From 859205385678b32d7c506d8018f10e5a2c98e66d Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Wed, 23 Jun 2021 21:25:27 +1000 Subject: [PATCH] Regression test fixes ./configure --enable-all --disable-rsa ./configure --disable-chacha --disable-asm ./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519 --enable-cryptonly (and ed25519, curve448, ed448) ./configure --disable-tls13 --enable-psk --disable-rsa --disable-ecc --disable-dh C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK ./configure --disable-oldtls --enable-psk -disable-rsa --disable-dh -disable-ecc --disable-asn C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK --enable-lowresource --enable-singlethreaded --disable-asm --disable-errorstrings --disable-pkcs12 --disable-sha3 --disable-sha224 --disable-sha384 --disable-sha512 --disable-sha --disable-md5 -disable-aescbc --disable-chacha --disable-poly1305 --disable-coding Various build combinations with WOLFSSL_SP_MATH and WOLFSSL_SP_MATH_ALL --- configure.ac | 4 +- examples/server/server.c | 14 ++-- src/tls.c | 7 +- tests/api.c | 87 +++++++++++++--------- wolfcrypt/benchmark/benchmark.c | 8 +- wolfcrypt/src/sp_int.c | 128 ++++++++++++++++++-------------- wolfcrypt/test/test.c | 92 ++++++++++++++--------- wolfssl/wolfcrypt/sp_int.h | 7 ++ 8 files changed, 205 insertions(+), 142 deletions(-) diff --git a/configure.ac b/configure.ac index 382a80e0d..46d8dd5f5 100644 --- a/configure.ac +++ b/configure.ac @@ -3260,10 +3260,10 @@ fi if test "$ENABLED_CHACHA" = "noasm" || test "$ENABLED_ASM" = "no" then - AM_CFLAGS="$AM_CFLAGS -DHAVE_CHACHA -DNO_CHACHA_ASM" + AM_CFLAGS="$AM_CFLAGS -DNO_CHACHA_ASM" fi -if test "$ENABLED_CHACHA" = "yes" +if test "$ENABLED_CHACHA" != "no" then AM_CFLAGS="$AM_CFLAGS -DHAVE_CHACHA" fi diff --git a/examples/server/server.c b/examples/server/server.c index a1956f395..c0ba215c3 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -1259,7 +1259,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) WOLFSSL_MEM_STATS mem_stats; #endif #endif -#if defined(WOLFSSL_TLS13) +#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) int onlyKeyShare = 0; #endif #if defined(HAVE_SESSION_TICKET) @@ -1643,13 +1643,15 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) break; case 'y' : - #if defined(WOLFSSL_TLS13) && !defined(NO_DH) + #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) \ + && !defined(NO_DH) onlyKeyShare = 1; #endif break; case 'Y' : - #if defined(WOLFSSL_TLS13) && defined(HAVE_ECC) + #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) \ + && defined(HAVE_ECC) onlyKeyShare = 2; #endif break; @@ -1657,7 +1659,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) case 't' : #ifdef HAVE_CURVE25519 useX25519 = 1; - #if defined(WOLFSSL_TLS13) && defined(HAVE_ECC) + #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) onlyKeyShare = 2; #endif #endif @@ -1786,7 +1788,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) case '8' : #ifdef HAVE_CURVE448 useX448 = 1; - #if defined(WOLFSSL_TLS13) && defined(HAVE_ECC) + #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) onlyKeyShare = 2; #endif #endif @@ -2558,7 +2560,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) SetupPkCallbackContexts(ssl, &pkCbInfo); #endif - #ifdef WOLFSSL_TLS13 + #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (version >= 4) { SetKeyShare(ssl, onlyKeyShare, useX25519, useX448); } diff --git a/src/tls.c b/src/tls.c index 4829fd294..b4e0bd7d4 100644 --- a/src/tls.c +++ b/src/tls.c @@ -10244,10 +10244,11 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) #if defined(WOLFSSL_TLS13) && (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)) int usingPSK = 0; #endif -#if defined(HAVE_SUPPORTED_CURVES) || defined(HAVE_QSH) +#if (defined(HAVE_SUPPORTED_CURVES) && defined(WOLFSSL_TLS13)) || \ + defined(HAVE_QSH) TLSX* extension = NULL; #endif -#if defined(HAVE_SUPPORTED_CURVES) +#if defined(HAVE_SUPPORTED_CURVES) && defined(WOLFSSL_TLS13) word16 namedGroup = 0; #endif #ifdef HAVE_QSH @@ -10623,8 +10624,6 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) (void)public_key; (void)public_key_len; (void)ssl; - (void)extension; - (void)namedGroup; return ret; } diff --git a/tests/api.c b/tests/api.c index e182eb0ed..5832e194a 100644 --- a/tests/api.c +++ b/tests/api.c @@ -1131,7 +1131,7 @@ static int test_cm_load_ca_file(const char* ca_cert_file) static void test_wolfSSL_CertManagerCheckOCSPResponse(void) { -#ifdef HAVE_OCSP +#if defined(HAVE_OCSP) && !defined(NO_RSA) /* Need one of these for wolfSSL_OCSP_REQUEST_new. */ #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \ @@ -5728,7 +5728,8 @@ static void test_wolfSSL_UseSNI(void) static void test_wolfSSL_UseTrustedCA(void) { -#if defined(HAVE_TRUSTED_CA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) +#if defined(HAVE_TRUSTED_CA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \ + && !defined(NO_RSA) WOLFSSL_CTX *ctx; WOLFSSL *ssl; byte id[20]; @@ -5775,7 +5776,8 @@ static void test_wolfSSL_UseTrustedCA(void) static void test_wolfSSL_UseMaxFragment(void) { -#if defined(HAVE_MAX_FRAGMENT) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) +#if defined(HAVE_MAX_FRAGMENT) && !defined(NO_CERTS) && \ + !defined(NO_FILESYSTEM) && !defined(NO_RSA) #ifndef NO_WOLFSSL_SERVER WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()); AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); @@ -5817,7 +5819,8 @@ static void test_wolfSSL_UseMaxFragment(void) static void test_wolfSSL_UseTruncatedHMAC(void) { -#if defined(HAVE_TRUNCATED_HMAC) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) +#if defined(HAVE_TRUNCATED_HMAC) && !defined(NO_CERTS) && \ + !defined(NO_FILESYSTEM) && !defined(NO_RSA) #ifndef NO_WOLFSSL_SERVER WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()); AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); @@ -27166,7 +27169,7 @@ static void test_wolfSSL_X509_NAME(void) #ifndef NO_BIO static void test_wolfSSL_X509_INFO(void) { -#if defined(OPENSSL_ALL) +#if defined(OPENSSL_ALL) && !defined(NO_RSA) STACK_OF(X509_INFO) *info_stack; X509_INFO *info; BIO *cert; @@ -27273,7 +27276,7 @@ static void test_wolfSSL_X509_check_host(void) static void test_wolfSSL_X509_check_email(void) { -#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) +#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) X509* x509; const char goodEmail[] = "info@wolfssl.com"; const char badEmail[] = "disinfo@wolfssl.com"; @@ -29445,7 +29448,7 @@ static void test_wolfSSL_X509_Name_canon(void) #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_SHA) && \ defined(WOLFSSL_CERT_GEN) && \ - (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) + (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && !defined(NO_RSA) const long ex_hash1 = 0x0fdb2da4; const long ex_hash2 = 0x9f3e8c9e; @@ -30443,8 +30446,8 @@ static void test_wolfSSL_X509_STORE(void) static void test_wolfSSL_X509_STORE_load_locations(void) { -#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && !defined(NO_FILESYSTEM)\ - && !defined(NO_WOLFSSL_DIR) +#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \ + !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && !defined(NO_RSA) SSL_CTX *ctx; X509_STORE *store; @@ -31848,7 +31851,8 @@ static void test_wolfSSL_X509(void) static void test_wolfSSL_X509_get_ext_count(void) { -#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) +#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ + !defined(NO_RSA) int ret = 0; WOLFSSL_X509* x509; const char ocspRootCaFile[] = "./certs/ocsp/root-ca-cert.pem"; @@ -31889,7 +31893,7 @@ static void test_wolfSSL_X509_get_ext_count(void) static void test_wolfSSL_X509_sign2(void) { -#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ +#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_ALT_NAMES) && \ defined(WOLFSSL_CERT_EXT) && \ (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)) @@ -32086,7 +32090,7 @@ static void test_wolfSSL_X509_sign2(void) static void test_wolfSSL_X509_sign(void) { #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ - defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) + defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA) int ret; char *caSubject; X509_NAME *name; @@ -32279,7 +32283,8 @@ static void test_wolfSSL_X509_get0_tbs_sigalg(void) static void test_wolfSSL_X509_ALGOR_get0(void) { -#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && !defined(NO_SHA256) +#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \ + !defined(NO_SHA256) && !defined(NO_RSA) X509* x509 = NULL; const ASN1_OBJECT* obj = NULL; const X509_ALGOR* alg; @@ -32468,7 +32473,8 @@ static void test_wolfSSL_X509_get_X509_PUBKEY(void) static void test_wolfSSL_X509_PUBKEY(void) { -#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && !defined(NO_SHA256) +#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \ + !defined(NO_SHA256) && !defined(NO_RSA) X509* x509 = NULL; ASN1_OBJECT* obj = NULL; X509_PUBKEY* pubKey; @@ -35112,7 +35118,7 @@ static void test_wolfSSL_RSA_meth(void) static void test_wolfSSL_verify_mode(void) { -#if defined(OPENSSL_ALL) +#if defined(OPENSSL_ALL) && !defined(NO_RSA) WOLFSSL* ssl; WOLFSSL_CTX* ctx; @@ -36791,6 +36797,7 @@ static void test_wolfSSL_AES_cbc_encrypt(void) #if !defined(NO_ASN) static void test_wolfSSL_ASN1_STRING_to_UTF8(void) { +#if !defined(NO_RSA) WOLFSSL_X509* x509; WOLFSSL_X509_NAME* subject; WOLFSSL_X509_NAME_ENTRY* e; @@ -36834,6 +36841,7 @@ static void test_wolfSSL_ASN1_STRING_to_UTF8(void) wolfSSL_X509_free(x509); XFREE(actual_output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif } static void test_wolfSSL_ASN1_UNIVERSALSTRING_to_string(void) @@ -36869,6 +36877,7 @@ static void test_wolfSSL_ASN1_UNIVERSALSTRING_to_string(void) static void test_wolfSSL_sk_CIPHER_description(void) { +#if !defined(NO_RSA) const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION; int i,j,k; int numCiphers = 0; @@ -36930,10 +36939,12 @@ static void test_wolfSSL_sk_CIPHER_description(void) SSL_CTX_free(ctx); printf(resultFmt, passed); +#endif } static void test_wolfSSL_get_ciphers_compat(void) { +#if !defined(NO_RSA) const SSL_METHOD *method = NULL; const char certPath[] = "./certs/client-cert.pem"; STACK_OF(SSL_CIPHER) *supportedCiphers = NULL; @@ -36967,6 +36978,7 @@ static void test_wolfSSL_get_ciphers_compat(void) SSL_CTX_free(ctx); printf(resultFmt, passed); +#endif } static void test_wolfSSL_X509_PUBKEY_get(void) @@ -38767,7 +38779,7 @@ static void test_wolfSSL_EC_KEY_set_group(void) } static void test_wolfSSL_X509V3_EXT_get(void) { -#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL) +#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) FILE* f; int numOfExt =0; int extNid = 0; @@ -38799,7 +38811,7 @@ static void test_wolfSSL_X509V3_EXT_get(void) { } static void test_wolfSSL_X509V3_EXT(void) { -#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL) +#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) FILE* f; int numOfExt = 0, nid = 0, i = 0, expected, actual; char* str; @@ -38943,7 +38955,7 @@ static void test_wolfSSL_X509V3_EXT(void) { } static void test_wolfSSL_X509_get_ext(void){ -#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL) +#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) int ret = 0; FILE* f; WOLFSSL_X509* x509; @@ -38978,7 +38990,7 @@ static void test_wolfSSL_X509_get_ext(void){ static void test_wolfSSL_X509_get_ext_by_NID(void) { -#if defined(OPENSSL_ALL) +#if defined(OPENSSL_ALL) && !defined(NO_RSA) int rc; FILE* f; WOLFSSL_X509* x509; @@ -39024,7 +39036,7 @@ static void test_wolfSSL_X509_EXTENSION_new(void) static void test_wolfSSL_X509_EXTENSION_get_object(void) { -#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL) +#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) WOLFSSL_X509* x509; WOLFSSL_X509_EXTENSION* ext; WOLFSSL_ASN1_OBJECT* o; @@ -39052,7 +39064,7 @@ static void test_wolfSSL_X509_EXTENSION_get_object(void) static void test_wolfSSL_X509_EXTENSION_get_data(void) { -#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL) +#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) WOLFSSL_X509* x509; WOLFSSL_X509_EXTENSION* ext; WOLFSSL_ASN1_STRING* str; @@ -39074,7 +39086,7 @@ static void test_wolfSSL_X509_EXTENSION_get_data(void) static void test_wolfSSL_X509_EXTENSION_get_critical(void) { -#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL) +#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) WOLFSSL_X509* x509; WOLFSSL_X509_EXTENSION* ext; FILE* file; @@ -39097,7 +39109,8 @@ static void test_wolfSSL_X509_EXTENSION_get_critical(void) static void test_wolfSSL_X509V3_EXT_print(void) { -#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL) && !defined(NO_BIO) +#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_BIO) && \ + !defined(NO_RSA) printf(testingFmt, "wolfSSL_X509V3_EXT_print"); { @@ -39172,7 +39185,7 @@ static void test_wolfSSL_X509V3_EXT_print(void) static void test_wolfSSL_X509_cmp(void) { -#if defined(OPENSSL_ALL) +#if defined(OPENSSL_ALL) && !defined(NO_RSA) FILE* file1; FILE* file2; WOLFSSL_X509* cert1; @@ -39284,7 +39297,8 @@ static void test_wolfSSL_i2d_PrivateKey(void) static void test_wolfSSL_OCSP_id_get0_info(void) { -#if defined(OPENSSL_ALL) && defined(HAVE_OCSP) && !defined(NO_FILESYSTEM) +#if defined(OPENSSL_ALL) && defined(HAVE_OCSP) && !defined(NO_FILESYSTEM) && \ + !defined(NO_RSA) X509* cert; X509* issuer; OCSP_CERTID* id; @@ -40714,7 +40728,8 @@ static void test_wolfSSL_PEM_write_bio_PKCS7(void) #ifdef HAVE_SMIME static void test_wolfSSL_SMIME_read_PKCS7(void) { -#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) +#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \ + !defined(NO_RSA) PKCS7* pkcs7 = NULL; BIO* bio = NULL; BIO* bcont = NULL; @@ -42018,7 +42033,8 @@ static void test_wolfSSL_X509_CRL(void) static void test_wolfSSL_X509_load_crl_file(void) { -#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) +#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) && \ + !defined(NO_RSA) int i; char pem[][100] = { "./certs/crl/crl.pem", @@ -42107,7 +42123,8 @@ static void test_wolfSSL_X509_load_crl_file(void) static void test_wolfSSL_d2i_X509_REQ(void) { -#if defined(WOLFSSL_CERT_REQ) && (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) +#if defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA) && \ + (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) /* ./certs/csr.signed.der, ./certs/csr.ext.der, and ./certs/csr.attr.der were * generated by libest * ./certs/csr.attr.der contains sample attributes @@ -42669,7 +42686,7 @@ static void test_wolfssl_EVP_aes_gcm(void) #ifndef NO_BIO static void test_wolfSSL_PEM_X509_INFO_read_bio(void) { -#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) +#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) BIO* bio; X509_INFO* info; STACK_OF(X509_INFO)* sk; @@ -42820,7 +42837,7 @@ static void test_wolfSSL_ASN1_INTEGER_set(void) static void test_wolfSSL_X509_STORE_get1_certs(void) { #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && \ - !defined(NO_FILESYSTEM) + !defined(NO_FILESYSTEM) && !defined(NO_RSA) X509_STORE_CTX *storeCtx; X509_STORE *store; X509 *caX509; @@ -43923,7 +43940,7 @@ static int test_various_pathlen_chains(void) } #endif /* !NO_RSA && !NO_SHA && !NO_FILESYSTEM && !NO_CERTS */ -#ifdef HAVE_KEYING_MATERIAL +#if defined(HAVE_KEYING_MATERIAL) && defined(HAVE_IO_TESTS_DEPENDENCIES) static int test_export_keying_material_cb(WOLFSSL_CTX *ctx, WOLFSSL *ssl) { byte ekm[100] = {0}; @@ -44490,7 +44507,7 @@ static void test_CONF_CTX_CMDLINE(void) /* cmd Certificate and Private Key*/ { - #ifndef NO_CERTS + #if !defined(NO_CERTS) && !defined(NO_RSA) const char* ourCert = svrCertFile; const char* ourKey = svrKeyFile; @@ -44526,7 +44543,7 @@ static void test_CONF_CTX_CMDLINE(void) /* cmd DH parameter */ { #if !defined(NO_DH) && !defined(NO_BIO) - const char* ourdhcert = "./certs/dh4096.pem"; + const char* ourdhcert = "./certs/dh2048.pem"; AssertIntEQ(SSL_CONF_cmd(cctx, "-dhparam", NULL), -3); @@ -44570,7 +44587,7 @@ static void test_CONF_CTX_FILE(void) /* cmd Certificate and Private Key*/ { - #ifndef NO_CERTS + #if !defined(NO_CERTS) && !defined(NO_RSA) const char* ourCert = svrCertFile; const char* ourKey = svrKeyFile; @@ -45271,7 +45288,7 @@ void ApiTest(void) #endif -#ifdef HAVE_KEYING_MATERIAL +#if defined(HAVE_KEYING_MATERIAL) && defined(HAVE_IO_TESTS_DEPENDENCIES) test_export_keying_material(); #endif /* HAVE_KEYING_MATERIAL */ diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index c93836e92..c2dd1ffcb 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -783,7 +783,9 @@ static const char* bench_desc_words[][14] = { #endif #if defined(BENCH_ASYM) -#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DH) +#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DH) || \ + defined(HAVE_CURVE25519) || defined(HAVE_ED25519) || \ + defined(HAVE_CURVE448) || defined(HAVE_ED448) static const char* bench_result_words2[][5] = { { "ops took", "sec" , "avg" , "ops/sec", NULL }, /* 0 English */ #ifndef NO_MULTIBYTE_PRINT @@ -1325,7 +1327,9 @@ static void bench_stats_sym_finish(const char* desc, int doAsync, int count, } #ifdef BENCH_ASYM -#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DH) +#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DH) || \ + defined(HAVE_CURVE25519) || defined(HAVE_ED25519) || \ + defined(HAVE_CURVE448) || defined(HAVE_ED448) static void bench_stats_asym_finish(const char* algo, int strength, const char* desc, int doAsync, int count, double start, int ret) { diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c index 1458a106b..14d985ae2 100644 --- a/wolfcrypt/src/sp_int.c +++ b/wolfcrypt/src/sp_int.c @@ -3007,10 +3007,34 @@ int sp_cmp_d(sp_int* a, sp_int_digit d) } #endif -#if defined(WOLFSSL_SP_INT_NEGATIVE) || !defined(NO_PWDBASED) || \ - defined(WOLFSSL_KEY_GEN) || !defined(NO_DH) || \ - ((defined(WOLFSSL_SP_MATH_ALL) || !defined(NO_RSA)) && \ - !defined(WOLFSSL_RSA_VERIFY_ONLY)) +#if !defined(NO_PWDBASED) || defined(WOLFSSL_KEY_GEN) || !defined(NO_DH) || \ + !defined(NO_DSA) || (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) +#define WOLFSSL_SP_ADD_D +#endif +#if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ + !defined(NO_DH) || defined(HAVE_ECC) || !defined(NO_DSA) +#define WOLFSSL_SP_SUB_D +#endif +#if defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && \ + !defined(WOLFSSL_RSA_VERIFY_ONLY) +#define WOLFSSL_SP_READ_RADIX_10 +#endif +#if defined(HAVE_ECC) || !defined(NO_DSA) || defined(OPENSSL_EXTRA) || \ + (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \ + !defined(WOLFSSL_RSA_PUBLIC_ONLY)) +#define WOLFSSL_SP_INVMOD +#endif +#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC) +#define WOLFSSL_SP_INVMOD_MONT_CT +#endif +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \ + !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) || \ + (!defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)) +#define WOLFSSL_SP_PRIME_GEN +#endif + +#if defined(WOLFSSL_SP_ADD_D) || (defined(WOLFSSL_SP_INT_NEGATIVE) && \ + defined(WOFLSSL_SP_SUB_D)) || defined(WOLFSSL_SP_READ_RADIX_10) /* Add a one digit number to the multi-precision number. * * @param [in] a SP integer be added to. @@ -3057,13 +3081,12 @@ static int _sp_add_d(sp_int* a, sp_int_digit d, sp_int* r) return err; } -#endif /* WOLFSSL_SP_INT_NEGATIVE || !NO_PWDBASED || WOLFSSL_KEY_GEN || - * !NO_DH || !NO_RSA && !WOLFSSL_RSA_VERIFY_ONLY) */ +#endif /* WOLFSSL_SP_ADD_D || (WOLFSSL_SP_INT_NEGATIVE && WOFLSSL_SP_SUB_D) || + * defined(WOLFSSL_SP_READ_RADIX_10) */ -#if defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY) || \ - defined(WOLFSSL_SP_INT_NEGATIVE) || \ - !defined(NO_DH) || !defined(NO_DSA) || defined(HAVE_ECC) || \ - (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) +#if (defined(WOLFSSL_SP_INT_NEGATIVE) && defined(WOLFSSL_SP_ADD_D)) || \ + defined(WOLFSSL_SP_SUB_D) || defined(WOLFSSL_SP_INVMOD) || \ + defined(WOLFSSL_SP_INVMOD_MONT_CT) || defined(WOLFSSL_SP_PRIME_GEN) /* Sub a one digit number from the multi-precision number. * * returns MP_OKAY always. @@ -3099,11 +3122,11 @@ static void _sp_sub_d(sp_int* a, sp_int_digit d, sp_int* r) sp_clamp(r); } } -#endif /* WOLFSSL_SP_MATH_ALL || WOLFSSL_SP_INT_NEGATIVE || !NO_DH || !NO_DSA || - * HAVE_ECC || (!NO_RSA && !WOLFSSL_RSA_VERIFY_ONLY) */ +#endif /* (WOLFSSL_SP_INT_NEGATIVE && WOLFSSL_SP_ADD_D) || WOLFSSL_SP_SUB_D + * WOLFSSL_SP_INVMOD || WOLFSSL_SP_INVMOD_MONT_CT || + * WOLFSSL_SP_PRIME_GEN */ -#if !defined(NO_PWDBASED) || defined(WOLFSSL_KEY_GEN) || !defined(NO_DH) || \ - !defined(NO_DSA) || (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) +#ifdef WOLFSSL_SP_ADD_D /* Add a one digit number to the multi-precision number. * * @param [in] a SP integer be added to. @@ -3150,10 +3173,9 @@ int sp_add_d(sp_int* a, sp_int_digit d, sp_int* r) return err; } -#endif /* !NO_PWDBASED || WOLFSSL_KEY_GEN || !NO_DH || !NO_DSA || !NO_RSA */ +#endif /* WOLFSSL_SP_ADD_D */ -#if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ - !defined(NO_DH) || defined(HAVE_ECC) || !defined(NO_DSA) +#ifdef WOLFSSL_SP_SUB_D /* Sub a one digit number from the multi-precision number. * * @param [in] a SP integer be subtracted from. @@ -3199,8 +3221,7 @@ int sp_sub_d(sp_int* a, sp_int_digit d, sp_int* r) return err; } -#endif /* (!NO_RSA && !WOLFSSL_RSA_VERIFY_ONLY) || !NO_DH || HAVE_ECC || - * !NO_DSA */ +#endif /* WOLFSSL_SP_SUB_D */ #if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ defined(WOLFSSL_SP_SMALL) && (defined(WOLFSSL_SP_MATH_ALL) || \ @@ -3346,10 +3367,20 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo, #endif /* WOLFSSL_SP_MATH_ALL || !NO_DH || HAVE_ECC || * (!NO_RSA && !WOLFSSL_RSA_VERIFY_ONLY) */ -#if !defined(WOLFSSL_SP_SMALL) && ((defined(WOLFSSL_SP_MATH_ALL) && \ - !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ - defined(WOLFSSL_HAVE_SP_DH) || (defined(HAVE_ECC) && (defined(FP_ECC) || \ - defined(HAVE_COMP_KEY)))) +/* Predefine complicated rules of when to compile in sp_div_d and sp_mod_d. */ +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ + defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) +#define WOLFSSL_SP_DIV_D +#endif +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ + defined(WOLFSSL_HAVE_SP_DH) || \ + (defined(HAVE_ECC) && (defined(FP_ECC) || defined(HAVE_COMP_KEY))) || \ + (!defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)) +#define WOLFSSL_SP_MOD_D +#endif + +#if (defined(WOLFSSL_SP_DIV_D) || defined(WOLFSSL_SP_MOD_D)) && \ + !defined(WOLFSSL_SP_SMALL) /* Divide by 3: r = a / 3 and rem = a % 3 * * @param [in] a SP integer to be divided. @@ -3461,14 +3492,9 @@ static void _sp_div_10(sp_int* a, sp_int* r, sp_int_digit* rem) } } } -#endif /* !WOLFSSL_SP_SMALL && ((WOLFSSL_SP_MATH_ALL && - * !WOLFSSL_RSA_VERIFY_ONLY) || WOLFSSL_HAVE_SP_DH || - * (HAVE_ECC && FP_ECC)) */ +#endif /* (WOLFSSL_SP_DIV_D || WOLFSSL_SP_MOD_D) && !WOLFSSL_SP_SMALL */ -#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ - defined(WOLFSSL_HAVE_SP_DH) || \ - (defined(HAVE_ECC) && (defined(FP_ECC) || defined(HAVE_COMP_KEY))) || \ - (!defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)) +#if defined(WOLFSSL_SP_DIV_D) || defined(WOLFSSL_SP_MOD_D) /* Divide by small number: r = a / d and rem = a % d * * @param [in] a SP integer to be divided. @@ -3514,8 +3540,7 @@ static void _sp_div_small(sp_int* a, sp_int_digit d, sp_int* r, } #endif -#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ - defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) +#ifdef WOLFSSL_SP_DIV_D /* Divide a multi-precision number by a digit size number and calculate * remainder. * r = a / d; rem = a % d @@ -3582,12 +3607,9 @@ int sp_div_d(sp_int* a, sp_int_digit d, sp_int* r, sp_int_digit* rem) return err; } -#endif +#endif /* WOLFSSL_SP_DIV_D */ -#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ - defined(WOLFSSL_HAVE_SP_DH) || \ - (defined(HAVE_ECC) && (defined(FP_ECC) || defined(HAVE_COMP_KEY))) || \ - (!defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)) +#ifdef WOLFSSL_SP_MOD_D /* Calculate a modulo the digit d into r: r = a mod d * * @param [in] a SP integer to reduce. @@ -3662,8 +3684,7 @@ int sp_mod_d(sp_int* a, const sp_int_digit d, sp_int_digit* r) return err; } -#endif /* (WOLFSSL_SP_MATH_ALL && !WOLFSSL_RSA_VERFIY_ONLY) || \ - * WOLFSSL_HAVE_SP_DH || (HAVE_ECC && (FP_ECC || HAVE_COMP_KEY)) */ +#endif /* WOLFSSL_SP_MOD_D */ #if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC) /* Divides a by 2 mod m and stores in r: r = (a / 2) mod m @@ -7762,9 +7783,7 @@ int sp_mulmod(sp_int* a, sp_int* b, sp_int* m, sp_int* r) } #endif -#if defined(HAVE_ECC) || !defined(NO_DSA) || defined(OPENSSL_EXTRA) || \ - (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \ - !defined(WOLFSSL_RSA_PUBLIC_ONLY)) +#ifdef WOLFSSL_SP_INVMOD /* Calculates the multiplicative inverse in the field. * * @param [in] a SP integer to find inverse of. @@ -7901,10 +7920,9 @@ int sp_invmod(sp_int* a, sp_int* m, sp_int* r) FREE_SP_INT_ARRAY(t, NULL); return err; } -#endif /* HAVE_ECC || !NO_DSA || OPENSSL_EXTRA || \ - * (!NO_RSA && !WOLFSSL_RSA_VERIFY_ONLY) */ +#endif /* WOLFSSL_SP_INVMOD */ -#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC) +#ifdef WOLFSSL_SP_INVMOD_MONT_CT #define CT_INV_MOD_PRE_CNT 8 @@ -8008,7 +8026,7 @@ int sp_invmod_mont_ct(sp_int* a, sp_int* m, sp_int* r, sp_int_digit mp) return err; } -#endif /* WOLFSSL_SP_MATH_ALL && HAVE_ECC */ +#endif /* WOLFSSL_SP_INVMOD_MONT_CT */ /************************** @@ -12407,7 +12425,7 @@ static int _sp_read_radix_16(sp_int* a, const char* in) } #endif /* (WOLFSSL_SP_MATH_ALL && !NO_RSA && !WOLFSSL_RSA_VERIFY_ONLY) || HAVE_ECC */ -#if defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) +#ifdef WOLFSSL_SP_READ_RADIX_10 /* Convert decimal number as string in big-endian format to a multi-precision * number. * @@ -12464,10 +12482,10 @@ static int _sp_read_radix_10(sp_int* a, const char* in) return err; } -#endif /* WOLFSSL_SP_MATH_ALL && !NO_RSA && !WOLFSSL_RSA_VERIFY_ONLY */ +#endif /* WOLFSSL_SP_READ_RADIX_10 */ -#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ - defined(HAVE_ECC) || !defined(NO_DSA) +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && \ + !defined(WOLFSSL_RSA_VERIFY_ONLY)) || defined(HAVE_ECC) || !defined(NO_DSA) /* Convert a number as string in big-endian format to a big number. * Only supports base-16 (hexadecimal) and base-10 (decimal). * @@ -12499,7 +12517,7 @@ int sp_read_radix(sp_int* a, const char* in, int radix) if (radix == 16) { err = _sp_read_radix_16(a, in); } - #if defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) + #ifdef WOLFSSL_SP_READ_RADIX_10 else if (radix == 10) { err = _sp_read_radix_10(a, in); } @@ -12907,9 +12925,7 @@ int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap) } #endif /* WOLFSSL_KEY_GEN && (!NO_DH || !NO_DSA) && !WC_NO_RNG */ -#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \ - !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) || \ - (!defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)) +#ifdef WOLFSSL_SP_PRIME_GEN /* Miller-Rabin test of "a" to the base of "b" as described in * HAC pp. 139 Algorithm 4.24 * @@ -13302,7 +13318,7 @@ int sp_prime_is_prime_ex(sp_int* a, int t, int* result, WC_RNG* rng) } return err; } -#endif /* WOLFSSL_SP_MATH_ALL || WOLFSSL_HAVE_SP_DH */ +#endif /* WOLFSSL_SP_PRIME_GEN */ #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) @@ -13415,7 +13431,7 @@ int sp_gcd(sp_int* a, sp_int* b, sp_int* r) #endif /* WOLFSSL_SP_MATH_ALL && !NO_RSA && WOLFSSL_KEY_GEN */ -#if defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(WC_RSA_BLINDING) /* Calculates the Lowest Common Multiple (LCM) of a and b and stores in r. * diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 5deaf426d..67aaf0f1b 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -15894,6 +15894,7 @@ exit_rsa: (void)res; (void)bytes; + (void)idx; (void)in; (void)out; (void)plain; @@ -33480,6 +33481,8 @@ static int mp_test_div_3(mp_int* a, mp_int* r, WC_RNG* rng) mp_digit rem; mp_digit rem2; +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ + defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) for (i = 0; i < 10; i++) { for (j = 1; j < 10; j++) { if (randNum(a, j, rng, NULL) != 0) @@ -33501,6 +33504,7 @@ static int mp_test_div_3(mp_int* a, mp_int* r, WC_RNG* rng) return -12626; if (mp_cmp(r, a) != MP_EQ) return -12627; +#endif #if defined(WOLFSSL_SP_MATH_ALL) if (mp_div_d(a, 10, r, &rem) != 0) @@ -33527,10 +33531,16 @@ static int mp_test_div_3(mp_int* a, mp_int* r, WC_RNG* rng) return -12637; if (rem != rem2) return -12638; -#else - (void)rem2; #endif + (void)a; + (void)r; + (void)rng; + (void)i; + (void)j; + (void)rem; + (void)rem2; + return 0; } #endif /* WOLFSSL_SP_MATH || !USE_FAST_MATH */ @@ -33602,7 +33612,8 @@ static int mp_test_radix_10(mp_int* a, mp_int* r, WC_RNG* rng) } #endif -#if defined(WOLFSSL_SP_MATH_ALL) || defined(HAVE_ECC) +#if defined(WOLFSSL_SP_MATH_ALL) || (!defined WOLFSSL_SP_MATH && \ + defined(HAVE_ECC)) static int mp_test_radix_16(mp_int* a, mp_int* r, WC_RNG* rng) { int ret; @@ -33698,6 +33709,7 @@ static int mp_test_shift(mp_int* a, mp_int* r1, WC_RNG* rng) if (mp_cmp(a, r1) != MP_EQ) return -12682; } +#ifndef WOLFSSL_SP_MATH for (i = 0; i < DIGIT_BIT+1; i++) { if (mp_mul_2d(a, i, r1) != MP_OKAY) return -12683; @@ -33705,6 +33717,7 @@ static int mp_test_shift(mp_int* a, mp_int* r1, WC_RNG* rng) if (mp_cmp(a, r1) != MP_EQ) return -12684; } +#endif return 0; } @@ -33740,21 +33753,6 @@ static int mp_test_add_sub_d(mp_int* a, mp_int* r1) if (r1->used != 0) return -12697; -#ifdef WOLFSSL_SP_MATH - if (mp_set(r1, 1) != MP_OKAY) - return -12698; - if (mp_mul_2d(r1, SP_INT_MAX_BITS - 1, r1) != MP_OKAY) - return -12699; - if (mp_sub_d(r1, 1, r1) != MP_OKAY) - return -12700; - if (mp_mul_2d(r1, 1, r1) != MP_OKAY) - return -12701; - if (mp_add_d(r1, 1, r1) != MP_OKAY) - return -12702; - if (mp_add_d(r1, 1, r1) == MP_OKAY) - return -12703; -#endif - return 0; } @@ -34303,8 +34301,8 @@ static int mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng) return -12821; #endif -#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) || \ - (defined(HAVE_ECC) && defined(FP_ECC)) +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ + defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) ret = mp_div_d(NULL, 0, NULL, NULL); if (ret != MP_VAL) return -12822; @@ -34353,7 +34351,7 @@ static int mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng) return -12834; #endif -#ifdef HAVE_ECC +#if !defined(WOLFSSL_SP_MATH) && defined(HAVE_ECC) ret = mp_div_2_mod_ct(NULL, NULL, NULL); if (ret != MP_VAL) return -12835; @@ -34412,7 +34410,7 @@ static int mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng) return -12851; #endif -#ifdef HAVE_ECC +#if !defined(WOLFSSL_SP_MATH) && defined(HAVE_ECC) ret = mp_invmod_mont_ct(NULL, NULL, NULL, 1); if (ret != MP_VAL) return -12852; @@ -34436,7 +34434,7 @@ static int mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng) return -12858; #endif -#if defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(WC_RSA_BLINDING) ret = mp_lcm(NULL, NULL, NULL); if (ret != MP_VAL) return -12859; @@ -35022,6 +35020,7 @@ static int mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng) int ret; int i, j, k; +#ifndef WOLFSSL_SP_MATH for (i = 0; i < 10; i++) { for (j = 1; j < (DIGIT_BIT + 7) / 8 * 3; j++) { ret = randNum(a, j, rng, NULL); @@ -35038,6 +35037,7 @@ static int mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng) } } } +#endif for (i = 0; i < 10; i++) { for (j = 1; j < (DIGIT_BIT + 7) / 8 * 3; j++) { @@ -35075,6 +35075,7 @@ static int mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng) } #endif +#ifndef WOLFSSL_SP_MATH static int mp_test_div(mp_int* a, mp_int* d, mp_int* r, mp_int* rem, WC_RNG* rng) { @@ -35192,6 +35193,7 @@ static int mp_test_div(mp_int* a, mp_int* d, mp_int* r, mp_int* rem, return 0; } +#endif #if defined(WOLFSSL_KEY_GEN) && (!defined(NO_DH) || !defined(NO_DSA)) && \ !defined(WC_NO_RNG) @@ -35201,20 +35203,28 @@ static int mp_test_prime(mp_int* a, WC_RNG* rng) int res; ret = mp_rand_prime(a, 1, rng, NULL); -#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL) +#if defined(WOLFSSL_SP_MATH_ALL) if (ret != 0) + return -13060; #else if (ret != MP_VAL) -#endif return -13060; +#endif +#ifndef WOLFSSL_SP_MATH ret = mp_rand_prime(a, -5, rng, NULL); if (ret != 0) return -13061; +#endif ret = mp_prime_is_prime(a, 1, &res); if (ret != MP_OKAY) return -13062; +#ifndef WOLFSSL_SP_MATH if (res != MP_YES) return -13063; +#else + if (res != MP_NO) + return -13063; +#endif ret = mp_prime_is_prime(a, 0, &res); if (ret != MP_VAL) @@ -35290,8 +35300,7 @@ static int mp_test_prime(mp_int* a, WC_RNG* rng) } #endif -#if defined(WOLFSSL_KEY_GEN) && (!defined(WOLFSSL_SP_MATH_ALL) || \ - !defined(NO_RSA)) +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(WC_RSA_BLINDING) static int mp_test_lcm_gcd(mp_int* a, mp_int* b, mp_int* r, mp_int* exp, WC_RNG* rng) { @@ -35490,7 +35499,7 @@ static int mp_test_mul_sqr(mp_int* a, mp_int* b, mp_int* r1, mp_int* r2, if (!mp_iszero(r1)) return -13148; -#ifdef WOLFSSL_SP_MATH +#ifdef WOLFSSL_SP_MATH_ALL ret = mp_set(a, 1); if (ret != MP_OKAY) return -13149; @@ -35535,7 +35544,7 @@ static int mp_test_mul_sqr(mp_int* a, mp_int* b, mp_int* r1, mp_int* r2, return -13160; #endif /* HAVE_ECC && (ECC_SHAMIR || FP_ECC) */ #endif /* WOLFSSL_SP_MATH_ALL || WOLFSSL_HAVE_SP_DH || (HAVE_ECC && FP_ECC) */ -#endif /* WOLFSSL_SP_MATH */ +#endif /* WOLFSSL_SP_MATH_ALL */ return 0; } @@ -35586,8 +35595,7 @@ static int mp_test_invmod(mp_int* a, mp_int* m, mp_int* r) return -13177; #endif -#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL) -#ifdef HAVE_ECC +#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC) mp_set(a, 0); mp_set(m, 3); ret = mp_invmod_mont_ct(a, m, r, 1); @@ -35614,7 +35622,6 @@ static int mp_test_invmod(mp_int* a, mp_int* m, mp_int* r) ret = mp_invmod_mont_ct(a, m, r, 1); if (ret != MP_OKAY) return -13182; -#endif #endif return 0; @@ -35704,6 +35711,7 @@ static int mp_test_exptmod(mp_int* b, mp_int* e, mp_int* m, mp_int* r) if (!mp_iszero(r)) return -13209; +#ifndef WOLFSSL_SP_MATH mp_set(b, 0x01); mp_mul_2d(b, DIGIT_BIT, b); mp_add_d(b, 1, b); @@ -35719,6 +35727,7 @@ static int mp_test_exptmod(mp_int* b, mp_int* e, mp_int* m, mp_int* r) return -13212; if (!mp_iszero(r)) return -13213; +#endif mp_set(b, 0x2); mp_set(e, 0x3); @@ -35730,7 +35739,7 @@ static int mp_test_exptmod(mp_int* b, mp_int* e, mp_int* m, mp_int* r) if (ret != MP_OKAY) return -13215; -#ifdef WOLFSSL_SP_MATH +#ifdef WOLFSSL_SP_MATH_ALL mp_set(b, 0x2); mp_set(e, 0x3); mp_set(m, 0x01); @@ -35829,7 +35838,10 @@ WOLFSSL_TEST_SUBROUTINE int mp_test(void) WC_RNG rng; int ret; #if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) - int i, j, k; + int i, j; +#ifndef WOLFSSL_SP_MATH + int k; +#endif mp_digit d; #endif mp_int a, b, r1, r2, p; @@ -35889,6 +35901,7 @@ WOLFSSL_TEST_SUBROUTINE int mp_test(void) return -13309; #endif + #if defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY) #if defined(WOLFSSL_SP_MATH) || (defined(WOLFSSL_SP_MATH_ALL) && \ !defined(WOLFSSL_SP_INT_NEGATIVE)) ret = mp_addmod(&a, &b, &p, &r1); @@ -35914,6 +35927,7 @@ WOLFSSL_TEST_SUBROUTINE int mp_test(void) if (mp_cmp(&r1, &r2) != 0) return -13316; #endif + #endif /* Ensure add digit produce same result as sub digit. */ ret = mp_add_d(&a, d, &r1); @@ -35933,6 +35947,7 @@ WOLFSSL_TEST_SUBROUTINE int mp_test(void) return -13320; ret = 0; + #ifndef WOLFSSL_SP_MATH /* Shift up and down number all bits in a digit. */ for (k = 0; k < DIGIT_BIT; k++) { mp_mul_2d(&a, k, &r1); @@ -35945,6 +35960,7 @@ WOLFSSL_TEST_SUBROUTINE int mp_test(void) if (mp_cmp(&a, &r1) != 0) return -13323; } + #endif } } @@ -35990,7 +36006,8 @@ WOLFSSL_TEST_SUBROUTINE int mp_test(void) if ((ret = mp_test_radix_10(&a, &r1, &rng)) != 0) return ret; #endif -#if defined(WOLFSSL_SP_MATH_ALL) || defined(HAVE_ECC) +#if defined(WOLFSSL_SP_MATH_ALL) || (!defined WOLFSSL_SP_MATH && \ + defined(HAVE_ECC)) if ((ret = mp_test_radix_16(&a, &r1, &rng)) != 0) return ret; #endif @@ -36015,15 +36032,16 @@ WOLFSSL_TEST_SUBROUTINE int mp_test(void) if ((ret = mp_test_set_is_bit(&a)) != 0) return ret; #endif +#ifdef WOLFSSL_SP_MATH_ALL if ((ret = mp_test_div(&a, &b, &r1, &r2, &rng)) != 0) return ret; +#endif #if defined(WOLFSSL_KEY_GEN) && (!defined(NO_DH) || !defined(NO_DSA)) && \ !defined(WC_NO_RNG) if ((ret = mp_test_prime(&a, &rng)) != 0) return ret; #endif -#if defined(WOLFSSL_KEY_GEN) && (!defined(WOLFSSL_SP_MATH_ALL) || \ - !defined(NO_RSA)) +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(WC_RSA_BLINDING) if ((ret = mp_test_lcm_gcd(&a, &b, &r1, &r2, &rng)) != 0) return ret; #endif diff --git a/wolfssl/wolfcrypt/sp_int.h b/wolfssl/wolfcrypt/sp_int.h index 8e5164d05..7e9710161 100644 --- a/wolfssl/wolfcrypt/sp_int.h +++ b/wolfssl/wolfcrypt/sp_int.h @@ -802,7 +802,10 @@ MP_API int sp_cmp_d(sp_int* a, sp_int_digit d); MP_API int sp_add_d(sp_int* a, sp_int_digit d, sp_int* r); MP_API int sp_sub_d(sp_int* a, sp_int_digit d, sp_int* r); MP_API int sp_mul_d(sp_int* a, sp_int_digit d, sp_int* r); +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ + defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) MP_API int sp_div_d(sp_int* a, sp_int_digit d, sp_int* r, sp_int_digit* rem); +#endif #if defined(WOLFSSL_SP_MATH_ALL) || (defined(HAVE_ECC) && \ defined(HAVE_COMP_KEY)) MP_API int sp_mod_d(sp_int* a, const sp_int_digit d, sp_int_digit* r); @@ -883,8 +886,12 @@ MP_API int sp_radix_size(mp_int* a, int radix, int* size); MP_API int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap); MP_API int sp_prime_is_prime(mp_int* a, int t, int* result); MP_API int sp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng); +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) MP_API int sp_gcd(sp_int* a, sp_int* b, sp_int* r); +#endif +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(WC_RSA_BLINDING) MP_API int sp_lcm(sp_int* a, sp_int* b, sp_int* r); +#endif WOLFSSL_API word32 CheckRunTimeFastMath(void);