wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 20:54:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5329 from douzzer/20220706-fips-and-aarch64-fixes

Browse Source 
20220706-fips-and-aarch64-fixes
This commit is contained in:
David Garske
2022-07-06 18:39:38 -07:00
committed by GitHub
parent cb6fa921a4 82b1dc0cd0
commit 644050a736
6 changed files with 27 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
configure.ac
View File

@@ -2879,10 +2879,6 @@ if test "$ENABLED_WPAS" = "yes"
then then
ENABLED_COMPKEY=yes ENABLED_COMPKEY=yes
fi fi
if test "$ENABLED_COMPKEY" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_COMP_KEY"
fi
# for using memory optimization setting on both curve25519 and ed25519 # for using memory optimization setting on both curve25519 and ed25519
@@ -3947,6 +3943,9 @@ AS_CASE([$FIPS_VERSION],
AS_IF([test "$ENABLED_KEYGEN" != "yes" && (test "$FIPS_VERSION" != "v5-dev" || test "$enable_keygen" != "no")], AS_IF([test "$ENABLED_KEYGEN" != "yes" && (test "$FIPS_VERSION" != "v5-dev" || test "$enable_keygen" != "no")],
[ENABLED_KEYGEN="yes"; AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"]) [ENABLED_KEYGEN="yes"; AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"])
AS_IF([test "$ENABLED_COMPKEY" = "yes" && (test "$FIPS_VERSION" != "v5-dev" || test "$enable_compkey" != "yes")],
[ENABLED_COMPKEY="no"])
AS_IF([test "$ENABLED_SHA224" != "yes" && (test "$FIPS_VERSION" != "v5-dev" || test "$enable_sha224" != "no")], AS_IF([test "$ENABLED_SHA224" != "yes" && (test "$FIPS_VERSION" != "v5-dev" || test "$enable_sha224" != "no")],
[ENABLED_SHA224="yes"; AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA224"]) [ENABLED_SHA224="yes"; AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA224"])
@@ -7701,8 +7700,13 @@ if test "x$ENABLED_SECURE_RENEGOTIATION_INFO" = "xyes"; then
fi fi
if test "$ENABLED_COMPKEY" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_COMP_KEY"
fi
# Depricated Algorithm Handling
# Deprecated Algorithm Handling
if test "$ENABLED_ARC4" = "yes" if test "$ENABLED_ARC4" = "yes"
then then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALLOW_RC4" AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALLOW_RC4"

1
examples/client/client.c
View File

@@ -2952,7 +2952,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
break; break;
#else #else
err_sys("invalid minimum downgrade version"); err_sys("invalid minimum downgrade version");
break;
#endif /* WOLFSSL_DTLS13 */ #endif /* WOLFSSL_DTLS13 */
case 3: case 3:
minVersion = WOLFSSL_DTLSV1_2; minVersion = WOLFSSL_DTLSV1_2;

12
src/include.am
View File

@@ -170,8 +170,7 @@ src_libwolfssl_la_SOURCES += \
src_libwolfssl_la_SOURCES += \ src_libwolfssl_la_SOURCES += \
wolfcrypt/src/hmac.c \ wolfcrypt/src/hmac.c \
wolfcrypt/src/random.c \ wolfcrypt/src/random.c
wolfcrypt/src/sha256.c
src_libwolfssl_la_SOURCES += wolfcrypt/src/kdf.c src_libwolfssl_la_SOURCES += wolfcrypt/src/kdf.c
@@ -201,13 +200,14 @@ endif
if BUILD_ARMASM if BUILD_ARMASM
src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
endif else
src_libwolfssl_la_SOURCES += wolfcrypt/src/sha256.c
if BUILD_INTELASM if BUILD_INTELASM
src_libwolfssl_la_SOURCES += wolfcrypt/src/sha256_asm.S src_libwolfssl_la_SOURCES += wolfcrypt/src/sha256_asm.S
endif endif
endif
if BUILD_SHA512 if BUILD_SHA512
src_libwolfssl_la_SOURCES += wolfcrypt/src/sha512.c
if BUILD_ARMASM if BUILD_ARMASM
src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c
if BUILD_ARMASM_INLINE if BUILD_ARMASM_INLINE
@@ -217,11 +217,13 @@ else
src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512-asm.S src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512-asm.S
src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm.S src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
endif endif
endif else
src_libwolfssl_la_SOURCES += wolfcrypt/src/sha512.c
if BUILD_INTELASM if BUILD_INTELASM
src_libwolfssl_la_SOURCES += wolfcrypt/src/sha512_asm.S src_libwolfssl_la_SOURCES += wolfcrypt/src/sha512_asm.S
endif endif
endif endif
endif
if BUILD_SHA3 if BUILD_SHA3
src_libwolfssl_la_SOURCES += wolfcrypt/src/sha3.c src_libwolfssl_la_SOURCES += wolfcrypt/src/sha3.c

7
tests/api.c
View File

@@ -24715,7 +24715,12 @@ static int test_wc_ecc_export_x963_ex (void)
if (ret == BAD_FUNC_ARG) { if (ret == BAD_FUNC_ARG) {
ret = wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP); ret = wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP);
} }
if (ret == LENGTH_ONLY_E) { #if defined(HAVE_FIPS) && (!defined(FIPS_VERSION_LT) || FIPS_VERSION_LT(5,3))
if (ret == BUFFER_E)
#else
if (ret == LENGTH_ONLY_E)
#endif
{
key.idx = -4; key.idx = -4;
ret = wc_ecc_export_x963_ex(&key, out, &outlen, COMP); ret = wc_ecc_export_x963_ex(&key, out, &outlen, COMP);
} }

2
wolfcrypt/src/asn.c
View File

@@ -28276,8 +28276,8 @@ int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s)
ret = ASN_ECC_KEY_E; ret = ASN_ECC_KEY_E;
} }
return ret;
#endif #endif
return ret;
#endif /* WOLFSSL_ASN_TEMPLATE */ #endif /* WOLFSSL_ASN_TEMPLATE */
} }
#endif #endif

4
wolfcrypt/src/port/arm/armv8-sha512.c
View File

@@ -797,6 +797,8 @@ void wc_Sha384Free(wc_Sha384* sha384)
#ifdef WOLFSSL_SHA512 #ifdef WOLFSSL_SHA512
#if !defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256)
static int Sha512_Family_GetHash(wc_Sha512* sha512, byte* hash, static int Sha512_Family_GetHash(wc_Sha512* sha512, byte* hash,
enum wc_HashType type ) enum wc_HashType type )
{ {
@@ -833,6 +835,8 @@ static int Sha512_Family_GetHash(wc_Sha512* sha512, byte* hash,
return ret; return ret;
} }
#endif /* !WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256 */
int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash) int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash)
{ {
int ret; int ret;