diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 17da9d652..8a46dd1fc 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -4570,6 +4570,19 @@ int wc_AesSetIV(Aes* aes, const byte* iv) return 0; } + int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len, + const byte* iv, int dir) + { + if (aes == NULL) { + return BAD_FUNC_ARG; + } + if (len > sizeof(aes->key)) { + return BAD_FUNC_ARG; + } + + return wc_AesSetKeyLocal(aes, key, len, iv, dir, 0); + } + #endif /* NEED_AES_CTR_SOFT */ #endif /* WOLFSSL_AES_COUNTER */ diff --git a/wolfcrypt/src/dh.c b/wolfcrypt/src/dh.c index 8adcb9c9c..086fc048d 100644 --- a/wolfcrypt/src/dh.c +++ b/wolfcrypt/src/dh.c @@ -1352,7 +1352,7 @@ static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz, *pubSz = (word32)mp_unsigned_bin_size(y); mp_clear(y); - mp_clear(x); + mp_forcezero(x); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) XFREE(y, key->heap, DYNAMIC_TYPE_DH); XFREE(x, key->heap, DYNAMIC_TYPE_DH); diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index ee9352bc2..83e693b25 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -1173,6 +1173,8 @@ void wc_HmacFree(Hmac* hmac) default: break; } + + ForceZero(hmac, sizeof(*hmac)); } #endif /* WOLFSSL_KCAPI_HMAC */ diff --git a/wolfcrypt/src/port/arm/armv8-aes.c b/wolfcrypt/src/port/arm/armv8-aes.c index fa07d4372..544b3a619 100644 --- a/wolfcrypt/src/port/arm/armv8-aes.c +++ b/wolfcrypt/src/port/arm/armv8-aes.c @@ -1452,6 +1452,13 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) return 0; } +int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len, + const byte* iv, int dir) +{ + (void)dir; + return wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION); +} + #endif /* WOLFSSL_AES_COUNTER */ #ifdef HAVE_AESGCM @@ -4212,6 +4219,13 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) return 0; } +int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len, + const byte* iv, int dir) +{ + (void)dir; + return wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION); +} + #endif /* WOLFSSL_AES_COUNTER */ #ifdef HAVE_AESGCM @@ -5719,6 +5733,13 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) } return 0; } + +int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len, + const byte* iv, int dir) +{ + (void)dir; + return wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION); +} #endif /* WOLFSSL_AES_COUNTER */ #ifdef HAVE_AESCCM diff --git a/wolfcrypt/src/port/arm/armv8-sha256.c b/wolfcrypt/src/port/arm/armv8-sha256.c index 12a5132fc..28102930b 100644 --- a/wolfcrypt/src/port/arm/armv8-sha256.c +++ b/wolfcrypt/src/port/arm/armv8-sha256.c @@ -85,6 +85,10 @@ static int InitSha256(wc_Sha256* sha256) sha256->loLen = 0; sha256->hiLen = 0; +#ifdef WOLFSSL_HASH_FLAGS + sha256->flags = 0; +#endif + return ret; } @@ -1575,6 +1579,9 @@ int wc_Sha256Transform(wc_Sha256* sha256, const unsigned char* data) sha224->loLen = 0; sha224->hiLen = 0; + #ifdef WOLFSSL_HASH_FLAGS + sha224->flags = 0; + #endif return ret; } diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index e17ba65ac..747d3dd46 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -931,6 +931,7 @@ static int InitSha256(wc_Sha256* sha256) } #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SMALL_STACK_CACHE) + ForceZero(W, sizeof(word32) * WC_SHA256_BLOCK_SIZE); XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return 0; @@ -1690,10 +1691,11 @@ static int InitSha256(wc_Sha256* sha256) return; #ifdef WOLFSSL_SMALL_STACK_CACHE - if (sha224->W != NULL) { - XFREE(sha224->W, NULL, DYNAMIC_TYPE_DIGEST); - sha224->W = NULL; - } + if (sha224->W != NULL) { + ForceZero(sha224->W, sizeof(word32) * WC_SHA224_BLOCK_SIZE); + XFREE(sha224->W, NULL, DYNAMIC_TYPE_DIGEST); + sha224->W = NULL; + } #endif #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA224) @@ -1707,11 +1709,13 @@ static int InitSha256(wc_Sha256* sha256) KcapiHashFree(&sha224->kcapi); #endif #if defined(WOLFSSL_RENESAS_RX64_HASH) - if (sha224->msg != NULL) { - XFREE(sha224->msg, sha224->heap, DYNAMIC_TYPE_TMP_BUFFER); - sha224->msg = NULL; - } + if (sha224->msg != NULL) { + ForceZero(sha224->msg, sha224->len); + XFREE(sha224->msg, sha224->heap, DYNAMIC_TYPE_TMP_BUFFER); + sha224->msg = NULL; + } #endif + ForceZero(sha224, sizeof(*sha224)); } #endif /* WOLFSSL_SHA224 */ #endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */ @@ -1737,6 +1741,7 @@ void wc_Sha256Free(wc_Sha256* sha256) #ifdef WOLFSSL_SMALL_STACK_CACHE if (sha256->W != NULL) { + ForceZero(sha256->W, sizeof(word32) * WC_SHA256_BLOCK_SIZE); XFREE(sha256->W, NULL, DYNAMIC_TYPE_DIGEST); sha256->W = NULL; } @@ -1772,6 +1777,7 @@ void wc_Sha256Free(wc_Sha256* sha256) defined(WOLFSSL_HASH_KEEP) if (sha256->msg != NULL) { + ForceZero(sha256->msg, sha256->len); XFREE(sha256->msg, sha256->heap, DYNAMIC_TYPE_TMP_BUFFER); sha256->msg = NULL; } @@ -1813,6 +1819,7 @@ void wc_Sha256Free(wc_Sha256* sha256) ESP_LOGV(TAG, "Hardware unlock not needed in wc_Sha256Free."); } #endif + ForceZero(sha256, sizeof(*sha256)); } #endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */ diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index 0c2750a90..83af39c4b 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -1126,6 +1126,7 @@ void wc_Sha512Free(wc_Sha512* sha512) #ifdef WOLFSSL_SMALL_STACK_CACHE if (sha512->W != NULL) { + ForceZero(sha512->W, sizeof(word64) * 16); XFREE(sha512->W, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER); sha512->W = NULL; } @@ -1137,6 +1138,7 @@ void wc_Sha512Free(wc_Sha512* sha512) #if defined(WOLFSSL_HASH_KEEP) if (sha512->msg != NULL) { + ForceZero(sha512->msg, sha512->len); XFREE(sha512->msg, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER); sha512->msg = NULL; } @@ -1145,6 +1147,8 @@ void wc_Sha512Free(wc_Sha512* sha512) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512) wolfAsync_DevCtxFree(&sha512->asyncDev, WOLFSSL_ASYNC_MARKER_SHA512); #endif /* WOLFSSL_ASYNC_CRYPT */ + + ForceZero(sha512, sizeof(*sha512)); } #if (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) \ && !defined(WOLFSSL_KCAPI_HASH) @@ -1197,6 +1201,7 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data) XMEMCPY(sha->buffer, buffer, WC_SHA512_BLOCK_SIZE); #ifdef WOLFSSL_SMALL_STACK + ForceZero(buffer, WC_SHA512_BLOCK_SIZE); XFREE(buffer, sha->heap, DYNAMIC_TYPE_TMP_BUFFER); #endif return ret; @@ -1446,6 +1451,7 @@ void wc_Sha384Free(wc_Sha384* sha384) #ifdef WOLFSSL_SMALL_STACK_CACHE if (sha384->W != NULL) { + ForceZero(sha384->W, sizeof(word64) * 16); XFREE(sha384->W, sha384->heap, DYNAMIC_TYPE_TMP_BUFFER); sha384->W = NULL; } @@ -1457,6 +1463,7 @@ void wc_Sha384Free(wc_Sha384* sha384) #if defined(WOLFSSL_HASH_KEEP) if (sha384->msg != NULL) { + ForceZero(sha384->msg, sha384->len); XFREE(sha384->msg, sha384->heap, DYNAMIC_TYPE_TMP_BUFFER); sha384->msg = NULL; } @@ -1476,6 +1483,8 @@ void wc_Sha384Free(wc_Sha384* sha384) sha384->hSession = NULL; } #endif + + ForceZero(sha384, sizeof(*sha384)); } #endif /* WOLFSSL_SHA384 */ diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index 60fbdb4c4..6768ceb01 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -415,6 +415,9 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out, #ifdef WOLFSSL_AES_COUNTER WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); + WOLFSSL_API int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len, + const byte* iv, int dir); + #endif /* AES-DIRECT */ #if defined(WOLFSSL_AES_DIRECT) diff --git a/wolfssl/wolfcrypt/fips_test.h b/wolfssl/wolfcrypt/fips_test.h index 5e819d4c2..dc37477d4 100644 --- a/wolfssl/wolfcrypt/fips_test.h +++ b/wolfssl/wolfcrypt/fips_test.h @@ -77,10 +77,10 @@ enum FipsCastStateId { }; enum FipsModeId { - FIPS_MODE_INIT, - FIPS_MODE_NORMAL, - FIPS_MODE_DEGRADED, - FIPS_MODE_FAILED + FIPS_MODE_INIT = 0, + FIPS_MODE_NORMAL = 1, + FIPS_MODE_DEGRADED = 2, + FIPS_MODE_FAILED = 3 }; @@ -92,6 +92,7 @@ WOLFSSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf); /* Public get status functions */ WOLFSSL_API int wolfCrypt_GetStatus_fips(void); +WOLFSSL_API int wolfCrypt_GetMode_fips(void); WOLFSSL_API const char* wolfCrypt_GetCoreHash_fips(void); #ifdef HAVE_FORCE_FIPS_FAILURE @@ -105,6 +106,7 @@ WOLFSSL_LOCAL int DoKnownAnswerTests(char* base16_hash, int base16_hashSz); /* F WOLFSSL_API int wc_RunCast_fips(int type); WOLFSSL_API int wc_GetCastStatus_fips(int type); +WOLFSSL_API int wc_RunAllCast_fips(void); #ifdef __cplusplus } /* extern "C" */