONFIG_WARN_ALL_UNSEEDED_RANDOM) && !crng_ready()) \
+ if (IS_ENABLED(CONFIG_WARN_ALL_UNSEEDED_RANDOM) && !crng_ready_maybe_cb()) \
printk_deferred(KERN_NOTICE "random: %s called from %pS with crng_init=%d\n", \
__func__, (void *)_RET_IP_, crng_init)
@@ -388,6 +650,14 @@ static void _get_random_bytes(void *buf,
if (!len)
return;
+#ifdef WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS
+ /* If call__get_random_bytes_cb() doesn't succeed, flow falls through to
+ * the native implementation. _get_random_bytes() must succeed.
+ */
+ if (call__get_random_bytes_cb(buf, len) == 0)
+ return;
+#endif
+
first_block_len = min_t(size_t, 32, len);
crng_make_state(chacha_state, buf, first_block_len);
len -= first_block_len;
@@ -434,6 +704,18 @@ static ssize_t get_random_bytes_user(str
if (unlikely(!iov_iter_count(iter)))
return 0;
+#ifdef WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS
+ {
+ ssize_t cb_ret = call_get_random_bytes_user_cb(iter);
+ /* If the callback returns -ECANCELED, that signals that iter is
+ * still intact, and flow can safely fall through to the native
+ * implementation.
+ */
+ if (cb_ret != -ECANCELED)
+ return cb_ret;
+ }
+#endif
+
/*
* Immediately overwrite the ChaCha key at index 4 with random
* bytes, in case userspace causes copy_to_iter() below to sleep
@@ -510,7 +792,7 @@ type get_random_ ##type(void) \
\
warn_unseeded_randomness(); \
\
- if (!crng_ready()) { \
+ if (!crng_ready_maybe_cb()) { \
_get_random_bytes(&ret, sizeof(ret)); \
return ret; \
} \
@@ -649,6 +931,11 @@ static void mix_pool_bytes(const void *b
{
unsigned long flags;
+#ifdef WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS
+ (void)call_mix_pool_bytes_cb(buf, len);
+ /* fall through to mix into native pool too. */
+#endif
+
spin_lock_irqsave(&input_pool.lock, flags);
_mix_pool_bytes(buf, len);
spin_unlock_irqrestore(&input_pool.lock, flags);
@@ -708,7 +995,11 @@ static void extract_entropy(void *buf, s
memzero_explicit(&block, sizeof(block));
}
+#ifdef WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS
+#define credit_init_bits(bits) do { (void)call_credit_init_bits_cb(bits); if (!crng_ready()) _credit_init_bits(bits); } while (0)
+#else
#define credit_init_bits(bits) if (!crng_ready()) _credit_init_bits(bits)
+#endif
static void __cold _credit_init_bits(size_t bits)
{
@@ -1419,7 +1710,7 @@ SYSCALL_DEFINE3(getrandom, char __user *
return ret;
}
- if (!crng_ready() && !(flags & GRND_INSECURE)) {
+ if (!crng_ready_maybe_cb() && !(flags & GRND_INSECURE)) {
if (flags & GRND_NONBLOCK)
return -EAGAIN;
ret = wait_for_random_bytes();
@@ -1435,6 +1726,10 @@ SYSCALL_DEFINE3(getrandom, char __user *
static __poll_t random_poll(struct file *file, poll_table *wait)
{
+#ifdef WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS
+ if (crng_ready_by_cb())
+ return EPOLLIN | EPOLLRDNORM;
+#endif
poll_wait(file, &crng_init_wait, wait);
return crng_ready() ? EPOLLIN | EPOLLRDNORM : EPOLLOUT | EPOLLWRNORM;
}
@@ -1490,7 +1785,7 @@ static ssize_t urandom_read_iter(struct
if (!crng_ready())
try_to_generate_entropy();
- if (!crng_ready()) {
+ if (!crng_ready_maybe_cb()) {
if (!ratelimit_disable && maxwarn <= 0)
++urandom_warning.missed;
else if (ratelimit_disable || __ratelimit(&urandom_warning)) {
@@ -1573,6 +1868,14 @@ static long random_ioctl(struct file *f,
case RNDRESEEDCRNG:
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
+#ifdef WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS
+ /* fall through to reseed native crng too. */
+ if (call_crng_reseed_cb() == 0) {
+ if (crng_ready())
+ crng_reseed(NULL);
+ return 0;
+ }
+#endif
if (!crng_ready())
return -ENODATA;
crng_reseed(NULL);
--- 5.14.0-570.58.1.el9_6/include/linux/random.h.dist 2026-01-12 10:50:57.004413581 -0600
+++ 5.14.0-570.58.1.el9_6/include/linux/random.h 2026-01-12 10:56:29.124034816 -0600
@@ -175,4 +175,37 @@ int random_online_cpu(unsigned int cpu);
extern const struct file_operations random_fops, urandom_fops;
#endif
+#ifndef WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS
+ #define WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS 1
+#endif
+
+typedef int (*_get_random_bytes_cb_t)(void *buf, size_t len);
+struct iov_iter;
+/* kernels >= 5.17.0 use get_random_bytes_user() */
+typedef ssize_t (*get_random_bytes_user_cb_t)(struct iov_iter *iter);
+/* kernels < 5.17.0 use extract_crng_user(), though some LTS kernels,
+ * e.g. 5.10.236, have the 5.17+ architecture backported.
+ */
+typedef ssize_t (*extract_crng_user_cb_t)(void __user *buf, size_t nbytes);
+typedef bool (*crng_ready_cb_t)(void);
+typedef int (*mix_pool_bytes_cb_t)(const void *buf, size_t len);
+typedef int (*credit_init_bits_cb_t)(size_t bits);
+typedef int (*crng_reseed_cb_t)(void);
+
+struct wolfssl_linuxkm_random_bytes_handlers {
+ _get_random_bytes_cb_t _get_random_bytes;
+ get_random_bytes_user_cb_t get_random_bytes_user;
+ extract_crng_user_cb_t extract_crng_user;
+ crng_ready_cb_t crng_ready;
+ mix_pool_bytes_cb_t mix_pool_bytes;
+ credit_init_bits_cb_t credit_init_bits;
+ crng_reseed_cb_t crng_reseed;
+};
+
+int wolfssl_linuxkm_register_random_bytes_handlers(
+ struct module *new_random_bytes_cb_owner,
+ const struct wolfssl_linuxkm_random_bytes_handlers *handlers);
+
+int wolfssl_linuxkm_unregister_random_bytes_handlers(void);
+
#endif /* _LINUX_RANDOM_H */
+91 -61
View File
@@ -17614,7 +17614,9 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
if (ssl->msgsReceived.got_certificate_status ||
ssl->msgsReceived.got_server_key_exchange ||
ssl->msgsReceived.got_certificate_request ||
ssl->msgsReceived.got_server_hello_done) {
ssl->msgsReceived.got_server_hello_done ||
ssl->msgsReceived.got_change_cipher ||
ssl->msgsReceived.got_finished) {
WOLFSSL_MSG("Cert received in wrong order");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
@@ -17655,19 +17657,21 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
return DUPLICATE_MSG_E;
}
if (ssl->msgsReceived.got_certificate == 0) {
if (!ssl->msgsReceived.got_certificate) {
WOLFSSL_MSG("No Certificate before CertificateStatus");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
if (ssl->msgsReceived.got_server_key_exchange != 0) {
if (ssl->msgsReceived.got_server_key_exchange) {
WOLFSSL_MSG("CertificateStatus after ServerKeyExchange");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
if (ssl->msgsReceived.got_server_key_exchange ||
ssl->msgsReceived.got_certificate_request ||
ssl->msgsReceived.got_server_hello_done) {
ssl->msgsReceived.got_server_hello_done ||
ssl->msgsReceived.got_change_cipher ||
ssl->msgsReceived.got_finished) {
WOLFSSL_MSG("CertificateStatus received in wrong order");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
@@ -17691,13 +17695,25 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
WOLFSSL_ERROR_VERBOSE(DUPLICATE_MSG_E);
return DUPLICATE_MSG_E;
}
if (ssl->msgsReceived.got_server_hello == 0) {
if (!ssl->msgsReceived.got_server_hello) {
WOLFSSL_MSG("No ServerHello before ServerKeyExchange");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
if (!ssl->msgsReceived.got_certificate) {
if (ssl->specs.kea != psk_kea &&
ssl->specs.kea != dhe_psk_kea &&
ssl->specs.kea != ecdhe_psk_kea &&
!ssl->options.usingAnon_cipher) {
WOLFSSL_MSG("No Certificate before ServerKeyExchange");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
}
if (ssl->msgsReceived.got_certificate_request ||
ssl->msgsReceived.got_server_hello_done) {
ssl->msgsReceived.got_server_hello_done ||
ssl->msgsReceived.got_change_cipher ||
ssl->msgsReceived.got_finished) {
WOLFSSL_MSG("ServerKeyExchange received in wrong order");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
@@ -17721,11 +17737,16 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
WOLFSSL_ERROR_VERBOSE(DUPLICATE_MSG_E);
return DUPLICATE_MSG_E;
}
if (ssl->msgsReceived.got_server_hello == 0) {
if (!ssl->msgsReceived.got_server_hello) {
WOLFSSL_MSG("No ServerHello before CertificateRequest");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
if (!ssl->msgsReceived.got_certificate) {
WOLFSSL_MSG("No Certificate before CertificateRequest");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
if (!ssl->options.resuming && ssl->specs.kea != rsa_kea &&
(ssl->specs.kea != ecc_diffie_hellman_kea ||
!ssl->specs.static_ecdh) &&
@@ -17735,12 +17756,9 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
if (!ssl->msgsReceived.got_certificate) {
WOLFSSL_MSG("No Certificate before CertificateRequest");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
if (ssl->msgsReceived.got_server_hello_done) {
if (ssl->msgsReceived.got_server_hello_done ||
ssl->msgsReceived.got_change_cipher ||
ssl->msgsReceived.got_finished) {
WOLFSSL_MSG("CertificateRequest received in wrong order");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
@@ -17766,7 +17784,7 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
}
ssl->msgsReceived.got_server_hello_done = 1;
if (ssl->msgsReceived.got_certificate == 0) {
if (!ssl->msgsReceived.got_certificate) {
if (ssl->specs.kea == psk_kea ||
ssl->specs.kea == dhe_psk_kea ||
ssl->specs.kea == ecdhe_psk_kea ||
@@ -17779,7 +17797,7 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
return OUT_OF_ORDER_E;
}
}
if (ssl->msgsReceived.got_server_key_exchange == 0) {
if (!ssl->msgsReceived.got_server_key_exchange) {
int pskNoServerHint = 0; /* not required in this case */
#ifndef NO_PSK
@@ -17801,7 +17819,7 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
}
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (ssl->msgsReceived.got_certificate_status == 0) {
if (!ssl->msgsReceived.got_certificate_status) {
int csrRet = 0;
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (csrRet == 0 && ssl->status_request) {
@@ -17847,6 +17865,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
}
}
#endif
if (ssl->msgsReceived.got_change_cipher ||
ssl->msgsReceived.got_finished) {
WOLFSSL_MSG("ServerHelloDone received in wrong order");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
break;
#endif
@@ -17864,7 +17888,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
WOLFSSL_ERROR_VERBOSE(DUPLICATE_MSG_E);
return DUPLICATE_MSG_E;
}
if ( ssl->msgsReceived.got_certificate == 0) {
if (!ssl->msgsReceived.got_client_key_exchange) {
WOLFSSL_MSG("No ClientKeyExchange before CertVerify");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
if (!ssl->msgsReceived.got_certificate) {
WOLFSSL_MSG("No Cert before CertVerify");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
@@ -17893,7 +17922,7 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
WOLFSSL_ERROR_VERBOSE(DUPLICATE_MSG_E);
return DUPLICATE_MSG_E;
}
if (ssl->msgsReceived.got_client_hello == 0) {
if (!ssl->msgsReceived.got_client_hello) {
WOLFSSL_MSG("No ClientHello before ClientKeyExchange");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
@@ -17924,7 +17953,7 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
}
}
#endif
if (ssl->msgsReceived.got_change_cipher == 0) {
if (!ssl->msgsReceived.got_change_cipher) {
WOLFSSL_MSG("Finished received before ChangeCipher");
WOLFSSL_ERROR_VERBOSE(NO_CHANGE_CIPHER_E);
return NO_CHANGE_CIPHER_E;
@@ -17945,62 +17974,63 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT
if (ssl->options.side == WOLFSSL_CLIENT_END) {
if (!ssl->msgsReceived.got_server_hello) {
WOLFSSL_MSG("ChangeCipherSpec received in wrong order");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
if (!ssl->options.resuming) {
if (ssl->msgsReceived.got_server_hello_done == 0) {
if (!ssl->msgsReceived.got_server_hello_done) {
WOLFSSL_MSG("No ServerHelloDone before ChangeCipher");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
}
else {
if (ssl->msgsReceived.got_server_hello == 0) {
WOLFSSL_MSG("No ServerHello before ChangeCipher on "
"Resume");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
#ifdef HAVE_SESSION_TICKET
if (ssl->expect_session_ticket) {
WOLFSSL_MSG("Expected session ticket missing");
#ifdef WOLFSSL_DTLS
if (ssl->options.dtls) {
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
#endif
WOLFSSL_ERROR_VERBOSE(SESSION_TICKET_EXPECT_E);
return SESSION_TICKET_EXPECT_E;
}
#ifdef HAVE_SESSION_TICKET
if (ssl->expect_session_ticket) {
WOLFSSL_MSG("Expected session ticket missing");
#endif
}
#endif
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) {
if (!ssl->msgsReceived.got_client_hello) {
WOLFSSL_MSG("ChangeCipherSpec received in wrong order");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
if (!ssl->options.resuming &&
!ssl->msgsReceived.got_client_key_exchange) {
WOLFSSL_MSG("No ClientKeyExchange before ChangeCipher");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
#ifndef NO_CERTS
if (ssl->options.verifyPeer &&
ssl->options.havePeerCert) {
if (!ssl->options.havePeerVerify ||
!ssl->msgsReceived.got_certificate_verify) {
WOLFSSL_MSG("client didn't send cert verify");
#ifdef WOLFSSL_DTLS
if (ssl->options.dtls) {
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
#endif
WOLFSSL_ERROR_VERBOSE(SESSION_TICKET_EXPECT_E);
return SESSION_TICKET_EXPECT_E;
WOLFSSL_ERROR_VERBOSE(NO_PEER_VERIFY);
return NO_PEER_VERIFY;
}
#endif
}
#endif
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) {
if (!ssl->options.resuming &&
ssl->msgsReceived.got_client_key_exchange == 0) {
WOLFSSL_MSG("No ClientKeyExchange before ChangeCipher");
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
#ifndef NO_CERTS
if (ssl->options.verifyPeer &&
ssl->options.havePeerCert) {
if (!ssl->options.havePeerVerify ||
!ssl->msgsReceived.got_certificate_verify) {
WOLFSSL_MSG("client didn't send cert verify");
#ifdef WOLFSSL_DTLS
if (ssl->options.dtls) {
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
#endif
WOLFSSL_ERROR_VERBOSE(NO_PEER_VERIFY);
return NO_PEER_VERIFY;
}
}
#endif
#endif
}
#endif /* !NO_WOLFSSL_SERVER */
if (ssl->options.dtls)
@@ -29822,7 +29852,7 @@ static int DecodePrivateKey_ex(WOLFSSL *ssl, byte keyType, const DerBuffer* key,
}
}
#ifdef WOLF_PRIVATE_KEY_ID
#if defined(WOLF_PRIVATE_KEY_ID) && !defined(NO_CHECK_PRIVATE_KEY)
if (keyDevId != INVALID_DEVID && (keyIdSet || keyLabelSet)) {
/* Set hsType */
if (keyType == rsa_sa_algo)
+8 -2
View File
@@ -4101,10 +4101,16 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
if (aes == NULL || userKey == NULL) {
return BAD_FUNC_ARG;
}
if (keylen > sizeof(aes->key)) {
return BAD_FUNC_ARG;
}
return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
}
int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
@@ -5282,7 +5288,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
{
int ret;
if (aes == NULL)
if (aes == NULL || out == NULL || in == NULL)
return BAD_FUNC_ARG;
VECTOR_REGISTERS_PUSH;
ret = wc_AesEncrypt(aes, in, out);
+6 -2
View File
@@ -534,7 +534,9 @@ int wc_Blake2bHmacInit(Blake2b* b2b, const byte* key, size_t key_len)
ret = wc_Blake2bFinal(b2b, x_key, 0);
} else {
XMEMCPY(x_key, key, key_len);
XMEMSET(x_key + key_len, 0, BLAKE2B_BLOCKBYTES - key_len);
if (key_len < BLAKE2B_BLOCKBYTES) {
XMEMSET(x_key + key_len, 0, BLAKE2B_BLOCKBYTES - key_len);
}
}
if (ret == 0) {
@@ -581,7 +583,9 @@ int wc_Blake2bHmacFinal(Blake2b* b2b, const byte* key, size_t key_len,
ret = wc_Blake2bFinal(b2b, x_key, 0);
} else {
XMEMCPY(x_key, key, key_len);
XMEMSET(x_key + key_len, 0, BLAKE2B_BLOCKBYTES - key_len);
if (key_len < BLAKE2B_BLOCKBYTES) {
XMEMSET(x_key + key_len, 0, BLAKE2B_BLOCKBYTES - key_len);
}
}
if (ret == 0) {
+6 -2
View File
@@ -528,7 +528,9 @@ int wc_Blake2sHmacInit(Blake2s* b2s, const byte* key, size_t key_len)
ret = wc_Blake2sFinal(b2s, x_key, 0);
} else {
XMEMCPY(x_key, key, key_len);
XMEMSET(x_key + key_len, 0, BLAKE2S_BLOCKBYTES - key_len);
if (key_len < BLAKE2S_BLOCKBYTES) {
XMEMSET(x_key + key_len, 0, BLAKE2S_BLOCKBYTES - key_len);
}
}
if (ret == 0) {
@@ -575,7 +577,9 @@ int wc_Blake2sHmacFinal(Blake2s* b2s, const byte* key, size_t key_len,
ret = wc_Blake2sFinal(b2s, x_key, 0);
} else {
XMEMCPY(x_key, key, key_len);
XMEMSET(x_key + key_len, 0, BLAKE2S_BLOCKBYTES - key_len);
if (key_len < BLAKE2S_BLOCKBYTES) {
XMEMSET(x_key + key_len, 0, BLAKE2S_BLOCKBYTES - key_len);
}
}
if (ret == 0) {
+2 -1
View File
@@ -313,7 +313,8 @@ int wc_XChaCha20Poly1305_Init(
byte authKey[CHACHA20_POLY1305_AEAD_KEYSIZE];
int ret;
if ((ad == NULL) || (nonce == NULL) || (key == NULL))
if ((aead == NULL) || (ad == NULL && ad_len > 0) || (nonce == NULL) ||
(key == NULL))
return BAD_FUNC_ARG;
if ((key_len != CHACHA20_POLY1305_AEAD_KEYSIZE) ||
+169 -16
View File
@@ -9,7 +9,9 @@ Support for the STM32 PKA on WB55, H7, MP13 and other devices with on-board
public-key acceleration:
- ECC192/ECC224/ECC256/ECC384
Support for the STSAFE-A100 crypto hardware accelerator co-processor via I2C for ECC supporting NIST or Brainpool 256-bit and 384-bit curves. It requires the ST-Safe SDK including wolfSSL's `stsafe_interface.c/.h` files. Please contact us at support@wolfssl.com to get this code.
Support for the STSAFE-A secure element family via I2C for ECC supporting NIST P-256/P-384 and Brainpool 256/384-bit curves:
- **STSAFE-A100/A110**: Uses ST's proprietary STSAFE-A1xx middleware. Contact us at support@wolfssl.com for integration assistance.
- **STSAFE-A120**: Uses ST's open-source [STSELib](https://github.com/STMicroelectronics/STSELib) (BSD-3 license).
For details see our [wolfSSL ST](https://www.wolfssl.com/docs/stm32/) page.
@@ -65,29 +67,69 @@ To enable support define the following
When the support is enabled, the ECC operations will be accelerated using the PKA crypto co-processor.
## STSAFE-A100 ECC Acceleration
## STSAFE-A ECC Acceleration
Using the wolfSSL PK callbacks and the reference ST Safe reference API's we support an ECC only cipher suite such as ECDHE-ECDSA-AES128-SHA256 for TLS client or server.
Using the wolfSSL PK callbacks or Crypto callbacks with the ST-Safe reference API's we support ECC operations for TLS client/server:
- **ECDSA Sign/Verify**: P-256 and P-384 (NIST and Brainpool curves)
- **ECDH Key Agreement**: For TLS key exchange
- **ECC Key Generation**: Ephemeral keys for TLS
At the wolfCrypt level we also support ECC native API's for `wc_ecc_*` using the ST-Safe.
At the wolfCrypt level we also support ECC native API's for `wc_ecc_*` using the ST-Safe via Crypto Callbacks.
### Supported Hardware
| Model | Macro | SDK |
|-------|-------|-----|
| STSAFE-A100/A110 | `WOLFSSL_STSAFEA100` | ST STSAFE-A1xx Middleware (proprietary) |
| STSAFE-A120 | `WOLFSSL_STSAFEA120` | [STSELib](https://github.com/STMicroelectronics/STSELib) (BSD-3, open source) |
### Building
`./configure --enable-pkcallbacks CFLAGS="-DWOLFSSL_STSAFEA100"`
For STSAFE-A100/A110 (legacy):
or
```
./configure --enable-pkcallbacks CFLAGS="-DWOLFSSL_STSAFEA100"
```
`#define HAVE_PK_CALLBACKS`
`#define WOLFSSL_STSAFEA100`
or in `user_settings.h`:
```c
#define HAVE_PK_CALLBACKS
#define WOLFSSL_STSAFEA100
```
For STSAFE-A120 with STSELib:
```
./configure --enable-pkcallbacks CFLAGS="-DWOLFSSL_STSAFEA120"
```
or in `user_settings.h`:
```c
#define HAVE_PK_CALLBACKS
#define WOLFSSL_STSAFEA120
```
To use Crypto Callbacks (recommended for wolfCrypt-level ECC operations):
```c
#define WOLF_CRYPTO_CB
#define WOLFSSL_STSAFEA120 /* or WOLFSSL_STSAFEA100 */
```
### Coding
#### Using PK Callbacks (TLS)
Setup the PK callbacks for TLS using:
```
/* Setup PK Callbacks for STSAFE-A100 */
```c
/* Setup PK Callbacks for STSAFE */
WOLFSSL_CTX* ctx;
SSL_STSAFE_SetupPkCallbacks(ctx);
/* Or manually: */
wolfSSL_CTX_SetEccKeyGenCb(ctx, SSL_STSAFE_CreateKeyCb);
wolfSSL_CTX_SetEccSignCb(ctx, SSL_STSAFE_SignCertificateCb);
wolfSSL_CTX_SetEccVerifyCb(ctx, SSL_STSAFE_VerifyPeerCertCb);
@@ -95,20 +137,131 @@ wolfSSL_CTX_SetEccSharedSecretCb(ctx, SSL_STSAFE_SharedSecretCb);
wolfSSL_CTX_SetDevId(ctx, 0); /* enables wolfCrypt `wc_ecc_*` ST-Safe use */
```
The reference STSAFE-A100 PK callback functions are located in the `wolfcrypt/src/port/st/stsafe.c` file.
The reference STSAFE PK callback functions are located in the `wolfcrypt/src/port/st/stsafe.c` file.
Adding a custom context to the callbacks:
```
```c
/* Setup PK Callbacks context */
WOLFSSL* ssl;
void* myOwnCtx;
wolfSSL_SetEccKeyGenCtx(ssl, myOwnCtx);
wolfSSL_SetEccVerifyCtx(ssl, myOwnCtx);
wolfSSL_SetEccSignCtx(ssl, myOwnCtx);
wolfSSL_SetEccSharedSecretCtx(ssl, myOwnCtx);
SSL_STSAFE_SetupPkCallbackCtx(ssl, myOwnCtx);
```
#### Using Crypto Callbacks (wolfCrypt)
For direct wolfCrypt ECC operations using the hardware:
```c
#include <wolfssl/wolfcrypt/port/st/stsafe.h>
/* Register the crypto callback */
wolfSTSAFE_CryptoCb_Ctx stsafeCtx;
stsafeCtx.devId = WOLF_STSAFE_DEVID;
wc_CryptoCb_RegisterDevice(WOLF_STSAFE_DEVID, wolfSSL_STSAFE_CryptoDevCb, &stsafeCtx);
/* Use with ECC operations */
ecc_key key;
wc_ecc_init_ex(&key, NULL, WOLF_STSAFE_DEVID);
/* ECC operations will now use STSAFE hardware */
```
### Implementation Details
The STSAFE support is self-contained in `wolfcrypt/src/port/st/stsafe.c` with SDK-specific implementations selected at compile time:
| Macro | SDK | Description |
|-------|-----|-------------|
| `WOLFSSL_STSAFEA100` | STSAFE-A1xx Middleware | ST's proprietary SDK for A100/A110 |
| `WOLFSSL_STSAFEA120` | [STSELib](https://github.com/STMicroelectronics/STSELib) | ST's open-source SDK for A120 (BSD-3) |
#### External Interface (Backwards Compatibility)
For customers with existing custom implementations, define `WOLFSSL_STSAFE_INTERFACE_EXTERNAL` to use an external `stsafe_interface.h` file instead of the built-in implementation:
```c
#define WOLFSSL_STSAFEA100 /* or WOLFSSL_STSAFEA120 */
#define WOLFSSL_STSAFE_INTERFACE_EXTERNAL
```
When `WOLFSSL_STSAFE_INTERFACE_EXTERNAL` is defined, the customer must provide a `stsafe_interface.h` header that defines:
| Item | Type | Description |
|------|------|-------------|
| `stsafe_curve_id_t` | typedef | Curve identifier type |
| `stsafe_slot_t` | typedef | Key slot identifier type |
| `STSAFE_ECC_CURVE_P256` | macro | P-256 curve ID value |
| `STSAFE_ECC_CURVE_P384` | macro | P-384 curve ID value |
| `STSAFE_KEY_SLOT_0/1/EPHEMERAL` | macros | Key slot values |
| `STSAFE_A_OK` | macro | Success return code |
| `STSAFE_MAX_KEY_LEN` | macro | Max key size in bytes (48) |
| `STSAFE_MAX_PUBKEY_RAW_LEN` | macro | Max public key size (96) |
| `STSAFE_MAX_SIG_LEN` | macro | Max signature size (96) |
And provide implementations for these internal interface functions:
- `int stsafe_interface_init(void)`
- `int stsafe_create_key(stsafe_slot_t*, stsafe_curve_id_t, uint8_t*)`
- `int stsafe_sign(stsafe_slot_t, stsafe_curve_id_t, uint8_t*, uint8_t*)`
- `int stsafe_verify(stsafe_curve_id_t, uint8_t*, uint8_t*, uint8_t*, uint8_t*, int32_t*)`
- `int stsafe_shared_secret(stsafe_slot_t, stsafe_curve_id_t, uint8_t*, uint8_t*, uint8_t*, int32_t*)`
- `int stsafe_read_certificate(uint8_t**, uint32_t*)`
- `int stsafe_get_random(uint8_t*, uint32_t)` (if `USE_STSAFE_RNG_SEED` defined)
When **NOT** defined (default behavior): All code is self-contained in `stsafe.c` using the appropriate SDK automatically.
The implementation provides these internal operations:
| Operation | Description |
|-----------|-------------|
| `stsafe_interface_init()` | Initialize the STSAFE device (called by `wolfCrypt_Init()`) |
| `stsafe_sign()` | ECDSA signature generation (P-256/P-384) |
| `stsafe_verify()` | ECDSA signature verification (P-256/P-384) |
| `stsafe_create_key()` | Generate ECC key pair on device |
| `stsafe_shared_secret()` | ECDH shared secret computation |
| `stsafe_read_certificate()` | Read device certificate from secure storage |
### STSELib Setup (A120)
For STSAFE-A120, you need to include the STSELib library:
1. Clone STSELib as a submodule or add to your project:
```bash
git submodule add https://github.com/STMicroelectronics/STSELib.git lib/stselib
```
2. Add STSELib headers to your include path
3. Implement the platform abstraction files required by STSELib:
- `stse_conf.h` - Configuration (target device, features)
- `stse_platform_generic.h` - Platform callbacks (I2C, timing)
4. See STSELib documentation for platform-specific integration details
### Raspberry Pi with STSAFE-A120
For testing on a Raspberry Pi with an STSAFE-A120 connected via I2C:
1. **Enable I2C** on the Raspberry Pi:
```bash
sudo raspi-config
# Navigate to: Interface Options -> I2C -> Enable
```
2. **Verify the STSAFE device is detected** (default I2C address is 0x20):
```bash
sudo i2cdetect -y 1
```
3. **Build wolfSSL with STSAFE-A120 support**:
```bash
./configure --enable-pkcallbacks --enable-cryptocb \
CFLAGS="-DWOLFSSL_STSAFEA120 -I/path/to/STSELib"
make
sudo make install
```
4. **Platform abstraction**: Implement the STSELib I2C callbacks using the Linux I2C driver (`/dev/i2c-1`).
### Benchmarks and Memory Use
Software only implementation (STM32L4 120Mhz, Cortex-M4, Fast Math):
File diff suppressed because it is too large Load Diff
+44 -1
View File
@@ -752,12 +752,18 @@ int wc_RNG_TestSeed(const byte* seed, word32 seedSz)
/* Check the seed for duplicate words. */
word32 seedIdx = 0;
word32 scratchSz = min(SEED_BLOCK_SZ, seedSz - SEED_BLOCK_SZ);
word32 scratchSz = 0;
if (seed == NULL || seedSz < SEED_BLOCK_SZ)
return BAD_FUNC_ARG;
scratchSz = min(SEED_BLOCK_SZ, seedSz - SEED_BLOCK_SZ);
while (seedIdx < seedSz - SEED_BLOCK_SZ) {
if (ConstantCompare(seed + seedIdx,
seed + seedIdx + scratchSz,
(int)scratchSz) == 0) {
ret = DRBG_CONT_FAILURE;
}
seedIdx += SEED_BLOCK_SZ;
@@ -1935,12 +1941,49 @@ static int wc_GenerateSeed_IntelRD(OS_Seed* os, byte* output, word32 sz)
{
int ret;
word64 rndTmp;
static int rdseed_sanity_status = 0;
(void)os;
if (!IS_INTEL_RDSEED(intel_flags))
return -1;
/* Note, access to rdseed_sanity_status is benignly racey on multithreaded
* targets.
*/
if (rdseed_sanity_status == 0) {
word64 sanity_word1 = 0, sanity_word2 = 0;
ret = IntelRDseed64_r(&sanity_word1);
if (ret != 0)
return ret;
ret = IntelRDseed64_r(&sanity_word2);
if (ret != 0)
return ret;
if (sanity_word1 == sanity_word2) {
ret = IntelRDseed64_r(&sanity_word1);
if (ret != 0)
return ret;
if (sanity_word1 == sanity_word2) {
#ifdef WC_VERBOSE_RNG
WOLFSSL_DEBUG_PRINTF(
"WARNING: disabling RDSEED due to repeating word 0x%lx -- "
"check CPU microcode version.", sanity_word2);
#endif
rdseed_sanity_status = -1;
return -1;
}
}
rdseed_sanity_status = 1;
}
else if (rdseed_sanity_status < 0) {
return -1;
}
for (; (sz / sizeof(word64)) > 0; sz -= sizeof(word64),
output += sizeof(word64)) {
ret = IntelRDseed64_r((word64*)output);
+8 -8
View File
@@ -3792,7 +3792,7 @@ int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key)
{
WC_RNG* rng;
int ret;
#ifdef WC_RSA_BLINDING
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
if (key == NULL) {
return BAD_FUNC_ARG;
}
@@ -3816,7 +3816,7 @@ int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen, byte** out,
{
WC_RNG* rng;
int ret;
#ifdef WC_RSA_BLINDING
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
if (key == NULL) {
return BAD_FUNC_ARG;
}
@@ -3839,7 +3839,7 @@ int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
{
WC_RNG* rng;
int ret;
#ifdef WC_RSA_BLINDING
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
if (key == NULL) {
return BAD_FUNC_ARG;
}
@@ -3863,7 +3863,7 @@ int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen, byte* out,
{
WC_RNG* rng;
int ret;
#ifdef WC_RSA_BLINDING
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
if (key == NULL) {
return BAD_FUNC_ARG;
}
@@ -3886,7 +3886,7 @@ int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
{
WC_RNG* rng;
int ret;
#ifdef WC_RSA_BLINDING
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
if (key == NULL) {
return BAD_FUNC_ARG;
}
@@ -3931,7 +3931,7 @@ int wc_RsaSSL_Verify_ex2(const byte* in, word32 inLen, byte* out, word32 outLen
return BAD_FUNC_ARG;
}
#ifdef WC_RSA_BLINDING
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
rng = key->rng;
#else
rng = NULL;
@@ -3997,7 +3997,7 @@ int wc_RsaPSS_VerifyInline_ex(byte* in, word32 inLen, byte** out,
{
WC_RNG* rng;
int ret;
#ifdef WC_RSA_BLINDING
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
if (key == NULL) {
return BAD_FUNC_ARG;
}
@@ -4055,7 +4055,7 @@ int wc_RsaPSS_Verify_ex(const byte* in, word32 inLen, byte* out, word32 outLen,
{
WC_RNG* rng;
int ret;
#ifdef WC_RSA_BLINDING
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
if (key == NULL) {
return BAD_FUNC_ARG;
}
+7 -3
View File
@@ -68,7 +68,7 @@
#if defined(WOLFSSL_RENESAS_RX64_HASH)
#include <wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h>
#endif
#if defined(WOLFSSL_STSAFEA100)
#ifdef WOLFSSL_STSAFE
#include <wolfssl/wolfcrypt/port/st/stsafe.h>
#endif
@@ -303,8 +303,12 @@ int wolfCrypt_Init(void)
return ret;
}
#endif
#if defined(WOLFSSL_STSAFEA100)
stsafe_interface_init();
#ifdef WOLFSSL_STSAFE
ret = stsafe_interface_init();
if (ret != 0) {
WOLFSSL_MSG("STSAFE init failed");
return ret;
}
#endif
#if defined(WOLFSSL_TROPIC01)
ret = Tropic01_Init();
+3
View File
@@ -23,6 +23,9 @@
#ifndef WOLFSSL_OBJ_MAC_H_
#define WOLFSSL_OBJ_MAC_H_
/* include SN_xxx definitions from asn.h */
#include <wolfssl/wolfcrypt/asn.h>
#ifdef __cplusplus
extern "C" {
#endif
+10 -5
View File
@@ -37,7 +37,8 @@ that can be serialized and deserialized in a cross-platform way.
#include <wolfssl/wolfcrypt/types.h>
#if !defined(NO_ASN) || !defined(NO_PWDBASED)
/* included openssl/obj_mac.h directly for SN_xxx definitions */
#if !defined(WOLFSSL_OBJ_MAC_H_)
#if !defined(NO_ASN_TIME) && defined(NO_TIME_H)
#define NO_ASN_TIME /* backwards compatibility with NO_TIME_H */
#endif
@@ -880,8 +881,10 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
#else
#define WC_MAX_CERT_VERIFY_SZ 1024 /* max default */
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#endif /* !NO_ASN */
#endif /* !WOLFSSL_OBJ_MAC_H_ */
#if defined(WOLFSSL_OBJ_MAC_H_) || \
defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* short names */
#define WC_SN_md4 "MD4"
#define WC_SN_md5 "MD5"
@@ -1178,8 +1181,9 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
#endif /* !OPENSSL_COEXIST */
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* WOLFSSL_OBJ_MAC_H_ || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#if !defined(WOLFSSL_OBJ_MAC_H_)
#if !defined(NO_ASN)
enum ECC_TYPES
{
ECC_PREFIX_0 = 160,
@@ -2998,6 +3002,7 @@ enum PKCSTypes {
} /* extern "C" */
#endif
#endif /* WOLFSSL_OBJ_MAC_H_ */
#endif /* !NO_ASN || !NO_PWDBASED */
#endif /* WOLF_CRYPT_ASN_H */
+63 -15
View File
@@ -541,6 +541,50 @@
#endif /* LITTLE_ENDIAN_ORDER && WOLFSSL_DILITHIUM_ALIGNMENT == 0 */
#endif
#ifndef WOLFSSL_NO_ML_DSA_87
#define DILITHIUM_MAX_KEY_SIZE DILITHIUM_LEVEL5_KEY_SIZE
#define DILITHIUM_MAX_SIG_SIZE DILITHIUM_LEVEL5_SIG_SIZE
#define DILITHIUM_MAX_PUB_KEY_SIZE DILITHIUM_LEVEL5_PUB_KEY_SIZE
#define DILITHIUM_MAX_PRV_KEY_SIZE DILITHIUM_LEVEL5_PRV_KEY_SIZE
/* Buffer sizes large enough to store exported DER encoded keys */
#define DILITHIUM_MAX_PUB_KEY_DER_SIZE DILITHIUM_LEVEL5_PUB_KEY_DER_SIZE
#define DILITHIUM_MAX_PRV_KEY_DER_SIZE DILITHIUM_LEVEL5_PRV_KEY_DER_SIZE
#define DILITHIUM_MAX_BOTH_KEY_DER_SIZE DILITHIUM_LEVEL5_BOTH_KEY_DER_SIZE
/* PEM size with the header "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----" and
* the footer "-----END ML_DSA_LEVEL5 PRIVATE KEY-----" */
#define DILITHIUM_MAX_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL5_BOTH_KEY_PEM_SIZE
#elif !defined(WOLFSSL_NO_ML_DSA_65)
#define DILITHIUM_MAX_KEY_SIZE DILITHIUM_LEVEL3_KEY_SIZE
#define DILITHIUM_MAX_SIG_SIZE DILITHIUM_LEVEL3_SIG_SIZE
#define DILITHIUM_MAX_PUB_KEY_SIZE DILITHIUM_LEVEL3_PUB_KEY_SIZE
#define DILITHIUM_MAX_PRV_KEY_SIZE DILITHIUM_LEVEL3_PRV_KEY_SIZE
/* Buffer sizes large enough to store exported DER encoded keys */
#define DILITHIUM_MAX_PUB_KEY_DER_SIZE DILITHIUM_LEVEL3_PUB_KEY_DER_SIZE
#define DILITHIUM_MAX_PRV_KEY_DER_SIZE DILITHIUM_LEVEL3_PRV_KEY_DER_SIZE
#define DILITHIUM_MAX_BOTH_KEY_DER_SIZE DILITHIUM_LEVEL3_BOTH_KEY_DER_SIZE
/* PEM size with the header "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----" and
* the footer "-----END ML_DSA_LEVEL5 PRIVATE KEY-----" */
#define DILITHIUM_MAX_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL3_BOTH_KEY_PEM_SIZE
#else
#define DILITHIUM_MAX_KEY_SIZE DILITHIUM_LEVEL2_KEY_SIZE
#define DILITHIUM_MAX_SIG_SIZE DILITHIUM_LEVEL2_SIG_SIZE
#define DILITHIUM_MAX_PUB_KEY_SIZE DILITHIUM_LEVEL2_PUB_KEY_SIZE
#define DILITHIUM_MAX_PRV_KEY_SIZE DILITHIUM_LEVEL2_PRV_KEY_SIZE
/* Buffer sizes large enough to store exported DER encoded keys */
#define DILITHIUM_MAX_PUB_KEY_DER_SIZE DILITHIUM_LEVEL2_PUB_KEY_DER_SIZE
#define DILITHIUM_MAX_PRV_KEY_DER_SIZE DILITHIUM_LEVEL2_PRV_KEY_DER_SIZE
#define DILITHIUM_MAX_BOTH_KEY_DER_SIZE DILITHIUM_LEVEL2_BOTH_KEY_DER_SIZE
/* PEM size with the header "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----" and
* the footer "-----END ML_DSA_LEVEL5 PRIVATE KEY-----" */
#define DILITHIUM_MAX_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL2_BOTH_KEY_PEM_SIZE
#endif
#elif defined(HAVE_LIBOQS)
#define DILITHIUM_LEVEL2_KEY_SIZE OQS_SIG_ml_dsa_44_ipd_length_secret_key
@@ -621,8 +665,6 @@
* the footer "-----END ML_DSA_LEVEL5 PRIVATE KEY-----" */
#define ML_DSA_LEVEL5_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL5_BOTH_KEY_PEM_SIZE
#endif
#define DILITHIUM_MAX_KEY_SIZE DILITHIUM_LEVEL5_KEY_SIZE
#define DILITHIUM_MAX_SIG_SIZE DILITHIUM_LEVEL5_SIG_SIZE
#define DILITHIUM_MAX_PUB_KEY_SIZE DILITHIUM_LEVEL5_PUB_KEY_SIZE
@@ -634,6 +676,8 @@
/* PEM size with the header "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----" and
* the footer "-----END ML_DSA_LEVEL5 PRIVATE KEY-----" */
#define DILITHIUM_MAX_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL5_BOTH_KEY_PEM_SIZE
#endif
#ifdef WOLF_PRIVATE_KEY_ID
@@ -1014,33 +1058,37 @@ WOLFSSL_LOCAL void wc_mldsa_poly_make_pos_avx2(sword32* a);
#define MlDsaKey dilithium_key
#define wc_MlDsaKey_Init(key, heap, devId) \
#define wc_MlDsaKey_Init(key, heap, devId) \
wc_dilithium_init_ex(key, heap, devId)
#define wc_MlDsaKey_SetParams(key, id) \
#define wc_MlDsaKey_SetParams(key, id) \
wc_dilithium_set_level(key, id)
#define wc_MlDsaKey_GetParams(key, id) \
#define wc_MlDsaKey_GetParams(key, id) \
wc_dilithium_get_level(key, id)
#define wc_MlDsaKey_MakeKey(key, rng) \
#define wc_MlDsaKey_MakeKey(key, rng) \
wc_dilithium_make_key(key, rng)
#define wc_MlDsaKey_ExportPrivRaw(key, out, outLen) \
#define wc_MlDsaKey_ExportPrivRaw(key, out, outLen) \
wc_dilithium_export_private_only(key, out, outLen)
#define wc_MlDsaKey_ImportPrivRaw(key, in, inLen) \
#define wc_MlDsaKey_ImportPrivRaw(key, in, inLen) \
wc_dilithium_import_private_only(in, inLen, key)
#define wc_MlDsaKey_Sign(key, sig, sigSz, msg, msgSz, rng) \
#define wc_MlDsaKey_Sign(key, sig, sigSz, msg, msgSz, rng) \
wc_dilithium_sign_msg(msg, msgSz, sig, sigSz, key, rng)
#define wc_MlDsaKey_Free(key) \
#define wc_MlDsaKey_SignCtx(key, ctx, ctxSz, sig, sigSz, msg, msgSz, rng) \
wc_dilithium_sign_ctx_msg(ctx, ctxSz, msg, msgSz, sig, sigSz, key, rng)
#define wc_MlDsaKey_Free(key) \
wc_dilithium_free(key)
#define wc_MlDsaKey_ExportPubRaw(key, out, outLen) \
#define wc_MlDsaKey_ExportPubRaw(key, out, outLen) \
wc_dilithium_export_public(key, out, outLen)
#define wc_MlDsaKey_ImportPubRaw(key, in, inLen) \
#define wc_MlDsaKey_ImportPubRaw(key, in, inLen) \
wc_dilithium_import_public(in, inLen, key)
#define wc_MlDsaKey_Verify(key, sig, sigSz, msg, msgSz, res) \
#define wc_MlDsaKey_Verify(key, sig, sigSz, msg, msgSz, res) \
wc_dilithium_verify_msg(sig, sigSz, msg, msgSz, res, key)
#define wc_MlDsaKey_VerifyCtx(key, sig, sigSz, ctx, ctxSz, msg, msgSz, res) \
wc_dilithium_verify_msg_ctx(sig, sigSz, ctx, ctxSz, msg, msgSz, res, key)
#define wc_MlDsaKey_PublicKeyToDer(key, output, len, withAlg) \
#define wc_MlDsaKey_PublicKeyToDer(key, output, len, withAlg) \
wc_Dilithium_PublicKeyToDer(key, output, len, withAlg)
#define wc_MlDsaKey_PrivateKeyToDer(key, output, len) \
#define wc_MlDsaKey_PrivateKeyToDer(key, output, len) \
wc_Dilithium_PrivateKeyToDer(key, output, len)
+122 -8
View File
@@ -23,6 +23,7 @@
#define _WOLFPORT_STSAFE_H_
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
@@ -34,22 +35,135 @@
#include <wolfssl/ssl.h>
#endif
#ifdef WOLFSSL_STSAFEA100
#ifdef WOLFSSL_STSAFE
/* The wolf STSAFE interface layer */
/* Please contact wolfSSL for the STSAFE port files */
#include "stsafe_interface.h"
/* -------------------------------------------------------------------------- */
/* External Interface Support (Backwards Compatibility) */
/* -------------------------------------------------------------------------- */
/* Define WOLFSSL_STSAFE_INTERFACE_EXTERNAL to use an external stsafe_
* interface.h file that provides customer-specific implementations.
* This maintains backwards compatibility with older integrations that
* used a separate interface file.
*
* When NOT set (the default): All code is self-contained in stsafe.c using
* the appropriate SDK (STSELib for A120, STSAFE-A1xx SDK for A100/A110).
*
* When defined: Include customer-provided stsafe_interface.h which must define:
* - stsafe_curve_id_t, stsafe_slot_t types
* - STSAFE_ECC_CURVE_P256, STSAFE_ECC_CURVE_P384 macros
* - STSAFE_KEY_SLOT_0, STSAFE_KEY_SLOT_1, STSAFE_KEY_SLOT_EPHEMERAL macros
* - STSAFE_A_OK return code macro
* - STSAFE_MAX_KEY_LEN, STSAFE_MAX_PUBKEY_RAW_LEN, STSAFE_MAX_SIG_LEN macros
* - Function prototypes for interface functions (see stsafe.c)
*/
#ifdef WOLFSSL_STSAFE_INTERFACE_EXTERNAL
#include "stsafe_interface.h"
#else
/* -------------------------------------------------------------------------- */
/* STSAFE SDK Type Abstractions */
/* -------------------------------------------------------------------------- */
#ifdef WOLFSSL_STSAFEA120
/* STSAFE-A120 uses STSELib (open source BSD-3) */
/* Note: stselib.h is included in stsafe.c to avoid warnings in headers */
/* Type mappings for STSELib - using byte for curve ID to avoid
* including full STSELib headers which have strict-prototype warnings */
typedef byte stsafe_curve_id_t;
typedef byte stsafe_slot_t;
/* Curve ID mappings - values depend on stse_conf.h settings!
* With only NIST P-256 and P-384 enabled:
* STSE_ECC_KT_NIST_P_256 = 0, STSE_ECC_KT_NIST_P_384 = 1
* NOTE: If other curves are enabled, these values change!
*
* Compile-time static assertions and runtime checks in stsafe_interface_init()
* verify that these constants match the actual STSE_ECC_KT enum values. */
#define STSAFE_ECC_CURVE_P256 0 /* STSE_ECC_KT_NIST_P_256 */
#define STSAFE_ECC_CURVE_P384 1 /* STSE_ECC_KT_NIST_P_384 */
#define STSAFE_ECC_CURVE_BP256 2 /* STSE_ECC_KT_BP_P_256 */
#define STSAFE_ECC_CURVE_BP384 3 /* STSE_ECC_KT_BP_P_384 */
/* Slot mappings */
#define STSAFE_KEY_SLOT_0 0
#define STSAFE_KEY_SLOT_1 1
#define STSAFE_KEY_SLOT_EPHEMERAL 0xFF
/* Return codes */
#define STSAFE_A_OK 0 /* STSE_OK */
/* Key usage limits */
#define STSAFE_PERSISTENT_KEY_USAGE_LIMIT 255 /* Usage limit for persistent keys in slot 1 */
#define STSAFE_EPHEMERAL_KEY_USAGE_LIMIT 1 /* Usage limit for ephemeral keys in slot 0xFF */
/* Hash types - must match stse_hash_algorithm_t values in STSELib */
#define STSAFE_HASH_SHA256 0 /* STSE_SHA_256 */
#define STSAFE_HASH_SHA384 1 /* STSE_SHA_384 */
#else /* WOLFSSL_STSAFEA100 */
/* STSAFE-A100/A110 uses legacy ST STSAFE-A1xx SDK */
/* User must provide path to STSAFE-A1xx SDK headers */
#include <stsafe_a_types.h>
/* Type mappings for legacy SDK */
typedef StSafeA_CurveId stsafe_curve_id_t;
typedef StSafeA_KeySlotNumber stsafe_slot_t;
/* Curve ID mappings */
#define STSAFE_ECC_CURVE_P256 STSAFE_A_NIST_P_256
#define STSAFE_ECC_CURVE_P384 STSAFE_A_NIST_P_384
#define STSAFE_ECC_CURVE_BP256 STSAFE_A_BRAINPOOL_P_256
#define STSAFE_ECC_CURVE_BP384 STSAFE_A_BRAINPOOL_P_384
/* Slot mappings */
#define STSAFE_KEY_SLOT_0 STSAFE_A_SLOT_0
#define STSAFE_KEY_SLOT_1 STSAFE_A_SLOT_1
#define STSAFE_KEY_SLOT_EPHEMERAL STSAFE_A_SLOT_EPHEMERAL
/* Return codes - STSAFE_A_OK already defined in SDK */
/* Hash types */
#define STSAFE_HASH_SHA256 STSAFE_A_SHA_256
#define STSAFE_HASH_SHA384 STSAFE_A_SHA_384
#endif /* WOLFSSL_STSAFEA120 */
/* -------------------------------------------------------------------------- */
/* Common Definitions */
/* -------------------------------------------------------------------------- */
#ifndef STSAFE_MAX_KEY_LEN
#define STSAFE_MAX_KEY_LEN ((uint32_t)48) /* for up to 384-bit keys */
#define STSAFE_MAX_KEY_LEN 48 /* for up to 384-bit keys */
#endif
#ifndef STSAFE_MAX_PUBKEY_RAW_LEN
#define STSAFE_MAX_PUBKEY_RAW_LEN ((uint32_t)STSAFE_MAX_KEY_LEN * 2) /* x/y */
#define STSAFE_MAX_PUBKEY_RAW_LEN (STSAFE_MAX_KEY_LEN * 2) /* x/y */
#endif
#ifndef STSAFE_MAX_SIG_LEN
#define STSAFE_MAX_SIG_LEN ((uint32_t)STSAFE_MAX_KEY_LEN * 2) /* r/s */
#define STSAFE_MAX_SIG_LEN (STSAFE_MAX_KEY_LEN * 2) /* r/s */
#endif
/* Default I2C address */
#ifndef STSAFE_I2C_ADDR
#define STSAFE_I2C_ADDR 0x20
#endif
/* Default curve mode (for signing operations) */
#ifndef STSAFE_DEFAULT_CURVE
#define STSAFE_DEFAULT_CURVE STSAFE_ECC_CURVE_P256
#endif
#endif /* !WOLFSSL_STSAFE_INTERFACE_EXTERNAL */
/* -------------------------------------------------------------------------- */
/* Public API Functions */
/* -------------------------------------------------------------------------- */
/* Initialize STSAFE device - called automatically by wolfCrypt_Init() */
WOLFSSL_API int stsafe_interface_init(void);
/* Load device certificate from STSAFE secure storage */
WOLFSSL_API int SSL_STSAFE_LoadDeviceCertificate(byte** pRawCertificate,
word32* pRawCertificateLen);
@@ -94,6 +208,6 @@ WOLFSSL_API int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info,
#endif /* WOLF_CRYPTO_CB */
#endif /* WOLFSSL_STSAFEA100 */
#endif /* WOLFSSL_STSAFE */
#endif /* _WOLFPORT_STSAFE_H_ */
+21 -4
View File
@@ -369,12 +369,22 @@
#warning "No configuration for wolfSSL detected, check header order"
#endif
/* Ensure WOLFSSL_DEBUG_CERTS is always set when DEBUG_WOLFSSL is enabled */
#ifdef DEBUG_WOLFSSL
#undef WOLFSSL_DEBUG_CERTS
/* Ensure WOLFSSL_DEBUG_CERTS is set when DEBUG_WOLFSSL is enabled, unless
* expressly requested otherwise.
*/
#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_NO_DEBUG_CERTS) && \
!defined(WOLFSSL_DEBUG_CERTS)
#define WOLFSSL_DEBUG_CERTS
#endif
/* Ensure WC_VERBOSE_RNG is set when DEBUG_WOLFSSL is enabled, unless expressly
* requested otherwise. Relies on a working WOLFSSL_DEBUG_PRINTF.
*/
#if defined(DEBUG_WOLFSSL) && defined(WOLFSSL_DEBUG_PRINTF) && \
!defined(WC_NO_VERBOSE_RNG) && !defined(WC_VERBOSE_RNG)
#define WC_VERBOSE_RNG
#endif
#include <wolfssl/wolfcrypt/visibility.h>
/*------------------------------------------------------------*/
@@ -2139,6 +2149,12 @@ extern void uITRON4_free(void *p) ;
#endif /* WOLFSSL_MAXQ1065 || WOLFSSL_MAXQ108X */
/* Combined STSAFE macro - enables when either A100 or A120 is defined */
#if defined(WOLFSSL_STSAFEA100) || defined(WOLFSSL_STSAFEA120)
#undef WOLFSSL_STSAFE
#define WOLFSSL_STSAFE
#endif
#if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \
defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
@@ -3333,7 +3349,8 @@ extern void uITRON4_free(void *p) ;
#endif
/* if desktop type system and fastmath increase default max bits */
#if defined(WOLFSSL_X86_64_BUILD) || defined(WOLFSSL_AARCH64_BUILD)
#if defined(WOLFSSL_X86_64_BUILD) || defined(WOLFSSL_AARCH64_BUILD) || \
defined(OPENSSL_EXTRA)
#if defined(USE_FAST_MATH) && !defined(FP_MAX_BITS)
#if MIN_FFDHE_FP_MAX_BITS <= 8192
#define FP_MAX_BITS 8192
+6 -2
View File
@@ -307,8 +307,11 @@ typedef const char wcchar[];
#endif
#if defined(WORD64_AVAILABLE) && !defined(WC_16BIT_CPU)
/* These platforms have 64-bit CPU registers. */
#if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
#if defined(WC_64BIT_CPU)
/* explicitly configured for 64 bit. */
#elif defined(WC_32BIT_CPU)
/* explicitly configured for 32 bit. */
#elif (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
(defined(__mips64) && \
((defined(_ABI64) && (_MIPS_SIM == _ABI64)) || \
(defined(_ABIO64) && (_MIPS_SIM == _ABIO64)))) || \
@@ -317,6 +320,7 @@ typedef const char wcchar[];
(defined(__riscv_xlen) && (__riscv_xlen == 64)) || defined(_M_ARM64) || \
defined(__aarch64__) || defined(__ppc64__) || \
(defined(__DCC__) && (defined(__LP64) || defined(__LP64__)))
/* The above platforms have 64-bit CPU registers. */
#define WC_64BIT_CPU
#elif (defined(sun) || defined(__sun)) && \
(defined(LP64) || defined(_LP64))
+2
View File
@@ -128,7 +128,9 @@ fn scan_cfg() -> Result<()> {
/* blake2 */
check_cfg(&binding, "wc_InitBlake2b", "blake2b");
check_cfg(&binding, "wc_Blake2bHmac", "blake2b_hmac");
check_cfg(&binding, "wc_InitBlake2s", "blake2s");
check_cfg(&binding, "wc_Blake2sHmac", "blake2s_hmac");
/* chacha20_poly1305 */
check_cfg(&binding, "wc_ChaCha20Poly1305_Encrypt", "chacha20_poly1305");
+276 -1
View File
@@ -167,6 +167,144 @@ impl BLAKE2b {
}
}
/// Context for HMAC-BLAKE2b computation.
#[cfg(blake2b_hmac)]
pub struct BLAKE2bHmac {
wc_blake2b: sys::Blake2b,
}
#[cfg(blake2b_hmac)]
impl BLAKE2bHmac {
/// HMAC-BLAKE2b digest size.
pub const DIGEST_SIZE: usize = sys::WC_BLAKE2B_DIGEST_SIZE as usize;
/// Build a new BLAKE2bHmac instance.
///
/// # Parameters
///
/// * `key`: Key to use for HMAC-BLAKE2b computation.
///
/// # Returns
///
/// Returns either Ok(hmac_blake2b) or Err(e) containing the wolfSSL
/// library error code value.
///
/// # Example
///
/// ```rust
/// use wolfssl_wolfcrypt::blake2::BLAKE2bHmac;
/// let key = [42u8, 43, 44];
/// let hmac_blake2b = BLAKE2bHmac::new(&key).expect("Error with new()");
/// ```
pub fn new(key: &[u8]) -> Result<Self, i32> {
let mut wc_blake2b: MaybeUninit<sys::Blake2b> = MaybeUninit::uninit();
let rc = unsafe {
sys::wc_Blake2bHmacInit(wc_blake2b.as_mut_ptr(), key.as_ptr(), key.len())
};
if rc != 0 {
return Err(rc);
}
let wc_blake2b = unsafe { wc_blake2b.assume_init() };
let hmac_blake2b = BLAKE2bHmac { wc_blake2b };
Ok(hmac_blake2b)
}
/// Update the HMAC-BLAKE2b computation with the input data.
///
/// This method may be called several times and then the finalize()
/// method should be called to retrieve the final MAC.
///
/// # Parameters
///
/// * `data`: Input data to hash.
///
/// # Returns
///
/// Returns either Ok(()) on success or Err(e) containing the wolfSSL
/// library error code value.
///
/// # Example
///
/// ```rust
/// use wolfssl_wolfcrypt::blake2::BLAKE2bHmac;
/// let key = [42u8, 43, 44];
/// let mut hmac_blake2b = BLAKE2bHmac::new(&key).expect("Error with new()");
/// let data = [33u8, 34, 35];
/// hmac_blake2b.update(&data).expect("Error with update()");
/// ```
pub fn update(&mut self, data: &[u8]) -> Result<(), i32> {
let rc = unsafe {
sys::wc_Blake2bHmacUpdate(&mut self.wc_blake2b, data.as_ptr(), data.len())
};
if rc != 0 {
return Err(rc);
}
Ok(())
}
/// Compute and retrieve the final HMAC-BLAKE2b MAC.
///
/// # Parameters
///
/// * `key`: Key to use for HMAC-BLAKE2b computation.
/// * `mac`: Output buffer in which to store the computed HMAC-BLAKE2b MAC.
/// It must be 64 bytes long.
///
/// # Returns
///
/// Returns either Ok(()) on success or Err(e) containing the wolfSSL
/// library error code value.
///
/// # Example
///
/// ```rust
/// use wolfssl_wolfcrypt::blake2::BLAKE2bHmac;
/// let key = [42u8, 43, 44];
/// let mut hmac_blake2b = BLAKE2bHmac::new(&key).expect("Error with new()");
/// let data = [33u8, 34, 35];
/// hmac_blake2b.update(&data).expect("Error with update()");
/// let mut mac = [0u8; 64];
/// hmac_blake2b.finalize(&key, &mut mac).expect("Error with finalize()");
/// ```
pub fn finalize(&mut self, key: &[u8], mac: &mut [u8; Self::DIGEST_SIZE]) -> Result<(), i32> {
let rc = unsafe {
sys::wc_Blake2bHmacFinal(&mut self.wc_blake2b,
key.as_ptr(), key.len(), mac.as_mut_ptr(), mac.len())
};
if rc != 0 {
return Err(rc);
}
Ok(())
}
/// Compute the HMAC-BLAKE2b message authentication code of the given
/// input data using the given key (one-shot API).
///
/// # Parameters
///
/// * `data`: Input data to create MAC from.
/// * `key`: Key to use for MAC creation.
/// * `out`: Buffer in which to store the computed MAC. It must be 64 bytes
/// long.
///
/// # Returns
///
/// Returns either Ok(()) on success or Err(e) containing the wolfSSL
/// library error code value.
pub fn hmac(data: &[u8], key: &[u8], out: &mut [u8; Self::DIGEST_SIZE]) -> Result<(), i32> {
let rc = unsafe {
sys::wc_Blake2bHmac(data.as_ptr(), data.len(), key.as_ptr(),
key.len(), out.as_mut_ptr(), out.len())
};
if rc != 0 {
return Err(rc);
}
Ok(())
}
}
/// Context for BLAKE2s computation.
#[cfg(blake2s)]
pub struct BLAKE2s {
@@ -291,7 +429,7 @@ impl BLAKE2s {
/// use wolfssl_wolfcrypt::blake2::BLAKE2s;
/// let mut blake2s = BLAKE2s::new(32).expect("Error with new()");
/// blake2s.update(&[0u8; 16]).expect("Error with update()");
/// let mut hash = [0u8; 64];
/// let mut hash = [0u8; 32];
/// blake2s.finalize(&mut hash).expect("Error with finalize()");
/// ```
pub fn finalize(&mut self, hash: &mut [u8]) -> Result<(), i32> {
@@ -305,3 +443,140 @@ impl BLAKE2s {
Ok(())
}
}
/// Context for HMAC-BLAKE2s computation.
#[cfg(blake2s_hmac)]
pub struct BLAKE2sHmac {
wc_blake2s: sys::Blake2s,
}
#[cfg(blake2s_hmac)]
impl BLAKE2sHmac {
/// HMAC-BLAKE2s digest size.
pub const DIGEST_SIZE: usize = sys::WC_BLAKE2S_DIGEST_SIZE as usize;
/// Build a new BLAKE2sHmac instance.
///
/// # Parameters
///
/// * `key`: Key to use for HMAC-BLAKE2s computation.
///
/// # Returns
///
/// Returns either Ok(hmac_blake2s) or Err(e) containing the wolfSSL
/// library error code value.
///
/// # Example
///
/// ```rust
/// use wolfssl_wolfcrypt::blake2::BLAKE2sHmac;
/// let key = [42u8, 43, 44];
/// let hmac_blake2s = BLAKE2sHmac::new(&key).expect("Error with new()");
/// ```
pub fn new(key: &[u8]) -> Result<Self, i32> {
let mut wc_blake2s: MaybeUninit<sys::Blake2s> = MaybeUninit::uninit();
let rc = unsafe {
sys::wc_Blake2sHmacInit(wc_blake2s.as_mut_ptr(), key.as_ptr(), key.len())
};
if rc != 0 {
return Err(rc);
}
let wc_blake2s = unsafe { wc_blake2s.assume_init() };
let hmac_blake2s = BLAKE2sHmac { wc_blake2s };
Ok(hmac_blake2s)
}
/// Update the HMAC-BLAKE2s computation with the input data.
///
/// This method may be called several times and then the finalize()
/// method should be called to retrieve the final MAC.
///
/// # Parameters
///
/// * `data`: Input data to hash.
///
/// # Returns
///
/// Returns either Ok(()) on success or Err(e) containing the wolfSSL
/// library error code value.
///
/// # Example
///
/// ```rust
/// use wolfssl_wolfcrypt::blake2::BLAKE2sHmac;
/// let key = [42u8, 43, 44];
/// let mut hmac_blake2s = BLAKE2sHmac::new(&key).expect("Error with new()");
/// let data = [33u8, 34, 35];
/// hmac_blake2s.update(&data).expect("Error with update()");
/// ```
pub fn update(&mut self, data: &[u8]) -> Result<(), i32> {
let rc = unsafe {
sys::wc_Blake2sHmacUpdate(&mut self.wc_blake2s, data.as_ptr(), data.len())
};
if rc != 0 {
return Err(rc);
}
Ok(())
}
/// Compute and retrieve the final HMAC-BLAKE2s MAC.
///
/// # Parameters
///
/// * `key`: Key to use for HMAC-BLAKE2s computation.
/// * `mac`: Output buffer in which to store the computed HMAC-BLAKE2s MAC.
/// It must be 32 bytes long.
///
/// # Returns
///
/// Returns either Ok(()) on success or Err(e) containing the wolfSSL
/// library error code value.
///
/// # Example
///
/// ```rust
/// use wolfssl_wolfcrypt::blake2::BLAKE2sHmac;
/// let key = [42u8, 43, 44];
/// let mut hmac_blake2s = BLAKE2sHmac::new(&key).expect("Error with new()");
/// let data = [33u8, 34, 35];
/// hmac_blake2s.update(&data).expect("Error with update()");
/// let mut mac = [0u8; 32];
/// hmac_blake2s.finalize(&key, &mut mac).expect("Error with finalize()");
/// ```
pub fn finalize(&mut self, key: &[u8], mac: &mut [u8; Self::DIGEST_SIZE]) -> Result<(), i32> {
let rc = unsafe {
sys::wc_Blake2sHmacFinal(&mut self.wc_blake2s,
key.as_ptr(), key.len(), mac.as_mut_ptr(), mac.len())
};
if rc != 0 {
return Err(rc);
}
Ok(())
}
/// Compute the HMAC-BLAKE2s message authentication code of the given
/// input data using the given key (one-shot API).
///
/// # Parameters
///
/// * `data`: Input data to create MAC from.
/// * `key`: Key to use for MAC creation.
/// * `out`: Buffer in which to store the computed MAC. It must be 32 bytes
/// long.
///
/// # Returns
///
/// Returns either Ok(()) on success or Err(e) containing the wolfSSL
/// library error code value.
pub fn hmac(data: &[u8], key: &[u8], out: &mut [u8; Self::DIGEST_SIZE]) -> Result<(), i32> {
let rc = unsafe {
sys::wc_Blake2sHmac(data.as_ptr(), data.len(), key.as_ptr(),
key.len(), out.as_mut_ptr(), out.len())
};
if rc != 0 {
return Err(rc);
}
Ok(())
}
}
@@ -50,6 +50,70 @@ fn test_blake2b() {
}
}
#[test]
#[cfg(blake2b_hmac)]
fn test_blake2b_hmac() {
let key1 = [0x41u8, 0x42, 0x43, 0x44];
let message1 = [0x48u8, 0x65, 0x6c, 0x6c, 0x6f];
let expected1 = [
0x46u8, 0x76, 0xbb, 0x0e, 0xf8, 0xa1, 0x56, 0x33,
0xde, 0xdc, 0x44, 0xe3, 0x2b, 0xf3, 0xee, 0x5b,
0x5f, 0x7f, 0x04, 0x00, 0x2c, 0xaa, 0xd4, 0x93,
0xc6, 0xa6, 0xb4, 0xf3, 0x14, 0x8d, 0x6d, 0x9c,
0x6a, 0x12, 0x02, 0x85, 0x66, 0xed, 0x9b, 0x5d,
0x8d, 0x0e, 0x3d, 0xf4, 0x78, 0xee, 0x5a, 0xf6,
0x2f, 0x97, 0xa5, 0x77, 0x88, 0x8c, 0xc4, 0x66,
0x46, 0xb1, 0xba, 0x51, 0x29, 0x19, 0xd7, 0xaa,
];
let key2 = [
0x30u8, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42,
0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33,
0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42,
0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33
];
let message2 = [
0x61u8, 0x62, 0x63, 0x64, 0x62, 0x63, 0x64, 0x65, 0x63, 0x64, 0x65, 0x66,
0x64, 0x65, 0x66, 0x67, 0x65, 0x66, 0x67, 0x68, 0x66, 0x67, 0x68, 0x69,
0x67, 0x68, 0x69, 0x6a, 0x68, 0x69, 0x6a, 0x6b, 0x69, 0x6a, 0x6b, 0x6c,
0x6a, 0x6b, 0x6c, 0x6d, 0x6b, 0x6c, 0x6d, 0x6e, 0x6c, 0x6d, 0x6e, 0x6f,
0x6d, 0x6e, 0x6f, 0x70, 0x6e, 0x6f, 0x70, 0x71
];
let expected2 = [
0x2au8, 0xda, 0xf6, 0x94, 0x79, 0xce, 0xe2, 0xd2,
0x5d, 0x89, 0x8b, 0xd7, 0x0d, 0xbc, 0x11, 0x1f,
0x98, 0x99, 0xe0, 0x17, 0x7c, 0x5b, 0x8f, 0x94,
0xf5, 0x95, 0xbc, 0x1b, 0xb1, 0x95, 0xe8, 0x60,
0xbb, 0x29, 0xa4, 0xd9, 0x27, 0x2e, 0x00, 0xea,
0xba, 0xc3, 0x3e, 0xe6, 0x9c, 0xc7, 0xd7, 0x8d,
0x69, 0xc7, 0xb4, 0xf7, 0x31, 0x4a, 0xb1, 0xf0,
0x3c, 0xed, 0x06, 0x49, 0x6f, 0x46, 0x99, 0xea,
];
let mut out1 = [0u8; 64];
BLAKE2bHmac::hmac(&message1, &key1, &mut out1).expect("Error with hmac()");
assert_eq!(out1, expected1);
let mut out2 = [0u8; 64];
BLAKE2bHmac::hmac(&message2, &key2, &mut out2).expect("Error with hmac()");
assert_eq!(out2, expected2);
let mut hmac_blake2b = BLAKE2bHmac::new(&key1).expect("Error with new()");
hmac_blake2b.update(&message1[0..4]).expect("Error with update()");
hmac_blake2b.update(&message1[4..]).expect("Error with update()");
let mut out1 = [0u8; 64];
hmac_blake2b.finalize(&key1, &mut out1).expect("Error with finalize()");
assert_eq!(out1, expected1);
let mut hmac_blake2b = BLAKE2bHmac::new(&key2).expect("Error with new()");
hmac_blake2b.update(&message2[0..48]).expect("Error with update()");
hmac_blake2b.update(&message2[48..]).expect("Error with update()");
let mut out2 = [0u8; 64];
hmac_blake2b.finalize(&key2, &mut out2).expect("Error with finalize()");
assert_eq!(out2, expected2);
}
#[test]
#[cfg(blake2s)]
fn test_blake2s() {
@@ -86,3 +150,56 @@ fn test_blake2s() {
assert_eq!(hash, *expected_hash);
}
}
#[test]
#[cfg(blake2s_hmac)]
fn test_blake2s_hmac() {
let key1 = [0x41u8, 0x42, 0x43, 0x44];
let message1 = [0x48u8, 0x65, 0x6c, 0x6c, 0x6f];
let expected1 = [
0x96u8, 0xca, 0x1d, 0xaa, 0x9a, 0x33, 0x97, 0x3d,
0xc5, 0x95, 0x3e, 0xce, 0x49, 0x93, 0x75, 0xc1,
0x2a, 0x7c, 0x8f, 0x5b, 0xf0, 0x28, 0xef, 0xc3,
0xfb, 0xc5, 0x97, 0xcd, 0xcc, 0x74, 0x44, 0x68,
];
let key2 = [
0x30u8, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42,
0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33,
];
let message2 = [
0x61u8, 0x62, 0x63, 0x64, 0x62, 0x63, 0x64, 0x65, 0x63, 0x64, 0x65, 0x66,
0x64, 0x65, 0x66, 0x67, 0x65, 0x66, 0x67, 0x68, 0x66, 0x67, 0x68, 0x69,
0x67, 0x68, 0x69, 0x6a, 0x68, 0x69, 0x6a, 0x6b, 0x69, 0x6a, 0x6b, 0x6c,
0x6a, 0x6b, 0x6c, 0x6d, 0x6b, 0x6c, 0x6d, 0x6e, 0x6c, 0x6d, 0x6e, 0x6f,
0x6d, 0x6e, 0x6f, 0x70, 0x6e, 0x6f, 0x70, 0x71
];
let expected2 = [
0xc4u8, 0x63, 0xdb, 0x28, 0x97, 0x60, 0x6a, 0xa7,
0x1e, 0xe6, 0xcf, 0x93, 0x85, 0x3c, 0x90, 0x71,
0xea, 0x76, 0x7f, 0x6a, 0xa7, 0x20, 0x80, 0x35,
0xe1, 0x68, 0x95, 0xfe, 0x65, 0x65, 0x43, 0x76,
];
let mut out1 = [0u8; 32];
BLAKE2sHmac::hmac(&message1, &key1, &mut out1).expect("Error with hmac()");
assert_eq!(out1, expected1);
let mut out2 = [0u8; 32];
BLAKE2sHmac::hmac(&message2, &key2, &mut out2).expect("Error with hmac()");
assert_eq!(out2, expected2);
let mut hmac_blake2s = BLAKE2sHmac::new(&key1).expect("Error with new()");
hmac_blake2s.update(&message1[0..4]).expect("Error with update()");
hmac_blake2s.update(&message1[4..]).expect("Error with update()");
let mut out1 = [0u8; 32];
hmac_blake2s.finalize(&key1, &mut out1).expect("Error with finalize()");
assert_eq!(out1, expected1);
let mut hmac_blake2s = BLAKE2sHmac::new(&key2).expect("Error with new()");
hmac_blake2s.update(&message2[0..48]).expect("Error with update()");
hmac_blake2s.update(&message2[48..]).expect("Error with update()");
let mut out2 = [0u8; 32];
hmac_blake2s.finalize(&key2, &mut out2).expect("Error with finalize()");
assert_eq!(out2, expected2);
}