Merge pull request #10036 from douzzer/20260319-trace-errocde-runtime-control-and-various-fixes

20260319-trace-errcode-runtime-control-and-various-fixes
This commit is contained in:
David Garske
2026-03-21 15:05:39 -07:00
committed by GitHub
13 changed files with 347 additions and 247 deletions
-1
View File
@@ -800,7 +800,6 @@ WOLFSSL_MP_COND_COPY
WOLFSSL_MP_INVMOD_CONSTANT_TIME
WOLFSSL_MULTICIRCULATE_ALTNAMELIST
WOLFSSL_NEW_PRIME_CHECK
WOLFSSL_NONBLOCK_OCSP
WOLFSSL_NOSHA3_384
WOLFSSL_NOT_WINDOWS_API
WOLFSSL_NO_BIO_ADDR_IN
+216 -202
View File
@@ -614,7 +614,7 @@ AS_CASE([$ENABLED_FIPS],
ENABLED_FIPS="yes"
# for dev, DEF_SP_MATH and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
],
[v6],[
[v6|v6-dev],[
FIPS_VERSION="v6"
HAVE_FIPS_VERSION=6
HAVE_FIPS_VERSION_MAJOR=6
@@ -626,7 +626,7 @@ AS_CASE([$ENABLED_FIPS],
],
# Should always remain one ahead of the latest so as not to be confused with
# the latest
[ready|v6-ready],[
[ready],[
FIPS_VERSION="ready"
HAVE_FIPS_VERSION=7
HAVE_FIPS_VERSION_MAJOR=7
@@ -636,7 +636,7 @@ AS_CASE([$ENABLED_FIPS],
DEF_SP_MATH="yes"
DEF_FAST_MATH="no"
],
[dev|v6-dev],[
[dev],[
FIPS_VERSION="dev"
HAVE_FIPS_VERSION_MAJOR=7
HAVE_FIPS_VERSION_MINOR=0
@@ -1710,10 +1710,23 @@ AC_ARG_WITH([liboqs],
# MLKEM
# Used:
# - SHA3, Shake128 and Shake256
#
# Note, setup is later, after FIPS setup.
if test "$enable_shake128" != "no" &&
test "$enable_shake256" != "no" &&
test "$enable_sha3" != "no" &&
(test "$ENABLED_FIPS" = "no" || test "$HAVE_FIPS_VERSION" -ge 7)
then
ENABLED_MLKEM_DEFAULT=yes
else
ENABLED_MLKEM_DEFAULT=no
fi
AC_ARG_ENABLE([mlkem],
[AS_HELP_STRING([--enable-mlkem],[Enable ML-KEM/Kyber (default: enabled)])],
[ ENABLED_MLKEM=$enableval ],
[ ENABLED_MLKEM=yes ]
[ ENABLED_MLKEM=$ENABLED_MLKEM_DEFAULT ]
)
# note, inherits default from "mlkem" clause above.
AC_ARG_ENABLE([kyber],
@@ -1721,178 +1734,18 @@ AC_ARG_ENABLE([kyber],
[ ENABLED_MLKEM=$enableval ]
)
# FIPS traditionally does not support SHAKE 128 and SHAKE 256 (v6 does), so disable
# ML-KEM if FIPS is enabled and version is less than 6
AS_IF([test "x$ENABLED_FIPS" = "xyes" && test $HAVE_FIPS_VERSION -lt 6],[
AC_MSG_NOTICE([Disabling MLKEM because FIPS < 6 does not support required SHAKE])
ENABLED_MLKEM="no"
])
ENABLED_WC_MLKEM=no
ENABLED_ML_KEM=unset
ENABLED_MLKEM_MAKE_KEY=no
ENABLED_MLKEM_ENCAPSULATE=no
ENABLED_MLKEM_DECAPSULATE=no
for v in `echo $ENABLED_MLKEM | tr "," " "`
do
case $v in
yes)
ENABLED_MLKEM512=yes
ENABLED_MLKEM768=yes
ENABLED_MLKEM1024=yes
ENABLED_MLKEM_MAKE_KEY=yes
ENABLED_MLKEM_ENCAPSULATE=yes
ENABLED_MLKEM_DECAPSULATE=yes
;;
all)
ENABLED_MLKEM_MAKE_KEY=yes
ENABLED_MLKEM_ENCAPSULATE=yes
ENABLED_MLKEM_DECAPSULATE=yes
ENABLED_ML_KEM=yes
ENABLED_ORIGINAL=yes
;;
no)
;;
small)
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_SMALL"
;;
no-large-code)
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_NO_LARGE_CODE"
;;
cache-a)
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_CACHE_A"
;;
512)
ENABLED_MLKEM512=yes
;;
768)
ENABLED_MLKEM768=yes
;;
1024)
ENABLED_MLKEM1024=yes
;;
make)
ENABLED_MLKEM_MAKE_KEY=yes
;;
encapsulate|enc)
ENABLED_MLKEM_ENCAPSULATE=yes
;;
decapsulate|dec)
ENABLED_MLKEM_DECAPSULATE=yes
;;
original|kyber)
ENABLED_ORIGINAL=yes
;;
ml-kem)
ENABLED_ML_KEM=yes
;;
noasm)
AM_CFLAGS="$AM_CFLAGS -DWC_MLKEM_NO_ASM"
;;
*)
AC_MSG_ERROR([Invalid choice for MLKEM []: $ENABLED_MLKEM.])
break;;
esac
done
if test "$ENABLED_MLKEM" != "no"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_MLKEM"
# Use liboqs if specified.
if test "$ENABLED_LIBOQS" = "no"; then
ENABLED_WC_MLKEM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WC_MLKEM"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_WC_MLKEM"
fi
if test "$ENABLED_ORIGINAL" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_KYBER"
if test "$ENABLED_MLKEM512" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER512"
fi
if test "$ENABLED_MLKEM768" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER768"
fi
if test "$ENABLED_MLKEM1024" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER1024"
fi
if test "$ENABLED_ML_KEM" = "unset"; then
ENABLED_ML_KEM=no
fi
fi
if test "$ENABLED_ML_KEM" = "unset"; then
ENABLED_ML_KEM=yes
fi
if test "$ENABLED_ML_KEM" = "yes"; then
if test "$ENABLED_MLKEM512" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM_512"
fi
if test "$ENABLED_MLKEM768" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM_768"
fi
if test "$ENABLED_MLKEM1024" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM_1024"
fi
else
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM"
fi
if test "$ENABLED_MLKEM_MAKE_KEY" = "no"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_NO_MAKE_KEY"
fi
if test "$ENABLED_MLKEM_ENCAPSULATE" = "no"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_NO_ENCAPSULATE"
fi
if test "$ENABLED_MLKEM_DECAPSULATE" = "no"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_NO_DECAPSULATE"
fi
if test "$ENABLED_WC_MLKEM" = "yes"
then
test "$enable_sha3" = "" && enable_sha3=yes
test "$enable_shake128" = "" && enable_shake128=yes
test "$enable_shake256" = "" && enable_shake256=yes
fi
fi
AC_ARG_ENABLE([tls-mlkem-standalone],
[AS_HELP_STRING([--enable-tls-mlkem-standalone],[Enable ML-KEM as standalone TLS key exchange (non-hybrid) (default: disabled)])],
[ ENABLED_MLKEM_STANDALONE=$enableval ],
[ ENABLED_MLKEM_STANDALONE=no ]
)
AS_IF([ test "$ENABLED_MLKEM_STANDALONE" = "yes" && test "$ENABLED_ML_KEM" = "no" ],[AC_MSG_ERROR([ML-KEM as standalone TLS key exchange (non-hybrid) requires ML-KEM.])])
if test "$ENABLED_MLKEM_STANDALONE" != "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TLS_NO_MLKEM_STANDALONE"
fi
AC_ARG_ENABLE([pqc-hybrids],
[AS_HELP_STRING([--enable-pqc-hybrids],[Enable PQ/T hybrid combinations (default: enabled)])],
[ ENABLED_PQC_HYBRIDS=$enableval ],
[ ENABLED_PQC_HYBRIDS=yes ]
)
if test "$ENABLED_PQC_HYBRIDS" = "yes"
then
if test "$ENABLED_ML_KEM" = "no" || test "$ENABLED_MLKEM" = "no"
then
ENABLED_PQC_HYBRIDS=no
elif test "$ENABLED_MLKEM768" = "" && test "$ENABLED_MLKEM1024" = ""; then
AC_MSG_NOTICE([PQC hybrid combinations require either ML-KEM 768 or ML-KEM 1024, but both disabled.])
ENABLED_PQC_HYBRIDS=no
else
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PQC_HYBRIDS"
fi
fi
if test "$ENABLED_ML_KEM" != "no" && test "$ENABLED_MLKEM" != "no"
then
if test "$ENABLED_PQC_HYBRIDS" = "no" && test "$ENABLED_MLKEM_STANDALONE" = "no" && test "$ENABLED_CRYPTONLY" = "no"
then
AC_MSG_ERROR([Both hybrid PQ/T and standalone ML-KEM are disabled, so no PQC hybrid combinations will be available.])
fi
fi
# Extra PQ/T Hybrid combinations
AC_ARG_ENABLE([extra-pqc-hybrids],
[AS_HELP_STRING([--enable-extra-pqc-hybrids],[Enable extra PQ/T hybrid combinations (default: disabled)])],
@@ -1900,12 +1753,6 @@ AC_ARG_ENABLE([extra-pqc-hybrids],
[ ENABLED_EXTRA_PQC_HYBRIDS=no ]
)
if test "$ENABLED_EXTRA_PQC_HYBRIDS" = "yes"
then
AS_IF([ test "$ENABLED_EXPERIMENTAL" != "yes" ],[ AC_MSG_ERROR([extra-pqc-hybrids requires --enable-experimental.]) ])
AS_IF([ test "$ENABLED_ML_KEM" = "no" ],[ AC_MSG_ERROR([extra-pqc-hybrids requires ML-KEM.]) ])
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EXTRA_PQC_HYBRIDS"
fi
# Dilithium
# - SHA3, Shake128 and Shake256
@@ -4688,53 +4535,28 @@ then
AM_CFLAGS="$AM_CFLAGS -DWC_SHA3_NO_ASM"
fi
# MLKEM requires SHA-3. Force-enable SHA-3 when MLKEM is enabled.
if test "$ENABLED_MLKEM" != "no"
if test "$ENABLED_SHA3" != "no" &&
(test "$ENABLED_FIPS" = "no" || test "$HAVE_FIPS_VERSION" -ge 6)
then
if test "$ENABLED_SHA3" = "no"
then
AC_MSG_NOTICE([MLKEM enabled (not explicitly disabled); overriding --disable-sha3 to enable SHA-3])
ENABLED_SHA3=yes
enable_sha3=yes
fi
SHAKE_DEFAULT=yes
else
SHAKE_DEFAULT=no
fi
# SHAKE128
AC_ARG_ENABLE([shake128],
[AS_HELP_STRING([--enable-shake128],[Enable wolfSSL SHAKE128 support (default: disabled)])],
[ ENABLED_SHAKE128=$enableval ],
[ ENABLED_SHAKE128=no ]
[ ENABLED_SHAKE128=$SHAKE_DEFAULT ]
)
# MLKEM requires SHAKE128. Force-enable when MLKEM is enabled.
if test "$ENABLED_MLKEM" != "no"
then
if test "$ENABLED_SHAKE128" = "no"
then
AC_MSG_WARN([MLKEM enabled (not explicitly disabled); overriding --disable-shake128 to enable SHAKE128])
ENABLED_SHAKE128=yes
enable_shake128=yes
fi
fi
# SHAKE256
AC_ARG_ENABLE([shake256],
[AS_HELP_STRING([--enable-shake256],[Enable wolfSSL SHAKE256 support (default: disabled)])],
[ ENABLED_SHAKE256=$enableval ],
[ ENABLED_SHAKE256=no ]
[ ENABLED_SHAKE256=$SHAKE_DEFAULT ]
)
# MLKEM requires SHAKE256. Force-enable when MLKEM is enabled.
if test "$ENABLED_MLKEM" != "no"
then
if test "$ENABLED_SHAKE256" = "no"
then
AC_MSG_WARN([MLKEM enabled (not explicitly disabled); overriding --disable-shake256 to enable SHAKE256])
ENABLED_SHAKE256=yes
enable_shake256=yes
fi
fi
# SHA512
AC_ARG_ENABLE([sha512],
[AS_HELP_STRING([--enable-sha512],[Enable wolfSSL SHA-512 support (default: enabled)])],
@@ -6593,6 +6415,10 @@ AS_CASE([$FIPS_VERSION],
(test "$FIPS_VERSION" != "lean-aesgcm-dev" || test "$enable_shake256" != "yes")],
[enable_shake256="no"; ENABLED_SHAKE256="no"])
AS_IF([test "$ENABLED_MLKEM" != "no" &&
(test "$FIPS_VERSION" != "lean-aesgcm-dev" || test "$enable_mlkem" != "yes")],
[enable_mlkem="no"; ENABLED_MLKEM="no"])
AS_IF([test "$ENABLED_MD5" != "no" &&
(test "$FIPS_VERSION" != "lean-aesgcm-dev" || test "$enable_md5" != "yes")],
[enable_md5="no"; ENABLED_MD5="no"; AM_CFLAGS="$AM_CFLAGS -DNO_MD5"])
@@ -6922,6 +6748,194 @@ AS_CASE([$SELFTEST_VERSION],
AM_CFLAGS="$AM_CFLAGS -DHAVE_SELFTEST -DHAVE_PUBLIC_FFDHE"
])
# Set ML-KEM flags
if test "$ENABLED_MLKEM" != "no"
then
if test "$ENABLED_SHA3" = "no"
then
AC_MSG_NOTICE([MLKEM enabled (not explicitly disabled); overriding --disable-sha3 to enable SHA-3])
ENABLED_SHA3=yes
enable_sha3=yes
fi
if test "$ENABLED_SHAKE128" = "no"
then
AC_MSG_WARN([MLKEM enabled (not explicitly disabled); overriding --disable-shake128 to enable SHAKE128])
ENABLED_SHAKE128=yes
enable_shake128=yes
fi
if test "$ENABLED_SHAKE256" = "no"
then
AC_MSG_WARN([MLKEM enabled (not explicitly disabled); overriding --disable-shake256 to enable SHAKE256])
ENABLED_SHAKE256=yes
enable_shake256=yes
fi
fi
ENABLED_WC_MLKEM=no
ENABLED_ML_KEM=unset
ENABLED_MLKEM_MAKE_KEY=no
ENABLED_MLKEM_ENCAPSULATE=no
ENABLED_MLKEM_DECAPSULATE=no
for v in `echo $ENABLED_MLKEM | tr "," " "`
do
case $v in
yes)
ENABLED_MLKEM512=yes
ENABLED_MLKEM768=yes
ENABLED_MLKEM1024=yes
ENABLED_MLKEM_MAKE_KEY=yes
ENABLED_MLKEM_ENCAPSULATE=yes
ENABLED_MLKEM_DECAPSULATE=yes
;;
all)
ENABLED_MLKEM_MAKE_KEY=yes
ENABLED_MLKEM_ENCAPSULATE=yes
ENABLED_MLKEM_DECAPSULATE=yes
ENABLED_ML_KEM=yes
ENABLED_ORIGINAL=yes
;;
no)
;;
small)
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_SMALL"
;;
no-large-code)
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_NO_LARGE_CODE"
;;
cache-a)
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_CACHE_A"
;;
512)
ENABLED_MLKEM512=yes
;;
768)
ENABLED_MLKEM768=yes
;;
1024)
ENABLED_MLKEM1024=yes
;;
make)
ENABLED_MLKEM_MAKE_KEY=yes
;;
encapsulate|enc)
ENABLED_MLKEM_ENCAPSULATE=yes
;;
decapsulate|dec)
ENABLED_MLKEM_DECAPSULATE=yes
;;
original|kyber)
ENABLED_ORIGINAL=yes
;;
ml-kem)
ENABLED_ML_KEM=yes
;;
noasm)
AM_CFLAGS="$AM_CFLAGS -DWC_MLKEM_NO_ASM"
;;
*)
AC_MSG_ERROR([Invalid choice for MLKEM []: $ENABLED_MLKEM.])
break;;
esac
done
if test "$ENABLED_MLKEM" != "no"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_MLKEM"
# Use liboqs if specified.
if test "$ENABLED_LIBOQS" = "no"; then
ENABLED_WC_MLKEM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WC_MLKEM"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_WC_MLKEM"
fi
if test "$ENABLED_ORIGINAL" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_KYBER"
if test "$ENABLED_MLKEM512" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER512"
fi
if test "$ENABLED_MLKEM768" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER768"
fi
if test "$ENABLED_MLKEM1024" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER1024"
fi
if test "$ENABLED_ML_KEM" = "unset"; then
ENABLED_ML_KEM=no
fi
fi
if test "$ENABLED_ML_KEM" = "unset"; then
ENABLED_ML_KEM=yes
fi
if test "$ENABLED_ML_KEM" = "yes"; then
if test "$ENABLED_MLKEM512" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM_512"
fi
if test "$ENABLED_MLKEM768" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM_768"
fi
if test "$ENABLED_MLKEM1024" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM_1024"
fi
else
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM"
fi
if test "$ENABLED_MLKEM_MAKE_KEY" = "no"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_NO_MAKE_KEY"
fi
if test "$ENABLED_MLKEM_ENCAPSULATE" = "no"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_NO_ENCAPSULATE"
fi
if test "$ENABLED_MLKEM_DECAPSULATE" = "no"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLKEM_NO_DECAPSULATE"
fi
if test "$ENABLED_WC_MLKEM" = "yes"
then
test "$enable_sha3" = "" && enable_sha3=yes
test "$enable_shake128" = "" && enable_shake128=yes
test "$enable_shake256" = "" && enable_shake256=yes
fi
fi
AS_IF([ test "$ENABLED_MLKEM_STANDALONE" = "yes" && test "$ENABLED_ML_KEM" = "no" ],[AC_MSG_ERROR([ML-KEM as standalone TLS key exchange (non-hybrid) requires ML-KEM.])])
if test "$ENABLED_MLKEM_STANDALONE" != "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TLS_NO_MLKEM_STANDALONE"
fi
if test "$ENABLED_PQC_HYBRIDS" = "yes"
then
if test "$ENABLED_ML_KEM" = "no" || test "$ENABLED_MLKEM" = "no"
then
ENABLED_PQC_HYBRIDS=no
elif test "$ENABLED_MLKEM768" = "" && test "$ENABLED_MLKEM1024" = ""; then
AC_MSG_NOTICE([PQC hybrid combinations require either ML-KEM 768 or ML-KEM 1024, but both disabled.])
ENABLED_PQC_HYBRIDS=no
else
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PQC_HYBRIDS"
fi
fi
if test "$ENABLED_ML_KEM" != "no" && test "$ENABLED_MLKEM" != "no"
then
if test "$ENABLED_PQC_HYBRIDS" = "no" && test "$ENABLED_MLKEM_STANDALONE" = "no" && test "$ENABLED_CRYPTONLY" = "no"
then
AC_MSG_ERROR([Both hybrid PQ/T and standalone ML-KEM are disabled, so no PQC hybrid combinations will be available.])
fi
fi
if test "$ENABLED_EXTRA_PQC_HYBRIDS" = "yes"
then
AS_IF([ test "$ENABLED_EXPERIMENTAL" != "yes" ],[ AC_MSG_ERROR([extra-pqc-hybrids requires --enable-experimental.]) ])
AS_IF([ test "$ENABLED_ML_KEM" = "no" ],[ AC_MSG_ERROR([extra-pqc-hybrids requires ML-KEM.]) ])
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EXTRA_PQC_HYBRIDS"
fi
AS_IF([test "x$ENABLED_AESXTS" = "xyes"],
[AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_XTS -DWOLFSSL_AES_DIRECT"])
AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_INTELASM" = "xyes"],
+13 -13
View File
@@ -490,8 +490,8 @@ static int km_AesSetKeyCommon(struct km_AesCtx * ctx, const u8 *in_key,
err = wc_AesSetKey(ctx->aes_encrypt, in_key, key_len, NULL, AES_ENCRYPTION);
if (unlikely(err)) {
if (! disable_setkey_warnings)
pr_err("%s: wc_AesSetKey for encryption key failed: %d\n", name, err);
if ((! disable_setkey_warnings) && ((key_len == 16) || (key_len == 24) || (key_len == 32)))
pr_err("%s: wc_AesSetKey for encryption key (len %u) failed: %d\n", name, key_len, err);
return -EINVAL;
}
@@ -500,9 +500,9 @@ static int km_AesSetKeyCommon(struct km_AesCtx * ctx, const u8 *in_key,
AES_DECRYPTION);
if (unlikely(err)) {
if (! disable_setkey_warnings)
pr_err("%s: wc_AesSetKey for decryption key failed: %d\n",
name, err);
if ((! disable_setkey_warnings) && ((key_len == 16) || (key_len == 24) || (key_len == 32)))
pr_err("%s: wc_AesSetKey for decryption key (len %u) failed: %d\n",
name, key_len, err);
return -EINVAL;
}
}
@@ -515,7 +515,7 @@ static int km_AesSetKeyCommon(struct km_AesCtx * ctx, const u8 *in_key,
err = wc_AesSetKey(ctx->aes_encrypt_C, in_key, key_len, NULL, AES_ENCRYPTION);
if (unlikely(err)) {
if (! disable_setkey_warnings)
if ((! disable_setkey_warnings) && ((key_len == 16) || (key_len == 24) || (key_len == 32)))
pr_err("%s: wc_AesSetKey for encryption key failed: %d\n", name, err);
return -EINVAL;
}
@@ -532,7 +532,7 @@ static int km_AesSetKeyCommon(struct km_AesCtx * ctx, const u8 *in_key,
AES_DECRYPTION);
if (unlikely(err)) {
if (! disable_setkey_warnings)
if ((! disable_setkey_warnings) && ((key_len == 16) || (key_len == 24) || (key_len == 32)))
pr_err("%s: wc_AesSetKey for decryption key failed: %d\n",
name, err);
return -EINVAL;
@@ -666,7 +666,7 @@ static int km_AesCbcDecrypt(struct skcipher_request *req)
if (unlikely(err)) {
if (! disable_setkey_warnings)
pr_err("%s: wc_AesSetKey failed: %d\n",
pr_err("%s: wc_AesSetIV failed: %d\n",
crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm)), err);
err = -EINVAL;
goto out;
@@ -929,7 +929,7 @@ static int km_AesGcmSetKey(struct crypto_aead *tfm, const u8 *in_key,
err = wc_AesGcmSetKey(ctx->aes_encrypt, in_key, key_len);
if (unlikely(err)) {
if (! disable_setkey_warnings)
if ((! disable_setkey_warnings) && ((key_len == 16) || (key_len == 24) || (key_len == 32)))
pr_err("%s: wc_AesGcmSetKey failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
return -EINVAL;
@@ -942,7 +942,7 @@ static int km_AesGcmSetKey(struct crypto_aead *tfm, const u8 *in_key,
err = wc_AesGcmSetKey(ctx->aes_encrypt_C, in_key, key_len);
if (unlikely(err)) {
if (! disable_setkey_warnings)
if ((! disable_setkey_warnings) && ((key_len == 16) || (key_len == 24) || (key_len == 32)))
pr_err("%s: wc_AesGcmSetKey failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
return -EINVAL;
@@ -977,7 +977,7 @@ static int km_AesGcmSetKey_Rfc4106(struct crypto_aead *tfm, const u8 *in_key,
err = wc_AesGcmSetKey(ctx->aes_encrypt, in_key, key_len);
if (unlikely(err)) {
if (! disable_setkey_warnings)
if ((! disable_setkey_warnings) && ((key_len == 16) || (key_len == 24) || (key_len == 32)))
pr_err("%s: wc_AesGcmSetKey failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
return -EINVAL;
@@ -990,7 +990,7 @@ static int km_AesGcmSetKey_Rfc4106(struct crypto_aead *tfm, const u8 *in_key,
err = wc_AesGcmSetKey(ctx->aes_encrypt_C, in_key, key_len);
if (unlikely(err)) {
if (! disable_setkey_warnings)
if ((! disable_setkey_warnings) && ((key_len == 16) || (key_len == 24) || (key_len == 32)))
pr_err("%s: wc_AesGcmSetKey failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
return -EINVAL;
@@ -1612,7 +1612,7 @@ static int km_AesXtsSetKey(struct crypto_skcipher *tfm, const u8 *in_key,
AES_ENCRYPTION_AND_DECRYPTION);
if (unlikely(err)) {
if (! disable_setkey_warnings)
if ((! disable_setkey_warnings) && ((key_len == 16) || (key_len == 24) || (key_len == 32)))
pr_err("%s: wc_AesXtsSetKeyNoInit failed: %d\n",
crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm)), err);
return -EINVAL;
+5 -5
View File
@@ -11839,15 +11839,15 @@ int wolfSSL_ERR_GET_REASON(unsigned long err)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
/* Nginx looks for this error to know to stop parsing certificates.
* Same for HAProxy. */
if (err == ((ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE) ||
((err & 0xFFFFFFL) == -WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)) ||
((err & 0xFFFL) == PEM_R_NO_START_LINE ))
if ((err == (unsigned long)((ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE)) ||
((err & 0xFFFFFFL) == (unsigned long)(-WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER))) ||
((err & 0xFFFL) == (unsigned long)PEM_R_NO_START_LINE))
return PEM_R_NO_START_LINE;
if (err == ((ERR_LIB_SSL << 24) | -SSL_R_HTTP_REQUEST))
if (err == (unsigned long)((ERR_LIB_SSL << 24) | -SSL_R_HTTP_REQUEST))
return SSL_R_HTTP_REQUEST;
#endif
#if defined(OPENSSL_ALL) && defined(WOLFSSL_PYTHON)
if (err == ((ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG))
if (err == (unsigned long)((ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG))
return ASN1_R_HEADER_TOO_LONG;
#endif
+39 -8
View File
@@ -1822,12 +1822,38 @@ void WOLFSSL_ERROR_MSG(const char* msg)
#endif /* DEBUG_WOLFSSL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES
#ifndef WOLFSSL_DEBUG_TRACE_ERROR_CODES_INIT_STATE
#define WOLFSSL_DEBUG_TRACE_ERROR_CODES_INIT_STATE 1
#endif
#ifdef WOLFSSL_ATOMIC_OPS
static wolfSSL_Atomic_Int wc_debug_trace_error_codes_state =
WOLFSSL_ATOMIC_INITIALIZER(WOLFSSL_DEBUG_TRACE_ERROR_CODES_INIT_STATE);
#else
static int wc_debug_trace_error_codes_state =
WOLFSSL_DEBUG_TRACE_ERROR_CODES_INIT_STATE;
#endif
int wc_debug_trace_error_codes_enabled(void) {
return WOLFSSL_ATOMIC_LOAD(wc_debug_trace_error_codes_state);
}
int wc_debug_trace_error_codes_set(int state) {
return wolfSSL_Atomic_Int_Exchange(&wc_debug_trace_error_codes_state,
state);
}
#endif /* WOLFSSL_DEBUG_TRACE_ERROR_CODES */
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
#ifdef WOLFSSL_LINUXKM
void wc_backtrace_render(void) {
int wc_backtrace_render(void) {
dump_stack();
return 0;
}
#else /* !WOLFSSL_LINUXKM */
@@ -1900,11 +1926,12 @@ static int backtrace_init(struct backtrace_state **backtrace_state) {
return 0;
}
void wc_backtrace_render(void) {
int wc_backtrace_render(void) {
static wolfSSL_Mutex backtrace_mutex
WOLFSSL_MUTEX_INITIALIZER_CLAUSE(backtrace_mutex);
static struct backtrace_state *backtrace_state = NULL;
int depth = 0;
int ret;
#ifndef WOLFSSL_MUTEX_INITIALIZER
static wolfSSL_Atomic_Int init_count = 0;
@@ -1912,10 +1939,11 @@ void wc_backtrace_render(void) {
int cur_init_count = wolfSSL_Atomic_Int_FetchSub(&init_count, 1);
if (cur_init_count != 0) {
(void)wolfSSL_Atomic_Int_FetchAdd(&init_count, 1);
return;
return DEADLOCK_AVERTED_E;
}
if (wc_InitMutex(&backtrace_mutex) != 0)
return;
ret = wc_InitMutex(&backtrace_mutex);
if (ret != 0)
return ret;
/* set init_count to 1, race-free: (-1) - (0-2) = 1 */
(void)wolfSSL_Atomic_Int_FetchSub(&init_count, cur_init_count - 2);
}
@@ -1925,13 +1953,14 @@ void wc_backtrace_render(void) {
* BACKTRACE_SUPPORTS_THREADS == 1, so we serialize the render op. this
* helpfully mutexes the initialization too.
*/
if (wc_LockMutex(&backtrace_mutex) != 0)
return;
ret = wc_LockMutex(&backtrace_mutex);
if (ret != 0)
return ret;
if (backtrace_state == NULL) {
if (backtrace_init(&backtrace_state) < 0) {
wc_UnLockMutex(&backtrace_mutex);
return;
return BAD_STATE_E;
}
}
@@ -1943,6 +1972,8 @@ void wc_backtrace_render(void) {
(void *)&depth);
wc_UnLockMutex(&backtrace_mutex);
return 0;
}
#endif /* !WOLFSSL_LINUXKM */
+8 -2
View File
@@ -157,8 +157,14 @@ void print_data(const char* name, const byte* d, int len)
/******************************************************************************/
/* Declare variable to make compiler not optimize code in mlkem_from_msg(). */
volatile sword16 mlkem_opt_blocker = 0;
/* Helper function with volatile variable, to force compiler not to optimize
* code in mlkem_from_msg().
*/
sword16 wc_mlkem_opt_blocker(void);
sword16 wc_mlkem_opt_blocker(void) {
static volatile sword16 static_mlkem_opt_blocker = 0;
return static_mlkem_opt_blocker;
}
/******************************************************************************/
+5 -5
View File
@@ -99,7 +99,7 @@ static int mlkem_get_noise_eta2_c(MLKEM_PRF_T* prf, sword16* p,
#endif
/* Declared in wc_mlkem.c to stop compiler optimizer from simplifying. */
extern volatile sword16 mlkem_opt_blocker;
extern sword16 wc_mlkem_opt_blocker(void);
#if defined(USE_INTEL_SPEEDUP) || (defined(__aarch64__) && \
defined(WOLFSSL_ARMASM))
@@ -126,7 +126,7 @@ static cpuid_flags_t cpuid_flags = WC_CPUID_INITIALIZER;
* f is the normalizer = 2^k % m.
* 16-bit value cast to sword32 in use.
*/
#define MLKEM_F ((1ULL << 32) % MLKEM_Q)
#define MLKEM_F (((word64)1 << 32) % MLKEM_Q)
/* Number of bytes in an output block of SHA-3-128 */
#define SHA3_128_BYTES (WC_SHA3_128_COUNT * 8)
@@ -5758,8 +5758,8 @@ void mlkem_decompress_5(sword16* p, const byte* b)
/* Convert bit from byte to 0 or (MLKEM_Q + 1) / 2.
*
* Constant time implementation.
* XOR in mlkem_opt_blocker to ensure optimizer doesn't know what will be ANDed
* with MLKEM_Q_1_HALF and can't optimize to non-constant time code.
* XOR in wc_mlkem_opt_blocker() to ensure optimizer doesn't know what will be
* ANDed with MLKEM_Q_1_HALF and can't optimize to non-constant time code.
*
* FIPS 203, Algorithm 6: ByteDecode_d(B)
*
@@ -5770,7 +5770,7 @@ void mlkem_decompress_5(sword16* p, const byte* b)
*/
#define FROM_MSG_BIT(p, msg, i, j) \
((p)[8 * (i) + (j)] = (((sword16)0 - (sword16)(((msg)[i] >> (j)) & 1)) ^ \
mlkem_opt_blocker) & MLKEM_Q_1_HALF)
wc_mlkem_opt_blocker()) & MLKEM_Q_1_HALF)
/* Convert message to polynomial.
*
+21
View File
@@ -1432,6 +1432,11 @@ unsigned int wolfSSL_Atomic_Uint_SubFetch(wolfSSL_Atomic_Uint* c,
return val - i;
}
int wolfSSL_Atomic_Int_Exchange(wolfSSL_Atomic_Int* c, int new_i)
{
return atomic_swap_int(c, new_i);
}
int wolfSSL_Atomic_Int_CompareExchange(wolfSSL_Atomic_Int* c, int *expected_i,
int new_i)
{
@@ -1495,6 +1500,11 @@ int wolfSSL_Atomic_Int_SubFetch(wolfSSL_Atomic_Int* c, int i)
return ret - i;
}
int wolfSSL_Atomic_Int_Exchange(wolfSSL_Atomic_Int* c, int new_i)
{
return atomic_exchange_explicit(c, new_i, memory_order_seq_cst);
}
int wolfSSL_Atomic_Int_CompareExchange(
wolfSSL_Atomic_Int* c, int *expected_i, int new_i)
{
@@ -1600,6 +1610,11 @@ int wolfSSL_Atomic_Int_SubFetch(wolfSSL_Atomic_Int* c, int i)
return __atomic_sub_fetch(c, i, __ATOMIC_RELAXED);
}
int wolfSSL_Atomic_Int_Exchange(wolfSSL_Atomic_Int* c, int new_i)
{
return __atomic_exchange_n(c, new_i, __ATOMIC_SEQ_CST);
}
int wolfSSL_Atomic_Int_CompareExchange(wolfSSL_Atomic_Int* c, int *expected_i,
int new_i)
{
@@ -1692,6 +1707,12 @@ int wolfSSL_Atomic_Int_SubFetch(wolfSSL_Atomic_Int* c, int i)
return ret - i;
}
int wolfSSL_Atomic_Int_Exchange(wolfSSL_Atomic_Int* c, int new_i)
{
long actual_i = InterlockedExchange(c, (long)new_i);
return (int)actual_i;
}
int wolfSSL_Atomic_Int_CompareExchange(wolfSSL_Atomic_Int* c, int *expected_i,
int new_i)
{
+24 -9
View File
@@ -344,23 +344,38 @@ WOLFSSL_ABI WOLFSSL_API const char* wc_GetErrorString(int error);
#if defined(WOLFSSL_DEBUG_TRACE_ERROR_CODES) && \
(defined(BUILDING_WOLFSSL) || \
defined(WOLFSSL_DEBUG_TRACE_ERROR_CODES_ALWAYS))
WOLFSSL_API extern void wc_backtrace_render(void);
WOLFSSL_API extern int wc_backtrace_render(void);
#define WC_NO_ERR_TRACE(label) (CONST_NUM_ERR_ ## label)
#ifndef WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
#define WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE wc_backtrace_render()
#else
#define WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE (void)0
#define WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE 0
#endif
#endif
#ifndef WC_ERR_TRACE
#define WC_ERR_TRACE(label) \
( WOLFSSL_DEBUG_PRINTF_FN(WOLFSSL_DEBUG_PRINTF_FIRST_ARGS \
"ERR TRACE: %s L %d %s (%d)\n", \
__FILE__, __LINE__, #label, label), \
WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE, \
label \
)
#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
#define WC_ERR_TRACE(label) \
({ if (wc_debug_trace_error_codes_enabled()) { \
(void)WOLFSSL_DEBUG_PRINTF_FN( \
WOLFSSL_DEBUG_PRINTF_FIRST_ARGS \
"ERR TRACE: %s L %d %s (%d)\n", \
__FILE__, __LINE__, #label, label); \
(void)WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE; } \
(label); \
})
#else /* ! __GNUC__ || __STRICT_ANSI__ */
#define WC_ERR_TRACE(label) \
((void)(wc_debug_trace_error_codes_enabled() && \
WOLFSSL_DEBUG_PRINTF_FN( \
WOLFSSL_DEBUG_PRINTF_FIRST_ARGS \
"ERR TRACE: %s L %d %s (%d)\n", \
__FILE__, __LINE__, #label, label)), \
(void)(wc_debug_trace_error_codes_enabled() && \
WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE), \
(label) \
)
#endif /* ! __GNUC__ || __STRICT_ANSI__ */
#endif
#include <wolfssl/debug-trace-error-codes.h>
#else
+5
View File
@@ -579,6 +579,11 @@ WOLFSSL_API void wolfSSL_SetLoggingPrefix(const char* prefix);
#error "Failed: Cannot WOLFSSL_DEBUG_CERTS with WOLFSSL_DEBUG_ERRORS_ONLY"
#endif
#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES
WOLFSSL_API int wc_debug_trace_error_codes_enabled(void);
WOLFSSL_API int wc_debug_trace_error_codes_set(int state);
#endif
#ifdef __cplusplus
}
#endif
+1 -1
View File
@@ -301,7 +301,7 @@ enum {
WC_ML_KEM_ENC_RAND_SZ = WC_ML_KEM_SYM_SZ,
/* Encoded polynomial size. */
WC_ML_KEM_POLY_SIZE = 384,
WC_ML_KEM_POLY_SIZE = 384
};
+1 -1
View File
@@ -63,7 +63,7 @@ enum {
MLKEM_COMP_4BITS = 4,
MLKEM_COMP_5BITS = 5,
MLKEM_COMP_10BITS = 10,
MLKEM_COMP_11BITS = 11,
MLKEM_COMP_11BITS = 11
};
+9
View File
@@ -613,6 +613,8 @@
WOLFSSL_API int wolfSSL_Atomic_Int_FetchSub(wolfSSL_Atomic_Int* c, int i);
WOLFSSL_API int wolfSSL_Atomic_Int_AddFetch(wolfSSL_Atomic_Int* c, int i);
WOLFSSL_API int wolfSSL_Atomic_Int_SubFetch(wolfSSL_Atomic_Int* c, int i);
WOLFSSL_API int wolfSSL_Atomic_Int_Exchange(
wolfSSL_Atomic_Int* c, int new_i);
WOLFSSL_API int wolfSSL_Atomic_Int_CompareExchange(
wolfSSL_Atomic_Int* c, int *expected_i, int new_i);
WOLFSSL_API unsigned int wolfSSL_Atomic_Uint_FetchAdd(
@@ -652,6 +654,13 @@
static WC_INLINE int wolfSSL_Atomic_Int_SubFetch(int *c, int i) {
return (*c -= i);
}
static WC_INLINE int wolfSSL_Atomic_Int_Exchange(
int *c, int new_i)
{
int ret = *c;
*c = new_i;
return ret;
}
static WC_INLINE int wolfSSL_Atomic_Int_CompareExchange(
int *c, int *expected_i, int new_i)
{