diff --git a/configure.ac b/configure.ac index 1da02cc48..c00818b7c 100644 --- a/configure.ac +++ b/configure.ac @@ -745,7 +745,7 @@ then test "$enable_psk" = "" && enable_psk=yes test "$enable_cmac" = "" && enable_cmac=yes test "$enable_siphash" = "" && enable_siphash=yes - test "$enable_xts" = "" && enable_xts=yes + test "$enable_aesxts" = "" && enable_aesxts=yes test "$enable_ocsp" = "" && enable_ocsp=yes test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes @@ -933,7 +933,7 @@ then test "$enable_psk" = "" && enable_psk=yes test "$enable_cmac" = "" && enable_cmac=yes test "$enable_siphash" = "" && enable_siphash=yes - test "$enable_xts" = "" && enable_xts=yes + test "$enable_aesxts" = "" && enable_aesxts=yes test "$enable_ocsp" = "" && enable_ocsp=yes test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes @@ -4836,17 +4836,23 @@ AS_IF([test "x$ENABLED_CMAC" = "xyes"], # AES-XTS -AC_ARG_ENABLE([xts], - [AS_HELP_STRING([--enable-xts],[Enable XTS (default: disabled)])], - [ ENABLED_XTS=$enableval ], - [ ENABLED_XTS=no ] +AC_ARG_ENABLE([aesxts], + [AS_HELP_STRING([--enable-aesxts],[Enable AES XTS (default: disabled)])], + [ ENABLED_AESXTS=$enableval ], + [ ENABLED_AESXTS=no ] ) -AS_IF([test "x$ENABLED_XTS" = "xyes"], +# legacy old option name, for compatibility: +AC_ARG_ENABLE([xts], + [AS_HELP_STRING([--enable-xts],[Please use --enable-aesxts])], + [ ENABLED_AESXTS=$enableval ] + ) + +AS_IF([test "x$ENABLED_AESXTS" = "xyes"], [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_XTS -DWOLFSSL_AES_DIRECT"]) -AS_IF([test "x$ENABLED_XTS" = "xyes" && test "x$ENABLED_INTELASM" = "xyes"], +AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_INTELASM" = "xyes"], [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"]) -AS_IF([test "x$ENABLED_XTS" = "xyes" && test "x$ENABLED_AESNI" = "xyes"], +AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_AESNI" = "xyes"], [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"]) # Web Server Build @@ -8028,6 +8034,32 @@ if test -n "$MPI_MAX_KEY_BITS" -o -n "$WITH_MAX_ECC_BITS"; then fi fi +AC_ARG_ENABLE([linuxkm-lkcapi-register], + [AS_HELP_STRING([--enable-linuxkm-lkcapi-register],[Register wolfCrypt implementations with the Linux Kernel Crypto API backplane. Possible values are "none", "all", "cbc(aes)", "cfb(aes)", "gcm(aes)", and "xts(aes)", or a comma-separate combination. (default: none)])], + [ENABLED_LINUXKM_LKCAPI_REGISTER=$enableval], + [ENABLED_LINUXKM_LKCAPI_REGISTER=none] + ) +if test "$ENABLED_LINUXKM_LKCAPI_REGISTER" != "none" +then + AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_REGISTER" + for lkcapi_alg in $(echo "$ENABLED_LINUXKM_LKCAPI_REGISTER" | tr ',' ' ') + do + case "$lkcapi_alg" in + all) AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_REGISTER_ALL" ;; + 'cbc(aes)') test "$ENABLED_AESCBC" != "no" || AC_MSG_ERROR([linuxkm-lkcapi-register ${lkcapi_alg}: AES-CBC implementation not enabled.]) + AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_REGISTER_AESCBC" ;; + 'cfb(aes)') test "$ENABLED_AESCFB" != "no" || AC_MSG_ERROR([linuxkm-lkcapi-register ${lkcapi_alg}: AES-CFB implementation not enabled.]) + AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_REGISTER_AESCFB" ;; + 'gcm(aes)') test "$ENABLED_AESGCM" != "no" || AC_MSG_ERROR([linuxkm-lkcapi-register ${lkcapi_alg}: AES-GCM implementation not enabled.]) + test "$ENABLED_AESGCM_STREAM" != "no" || AC_MSG_ERROR([linuxkm-lkcapi-register ${lkcapi_alg}: --enable-aesgcm-stream is required for LKCAPI.]) + AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_REGISTER_AESGCM" ;; + 'xts(aes)') test "$ENABLED_AESXTS" != "no" || AC_MSG_ERROR([linuxkm-lkcapi-register ${lkcapi_alg}: AES-XTS implementation not enabled.]) + AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_REGISTER_AESXTS" ;; + *) AC_MSG_ERROR([Unsupported LKCAPI algorithm "$lkcapi_alg".]) ;; + esac + done +fi + # Library Suffix LIBSUFFIX="" AC_ARG_WITH([libsuffix], @@ -8958,7 +8990,7 @@ AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" || test " AM_CONDITIONAL([BUILD_SNIFFTEST],[ test "x$ENABLED_SNIFFTEST" = "xyes"]) AM_CONDITIONAL([BUILD_AESGCM],[test "x$ENABLED_AESGCM" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"]) AM_CONDITIONAL([BUILD_AESCCM],[test "x$ENABLED_AESCCM" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"]) -AM_CONDITIONAL([BUILD_XTS],[test "x$ENABLED_XTS" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"]) +AM_CONDITIONAL([BUILD_AESXTS],[test "x$ENABLED_AESXTS" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"]) AM_CONDITIONAL([BUILD_ARMASM],[test "x$ENABLED_ARMASM" = "xyes"]) AM_CONDITIONAL([BUILD_ARMASM_INLINE],[test "x$ENABLED_ARMASM_INLINE" = "xyes"]) AM_CONDITIONAL([BUILD_ARMASM_CRYPTO],[test "x$ENABLED_ARMASM_CRYPTO" = "xyes"]) @@ -9397,6 +9429,7 @@ echo " * AES-CCM: $ENABLED_AESCCM" echo " * AES-CTR: $ENABLED_AESCTR" echo " * AES-CFB: $ENABLED_AESCFB" echo " * AES-OFB: $ENABLED_AESOFB" +echo " * AES-XTS: $ENABLED_AESXTS" echo " * AES-SIV: $ENABLED_AESSIV" echo " * AES-EAX: $ENABLED_AESEAX" echo " * AES Bitspliced: $ENABLED_AESBS" diff --git a/linuxkm/Kbuild b/linuxkm/Kbuild index 6eac94d28..4abe73109 100644 --- a/linuxkm/Kbuild +++ b/linuxkm/Kbuild @@ -154,10 +154,10 @@ ifneq "$(quiet)" "silent_" endif @cd "$(obj)" || exit $$?; \ for file in $(WOLFCRYPT_PIE_FILES); do \ - $(OBJCOPY) --rename-section .text=.text.wolfcrypt --rename-section .data=.data.wolfcrypt "$$file" || exit $$?; \ + $(OBJCOPY) --rename-section .text=.text.wolfcrypt --rename-section .data=.data.wolfcrypt --rename-section .rodata=.rodata.wolfcrypt "$$file" || exit $$?; \ done ifneq "$(quiet)" "silent_" - @echo ' wolfCrypt .{text,data} sections containerized to .{text,data}.wolfcrypt' + @echo ' wolfCrypt .{text,data,rodata} sections containerized to .{text,data,rodata}.wolfcrypt' endif $(src)/linuxkm/module_exports.c: rename-pie-text-and-data-sections diff --git a/linuxkm/include.am b/linuxkm/include.am index cec11ad2d..b89aab40a 100644 --- a/linuxkm/include.am +++ b/linuxkm/include.am @@ -12,4 +12,5 @@ EXTRA_DIST += m4/ax_linuxkm.m4 \ linuxkm/pie_redirect_table.c \ linuxkm/pie_last.c \ linuxkm/linuxkm_memory.c \ - linuxkm/linuxkm_wc_port.h + linuxkm/linuxkm_wc_port.h \ + linuxkm/lkcapi_glue.c diff --git a/linuxkm/linuxkm_memory.c b/linuxkm/linuxkm_memory.c index 58131606e..81a7dfab3 100644 --- a/linuxkm/linuxkm_memory.c +++ b/linuxkm/linuxkm_memory.c @@ -275,7 +275,7 @@ WARN_UNUSED_RESULT int save_vector_registers_x86(void) { struct wc_thread_fpu_count_ent *pstate = wc_linuxkm_fpu_state_assoc(1); if (pstate == NULL) - return ENOMEM; + return MEMORY_E; /* allow for nested calls */ if (pstate->fpu_state != 0U) { @@ -314,7 +314,7 @@ WARN_UNUSED_RESULT int save_vector_registers_x86(void) if (! warned_fpu_forbidden) pr_err("save_vector_registers_x86 called from IRQ handler.\n"); wc_linuxkm_fpu_state_release(pstate); - return EPERM; + return BAD_STATE_E; } else { #if defined(CONFIG_SMP) && !defined(CONFIG_PREEMPT_COUNT) && \ (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 7, 0)) && \ @@ -380,3 +380,11 @@ void my__show_free_areas( return; } #endif + +#if defined(__PIE__) && defined(CONFIG_FORTIFY_SOURCE) +/* needed because FORTIFY_SOURCE inline implementations call fortify_panic(). */ +void __my_fortify_panic(const char *name) { + pr_emerg("__my_fortify_panic in %s\n", name); + BUG(); +} +#endif diff --git a/linuxkm/linuxkm_wc_port.h b/linuxkm/linuxkm_wc_port.h index 97273939c..255cf52fa 100644 --- a/linuxkm/linuxkm_wc_port.h +++ b/linuxkm/linuxkm_wc_port.h @@ -119,8 +119,87 @@ #include #include #include + + #ifdef CONFIG_FORTIFY_SOURCE + #ifdef __PIE__ + /* the inline definitions in fortify-string.h use non-inline + * fortify_panic(). + */ + extern void __my_fortify_panic(const char *name) __noreturn __cold; + #define fortify_panic __my_fortify_panic + #endif + + /* the _FORTIFY_SOURCE macros and implementations for several string + * functions are incompatible with libwolfssl, so just reimplement with + * inlines and remap with macros. + */ + + #define __ARCH_STRLEN_NO_REDIRECT + #define __ARCH_MEMCPY_NO_REDIRECT + #define __ARCH_MEMSET_NO_REDIRECT + #define __ARCH_MEMMOVE_NO_REDIRECT + + /* the inline definitions in fortify-string.h use non-inline + * strlen(). + */ + static inline size_t strlen(const char *s) { + const char *s_start = s; + while (*s) + ++s; + return (size_t)s - (size_t)s_start; + } + + #include + + #undef strlen + #define strlen(s) \ + ((__builtin_constant_p(s) && __builtin_constant_p(*(s))) ? \ + (sizeof(s) - 1) : strlen(s)) + + static inline void *my_memcpy(void *dest, const void *src, size_t n) { + u8 *src_bytes = (u8 *)src, + *dest_bytes = (u8 *)dest, + *endp = src_bytes + n; + while (src_bytes < endp) + *dest_bytes++ = *src_bytes++; + return dest; + } + #undef memcpy + #define memcpy my_memcpy + + static inline void *my_memset(void *dest, int c, size_t n) { + u8 *dest_bytes = (u8 *)dest, *endp = dest_bytes + n; + while (dest_bytes < endp) + *dest_bytes++ = (u8)c; + return dest; + } + #undef memset + #define memset my_memset + + static inline void *my_memmove(void *dest, const void *src, size_t n) { + u8 *src_bytes = (u8 *)src, *dest_bytes = (u8 *)dest; + if (src_bytes < dest_bytes) { + u8 *startp = src_bytes; + src_bytes += n - 1; + dest_bytes += n - 1; + while (src_bytes >= startp) + *dest_bytes-- = *src_bytes--; + } else if (src_bytes > dest_bytes) { + u8 *endp = src_bytes + n; + while (src_bytes < endp) + *dest_bytes++ = *src_bytes++; + } + return dest; + } + #undef memmove + #define memmove my_memmove + + #endif /* CONFIG_FORTIFY_SOURCE */ + #include #include + #include + #ifdef __PIE__ /* without this, mm.h brings in static, but not inline, pmd_to_page(), * with direct references to global vmem variables. @@ -146,7 +225,7 @@ #include #include - #ifdef LINUXKM_REGISTER_ALG + #ifdef LINUXKM_LKCAPI_REGISTER #include #include #include @@ -303,6 +382,11 @@ #else typeof(printk) *printk; #endif + +#ifdef CONFIG_FORTIFY_SOURCE + typeof(__warn_printk) *__warn_printk; +#endif + typeof(snprintf) *snprintf; const unsigned char *_ctype; @@ -446,6 +530,11 @@ #else #define printk (wolfssl_linuxkm_get_pie_redirect_table()->printk) #endif + + #ifdef CONFIG_FORTIFY_SOURCE + #define __warn_printk (wolfssl_linuxkm_get_pie_redirect_table()->__warn_printk) + #endif + #define snprintf (wolfssl_linuxkm_get_pie_redirect_table()->snprintf) #define _ctype (wolfssl_linuxkm_get_pie_redirect_table()->_ctype) diff --git a/linuxkm/lkcapi_glue.c b/linuxkm/lkcapi_glue.c index 170bdbaf3..2ec81eedb 100644 --- a/linuxkm/lkcapi_glue.c +++ b/linuxkm/lkcapi_glue.c @@ -46,10 +46,31 @@ #define WOLFKM_AESCFB_NAME "cfb(aes)" #define WOLFKM_AESGCM_NAME "gcm(aes)" #define WOLFKM_AESXTS_NAME "xts(aes)" -#define WOLFKM_AESCBC_DRIVER "cbc-aes-wolfcrypt" -#define WOLFKM_AESCFB_DRIVER "cfb-aes-wolfcrypt" -#define WOLFKM_AESGCM_DRIVER "gcm-aes-wolfcrypt" -#define WOLFKM_AESXTS_DRIVER "xts-aes-wolfcrypt" + +#ifdef WOLFSSL_AESNI + #define WOLFKM_DRIVER_ISA_EXT "-aesni" +#else + #define WOLFKM_DRIVER_ISA_EXT "" +#endif + +#ifdef HAVE_FIPS_VERSION + #if HAVE_FIPS_VERSION >= 5 + #define WOLFKM_DRIVER_FIPS "-fips-140-3" + #elif HAVE_FIPS_VERSION == 2 + #define WOLFKM_DRIVER_FIPS "-fips-140-2" + #else + #define WOLFKM_DRIVER_FIPS "-fips-140" + #endif +#else + #define WOLFKM_DRIVER_FIPS "" +#endif + +#define WOLFKM_DRIVER_SUFFIX WOLFKM_DRIVER_ISA_EXT WOLFKM_DRIVER_FIPS "-wolfcrypt" + +#define WOLFKM_AESCBC_DRIVER ("cbc-aes" WOLFKM_DRIVER_SUFFIX) +#define WOLFKM_AESCFB_DRIVER ("cfb-aes" WOLFKM_DRIVER_SUFFIX) +#define WOLFKM_AESGCM_DRIVER ("gcm-aes" WOLFKM_DRIVER_SUFFIX) +#define WOLFKM_AESXTS_DRIVER ("xts-aes" WOLFKM_DRIVER_SUFFIX) #if defined(HAVE_AES_CBC) && \ (defined(LINUXKM_LKCAPI_REGISTER_ALL) || defined(LINUXKM_LKCAPI_REGISTER_AESCBC)) @@ -1509,7 +1530,7 @@ static int aes_xts_128_test(void) ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -1520,7 +1541,7 @@ static int aes_xts_128_test(void) WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E); ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0); if (ret != 0) @@ -1536,7 +1557,7 @@ static int aes_xts_128_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -1547,7 +1568,7 @@ static int aes_xts_128_test(void) WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E); ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0); if (ret != 0) @@ -1560,7 +1581,7 @@ static int aes_xts_128_test(void) XMEMSET(cipher, 0, sizeof(cipher)); ret = wc_AesXtsEncrypt(aes, cipher, pp, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -1572,7 +1593,7 @@ static int aes_xts_128_test(void) XMEMSET(cipher, 0, sizeof(cipher)); ret = wc_AesXtsEncrypt(aes, cipher, pp, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0); if (ret != 0) @@ -1588,7 +1609,7 @@ static int aes_xts_128_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -1600,7 +1621,7 @@ static int aes_xts_128_test(void) XMEMSET(buf, 0, sizeof(buf)); ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0); if (ret != 0) @@ -1613,7 +1634,7 @@ static int aes_xts_128_test(void) XMEMSET(buf, 0, sizeof(buf)); ret = wc_AesXtsDecrypt(aes, buf, c1, sizeof(c1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -1625,7 +1646,7 @@ static int aes_xts_128_test(void) XMEMSET(buf, 0, sizeof(buf)); ret = wc_AesXtsDecrypt(aes, buf, c1, sizeof(c1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0); if (ret != 0) @@ -1638,7 +1659,7 @@ static int aes_xts_128_test(void) XMEMSET(buf, 0, sizeof(buf)); ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -1652,7 +1673,7 @@ static int aes_xts_128_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -1669,7 +1690,7 @@ static int aes_xts_128_test(void) ret = wc_AesXtsEncrypt(aes, buf, buf, sizeof(p3), i3, sizeof(i3)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -1681,7 +1702,7 @@ static int aes_xts_128_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecrypt(aes, buf, buf, sizeof(c3), i3, sizeof(i3)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -1717,7 +1738,7 @@ static int aes_xts_128_test(void) ret = wc_AesXtsEncrypt(aes, large_input, large_input, j, i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -1728,7 +1749,7 @@ static int aes_xts_128_test(void) ret = wc_AesXtsDecrypt(aes, large_input, large_input, j, i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -2062,7 +2083,7 @@ static int aes_xts_256_test(void) ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -2075,7 +2096,7 @@ static int aes_xts_256_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -2086,7 +2107,7 @@ static int aes_xts_256_test(void) XMEMSET(cipher, 0, sizeof(cipher)); ret = wc_AesXtsEncrypt(aes, cipher, pp, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -2098,7 +2119,7 @@ static int aes_xts_256_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -2109,7 +2130,7 @@ static int aes_xts_256_test(void) XMEMSET(buf, 0, sizeof(buf)); ret = wc_AesXtsDecrypt(aes, buf, c1, sizeof(c1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -2122,7 +2143,7 @@ static int aes_xts_256_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -2361,15 +2382,18 @@ static int linuxkm_lkcapi_register(void) int ret = 0; #define REGISTER_ALG(alg, installer, tester) do { \ - if (alg ## _loaded) {\ - pr_err("ERROR: %s is already registered.\n", (alg).base.cra_driver_name); \ + if (alg ## _loaded) { \ + pr_err("ERROR: %s is already registered.\n", \ + (alg).base.cra_driver_name); \ return -EEXIST; \ } \ \ ret = (installer)(&(alg)); \ \ if (ret) { \ - pr_err("ERROR: " #installer " for %s failed with return code %d.\n", (alg).base.cra_driver_name, ret); \ + pr_err("ERROR: " #installer " for %s failed " \ + "with return code %d.\n", \ + (alg).base.cra_driver_name, ret); \ return ret; \ } \ \ @@ -2378,33 +2402,43 @@ static int linuxkm_lkcapi_register(void) ret = (tester()); \ \ if (ret) { \ - pr_err("ERROR: self-test for %s failed with return code %d.\n", (alg).base.cra_driver_name, ret); \ + pr_err("ERROR: self-test for %s failed " \ + "with return code %d.\n", \ + (alg).base.cra_driver_name, ret); \ return ret; \ } \ - pr_info("%s self-test OK -- registered for %s with priority %d.\n", (alg).base.cra_driver_name, (alg).base.cra_name, (alg).base.cra_priority); \ + pr_info("%s self-test OK -- " \ + "registered for %s with priority %d.\n", \ + (alg).base.cra_driver_name, \ + (alg).base.cra_name, \ + (alg).base.cra_priority); \ } while (0) #if defined(HAVE_AES_CBC) && \ - (defined(LINUXKM_LKCAPI_REGISTER_ALL) || defined(LINUXKM_LKCAPI_REGISTER_AESCBC)) + (defined(LINUXKM_LKCAPI_REGISTER_ALL) || \ + defined(LINUXKM_LKCAPI_REGISTER_AESCBC)) REGISTER_ALG(cbcAesAlg, crypto_register_skcipher, linuxkm_test_aescbc); #endif #if defined(WOLFSSL_AES_CFB) && \ - (defined(LINUXKM_LKCAPI_REGISTER_ALL) || defined(LINUXKM_LKCAPI_REGISTER_AESCFB)) + (defined(LINUXKM_LKCAPI_REGISTER_ALL) || \ + defined(LINUXKM_LKCAPI_REGISTER_AESCFB)) REGISTER_ALG(cfbAesAlg, crypto_register_skcipher, linuxkm_test_aescfb); #endif #if defined(HAVE_AESGCM) && \ - (defined(LINUXKM_LKCAPI_REGISTER_ALL) || defined(LINUXKM_LKCAPI_REGISTER_AESGCM)) && \ + (defined(LINUXKM_LKCAPI_REGISTER_ALL) || \ + defined(LINUXKM_LKCAPI_REGISTER_AESGCM)) && \ (! (defined(WOLFSSL_AESNI) && defined(WC_AES_C_DYNAMIC_FALLBACK))) REGISTER_ALG(gcmAesAead, crypto_register_aead, linuxkm_test_aesgcm); #endif #if defined(WOLFSSL_AES_XTS) && \ - (defined(LINUXKM_LKCAPI_REGISTER_ALL) || defined(LINUXKM_LKCAPI_REGISTER_AESXTS)) + (defined(LINUXKM_LKCAPI_REGISTER_ALL) || \ + defined(LINUXKM_LKCAPI_REGISTER_AESXTS)) REGISTER_ALG(xtsAesAlg, crypto_register_skcipher, linuxkm_test_aesxts); #endif @@ -2416,33 +2450,38 @@ static int linuxkm_lkcapi_register(void) static void linuxkm_lkcapi_unregister(void) { +#define UNREGISTER_ALG(alg, uninstaller) do { \ + if (alg ## _loaded) { \ + (uninstaller)(&(alg)); \ + alg ## _loaded = 0; \ + } \ + } while (0) + #if defined(HAVE_AES_CBC) && \ - (defined(LINUXKM_LKCAPI_REGISTER_ALL) || defined(LINUXKM_LKCAPI_REGISTER_AESCBC)) - if (cbcAesAlg_loaded) { - crypto_unregister_skcipher(&cbcAesAlg); - cbcAesAlg_loaded = 0; - } + (defined(LINUXKM_LKCAPI_REGISTER_ALL) || \ + defined(LINUXKM_LKCAPI_REGISTER_AESCBC)) + + UNREGISTER_ALG(cbcAesAlg, crypto_unregister_skcipher); #endif #if defined(WOLFSSL_AES_CFB) && \ - (defined(LINUXKM_LKCAPI_REGISTER_ALL) || defined(LINUXKM_LKCAPI_REGISTER_AESCFB)) - if (cfbAesAlg_loaded) { - crypto_unregister_skcipher(&cfbAesAlg); - cfbAesAlg_loaded = 0; - } + (defined(LINUXKM_LKCAPI_REGISTER_ALL) || \ + defined(LINUXKM_LKCAPI_REGISTER_AESCFB)) + + UNREGISTER_ALG(cfbAesAlg, crypto_unregister_skcipher); #endif #if defined(HAVE_AESGCM) && \ - (defined(LINUXKM_LKCAPI_REGISTER_ALL) || defined(LINUXKM_LKCAPI_REGISTER_AESGCM)) && \ + (defined(LINUXKM_LKCAPI_REGISTER_ALL) || \ + defined(LINUXKM_LKCAPI_REGISTER_AESGCM)) && \ (! (defined(WOLFSSL_AESNI) && defined(WC_AES_C_DYNAMIC_FALLBACK))) - if (gcmAesAead_loaded) { - crypto_unregister_aead(&gcmAesAead); - gcmAesAead_loaded = 0; - } + + UNREGISTER_ALG(gcmAesAead, crypto_unregister_aead); #endif #if defined(WOLFSSL_AES_XTS) && \ - (defined(LINUXKM_LKCAPI_REGISTER_ALL) || defined(LINUXKM_LKCAPI_REGISTER_AESXTS)) - if (xtsAesAlg_loaded) { - crypto_unregister_skcipher(&xtsAesAlg); - xtsAesAlg_loaded = 0; - } + (defined(LINUXKM_LKCAPI_REGISTER_ALL) || \ + defined(LINUXKM_LKCAPI_REGISTER_AESXTS)) + + UNREGISTER_ALG(xtsAesAlg, crypto_unregister_skcipher); #endif + +#undef UNREGISTER_ALG } diff --git a/linuxkm/module_hooks.c b/linuxkm/module_hooks.c index 5e8f7caaa..6d6ff6c8c 100644 --- a/linuxkm/module_hooks.c +++ b/linuxkm/module_hooks.c @@ -47,7 +47,6 @@ #endif #ifndef NO_CRYPT_TEST #include - #include #endif static int libwolfssl_cleanup(void) { @@ -71,6 +70,8 @@ static int libwolfssl_cleanup(void) { #ifdef HAVE_LINUXKM_PIE_SUPPORT +#ifdef DEBUG_LINUXKM_PIE_SUPPORT + extern int wolfCrypt_PIE_first_function(void); extern int wolfCrypt_PIE_last_function(void); extern const unsigned int wolfCrypt_PIE_rodata_start[]; @@ -90,6 +91,8 @@ static unsigned int hash_span(char *start, char *end) { return sum; } +#endif /* DEBUG_LINUXKM_PIE_SUPPORT */ + #ifdef USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE extern struct wolfssl_linuxkm_pie_redirect_table wolfssl_linuxkm_pie_redirect_table; static int set_up_wolfssl_linuxkm_pie_redirect_table(void); @@ -126,34 +129,10 @@ static int updateFipsHash(void); #include "wolfcrypt/benchmark/benchmark.c" #endif /* WOLFSSL_LINUXKM_BENCHMARKS */ -#ifdef LINUXKM_REGISTER_ALG -#if defined(NO_AES) - #error LINUXKM_REGISTER_ALG requires AES. +#ifdef LINUXKM_LKCAPI_REGISTER + #include "linuxkm/lkcapi_glue.c" #endif -#if !defined(HAVE_AESGCM) && !defined(HAVe_AES_CBC) && !defined(WOLFSSL_AES_CFB) - #error LINUXKM_REGISTER_ALG requires AES-CBC, CFB, or GCM. -#endif - -#if defined(HAVE_AESGCM) && !defined(WOLFSSL_AESGCM_STREAM) - #error LINUXKM_REGISTER_ALG requires AESGCM_STREAM. -#endif - -#define WOLFKM_CBC_NAME "cbc(aes)" -#define WOLFKM_CFB_NAME "cfb(aes)" -#define WOLFKM_GCM_NAME "gcm(aes)" -#define WOLFKM_CBC_DRIVER "cbc-aes-wolfcrypt" -#define WOLFKM_CFB_DRIVER "cfb-aes-wolfcrypt" -#define WOLFKM_GCM_DRIVER "gcm-aes-wolfcrypt" -#define WOLFKM_ALG_PRIORITY (100) -static int linuxkm_register_alg(void); -static void linuxkm_unregister_alg(void); -static int linuxkm_test_alg(void); -static int linuxkm_test_cbc(void); -static int linuxkm_test_cfb(void); -static int linuxkm_test_gcm(void); -#endif /* endif LINUXKM_REGISTER_ALG */ - #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 0, 0) static int __init wolfssl_init(void) #else @@ -180,7 +159,7 @@ static int wolfssl_init(void) return ret; #endif -#ifdef HAVE_LINUXKM_PIE_SUPPORT +#if defined(HAVE_LINUXKM_PIE_SUPPORT) && defined(DEBUG_LINUXKM_PIE_SUPPORT) #if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 4, 0) /* see linux commit ac3b432839 */ @@ -247,7 +226,7 @@ static int wolfssl_init(void) text_hash, pie_text_end-pie_text_start, rodata_hash, pie_rodata_end-pie_rodata_start); } -#endif /* HAVE_LINUXKM_PIE_SUPPORT */ +#endif /* HAVE_LINUXKM_PIE_SUPPORT && DEBUG_LINUXKM_PIE_SUPPORT */ #ifdef HAVE_FIPS ret = wolfCrypt_SetCb_fips(lkmFipsCb); @@ -267,19 +246,31 @@ static int wolfssl_init(void) return -ECANCELED; } - pr_info("wolfCrypt FIPS [" - -#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 3) - "ready" -#elif defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 2) \ - && defined(WOLFCRYPT_FIPS_RAND) - "140-2 rand" -#elif defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 2) - "140-2" + pr_info("FIPS 140-3 wolfCrypt-fips v%d.%d.%d%s%s startup self-test succeeded.\n", +#ifdef HAVE_FIPS_VERSION_MAJOR + HAVE_FIPS_VERSION_MAJOR, #else - "140" + HAVE_FIPS_VERSION, #endif - "] POST succeeded.\n"); +#ifdef HAVE_FIPS_VERSION_MINOR + HAVE_FIPS_VERSION_MINOR, +#else + 0, +#endif +#ifdef HAVE_FIPS_VERSION_PATCH + HAVE_FIPS_VERSION_PATCH, +#else + 0, +#endif +#ifdef HAVE_FIPS_VERSION_PORT + "-", + HAVE_FIPS_VERSION_PORT +#else + "", + "" +#endif + ); + #endif /* HAVE_FIPS */ #ifdef WC_RNG_SEED_CB @@ -315,28 +306,20 @@ static int wolfssl_init(void) return -ECANCELED; } pr_info("wolfCrypt self-test passed.\n"); +#else + pr_info("skipping full wolfcrypt_test() (configure with --enable-crypttests to enable).\n"); #endif -#if defined(LINUXKM_REGISTER_ALG) && !defined(NO_AES) - ret = linuxkm_register_alg(); +#ifdef LINUXKM_LKCAPI_REGISTER + ret = linuxkm_lkcapi_register(); if (ret) { - pr_err("linuxkm_register_alg failed with return code %d.\n", ret); - linuxkm_unregister_alg(); + pr_err("linuxkm_lkcapi_register() failed with return code %d.\n", ret); + linuxkm_lkcapi_unregister(); (void)libwolfssl_cleanup(); msleep(10); return -ECANCELED; } - - ret = linuxkm_test_alg(); - - if (ret) { - pr_err("linuxkm_test_alg failed with return code %d.\n", ret); - (void)libwolfssl_cleanup(); - linuxkm_unregister_alg(); - msleep(10); - return -ECANCELED; - } #endif #ifdef WOLFSSL_LINUXKM_BENCHMARKS @@ -376,11 +359,12 @@ static void __exit wolfssl_exit(void) static void wolfssl_exit(void) #endif { +#ifdef LINUXKM_LKCAPI_REGISTER + linuxkm_lkcapi_unregister(); +#endif + (void)libwolfssl_cleanup(); -#if defined(LINUXKM_REGISTER_ALG) && !defined(NO_AES) - linuxkm_unregister_alg(); -#endif return; } @@ -428,6 +412,7 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) { #ifndef __ARCH_MEMCMP_NO_REDIRECT wolfssl_linuxkm_pie_redirect_table.memcmp = memcmp; #endif +#ifndef CONFIG_FORTIFY_SOURCE #ifndef __ARCH_MEMCPY_NO_REDIRECT wolfssl_linuxkm_pie_redirect_table.memcpy = memcpy; #endif @@ -437,6 +422,7 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) { #ifndef __ARCH_MEMMOVE_NO_REDIRECT wolfssl_linuxkm_pie_redirect_table.memmove = memmove; #endif +#endif /* !CONFIG_FORTIFY_SOURCE */ #ifndef __ARCH_STRCMP_NO_REDIRECT wolfssl_linuxkm_pie_redirect_table.strcmp = strcmp; #endif @@ -468,6 +454,11 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) { #else wolfssl_linuxkm_pie_redirect_table.printk = printk; #endif + +#ifdef CONFIG_FORTIFY_SOURCE + wolfssl_linuxkm_pie_redirect_table.__warn_printk = __warn_printk; +#endif + wolfssl_linuxkm_pie_redirect_table.snprintf = snprintf; wolfssl_linuxkm_pie_redirect_table._ctype = _ctype; @@ -573,7 +564,8 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) { i < (unsigned long *)&wolfssl_linuxkm_pie_redirect_table._last_slot; ++i) if (*i == 0) { - pr_err("wolfCrypt container redirect table initialization was incomplete.\n"); + pr_err("wolfCrypt container redirect table initialization was incomplete [%lu].\n", + i - (unsigned long *)&wolfssl_linuxkm_pie_redirect_table); return -EFAULT; } } @@ -792,1136 +784,3 @@ static int updateFipsHash(void) } #endif /* WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE */ - - -#if defined(LINUXKM_REGISTER_ALG) && !defined(NO_AES) -#include - -PRAGMA_GCC_DIAG_PUSH; -PRAGMA_GCC("GCC diagnostic ignored \"-Wnested-externs\""); -PRAGMA_GCC("GCC diagnostic ignored \"-Wpointer-arith\""); -PRAGMA_GCC("GCC diagnostic ignored \"-Wpointer-sign\""); -PRAGMA_GCC("GCC diagnostic ignored \"-Wbad-function-cast\""); -PRAGMA_GCC("GCC diagnostic ignored \"-Wunused-parameter\""); -#include -#include -#include -#include -PRAGMA_GCC_DIAG_POP; - -/* km_AesX(): wrappers to wolfcrypt wc_AesX functions and - * structures. */ - -#include - -struct km_AesCtx { - Aes aes; - u8 key[AES_MAX_KEY_SIZE / 8]; - unsigned int keylen; -}; - -static inline void km_ForceZero(struct km_AesCtx * ctx) -{ - memzero_explicit(ctx->key, sizeof(ctx->key)); - ctx->keylen = 0; -} - -static int km_AesInitCommon(struct km_AesCtx * ctx, const char * name) -{ - int err = wc_AesInit(&ctx->aes, NULL, INVALID_DEVID); - - if (unlikely(err)) { - pr_err("error: km_AesInitCommon %s failed: %d\n", name, err); - return err; - } - - return 0; -} - -static void km_AesExitCommon(struct km_AesCtx * ctx) -{ - wc_AesFree(&ctx->aes); - km_ForceZero(ctx); -} - -static int km_AesSetKeyCommon(struct km_AesCtx * ctx, const u8 *in_key, - unsigned int key_len, const char * name) -{ - int err = wc_AesSetKey(&ctx->aes, in_key, key_len, NULL, 0); - - if (unlikely(err)) { - pr_err("error: km_AesSetKeyCommon %s failed: %d\n", name, err); - return err; - } - - XMEMCPY(ctx->key, in_key, key_len); - ctx->keylen = key_len; - - return 0; -} - -static int km_AesInit(struct crypto_skcipher *tfm) -{ - struct km_AesCtx * ctx = crypto_skcipher_ctx(tfm); - return km_AesInitCommon(ctx, WOLFKM_CBC_DRIVER); -} - -static void km_AesExit(struct crypto_skcipher *tfm) -{ - struct km_AesCtx * ctx = crypto_skcipher_ctx(tfm); - km_AesExitCommon(ctx); -} - -static int km_AesSetKey(struct crypto_skcipher *tfm, const u8 *in_key, - unsigned int key_len) -{ - struct km_AesCtx * ctx = crypto_skcipher_ctx(tfm); - return km_AesSetKeyCommon(ctx, in_key, key_len, WOLFKM_CBC_DRIVER); -} - -#if defined(HAVE_AES_CBC) -static int km_AesCbcEncrypt(struct skcipher_request *req) -{ - struct crypto_skcipher * tfm = NULL; - struct km_AesCtx * ctx = NULL; - struct skcipher_walk walk; - unsigned int nbytes = 0; - int err = 0; - - tfm = crypto_skcipher_reqtfm(req); - ctx = crypto_skcipher_ctx(tfm); - - err = skcipher_walk_virt(&walk, req, false); - - while ((nbytes = walk.nbytes)) { - err = wc_AesSetKey(&ctx->aes, ctx->key, ctx->keylen, walk.iv, - AES_ENCRYPTION); - - if (unlikely(err)) { - pr_err("wc_AesSetKey failed: %d\n", err); - return err; - } - - err = wc_AesCbcEncrypt(&ctx->aes, walk.dst.virt.addr, - walk.src.virt.addr, nbytes); - - if (unlikely(err)) { - pr_err("wc_AesCbcEncrypt failed %d\n", err); - return err; - } - - err = skcipher_walk_done(&walk, walk.nbytes - nbytes); - } - - return err; -} - -static int km_AesCbcDecrypt(struct skcipher_request *req) -{ - struct crypto_skcipher * tfm = NULL; - struct km_AesCtx * ctx = NULL; - struct skcipher_walk walk; - unsigned int nbytes = 0; - int err = 0; - - tfm = crypto_skcipher_reqtfm(req); - ctx = crypto_skcipher_ctx(tfm); - - err = skcipher_walk_virt(&walk, req, false); - - while ((nbytes = walk.nbytes)) { - err = wc_AesSetKey(&ctx->aes, ctx->key, ctx->keylen, walk.iv, - AES_DECRYPTION); - - if (unlikely(err)) { - pr_err("wc_AesSetKey failed"); - return err; - } - - err = wc_AesCbcDecrypt(&ctx->aes, walk.dst.virt.addr, - walk.src.virt.addr, nbytes); - - if (unlikely(err)) { - pr_err("wc_AesCbcDecrypt failed"); - return err; - } - - err = skcipher_walk_done(&walk, walk.nbytes - nbytes); - } - - return err; -} -#endif /* endif HAVE_AES_CBC */ - -#if defined(WOLFSSL_AES_CFB) -static int km_AesCfbEncrypt(struct skcipher_request *req) -{ - struct crypto_skcipher * tfm = NULL; - struct km_AesCtx * ctx = NULL; - struct skcipher_walk walk; - unsigned int nbytes = 0; - int err = 0; - - tfm = crypto_skcipher_reqtfm(req); - ctx = crypto_skcipher_ctx(tfm); - - err = skcipher_walk_virt(&walk, req, false); - - while ((nbytes = walk.nbytes)) { - err = wc_AesSetKey(&ctx->aes, ctx->key, ctx->keylen, walk.iv, - AES_ENCRYPTION); - - if (unlikely(err)) { - pr_err("wc_AesSetKey failed: %d\n", err); - return err; - } - - err = wc_AesCfbEncrypt(&ctx->aes, walk.dst.virt.addr, - walk.src.virt.addr, nbytes); - - if (unlikely(err)) { - pr_err("wc_AesCfbEncrypt failed %d\n", err); - return err; - } - - err = skcipher_walk_done(&walk, walk.nbytes - nbytes); - } - - return err; -} - -static int km_AesCfbDecrypt(struct skcipher_request *req) -{ - struct crypto_skcipher * tfm = NULL; - struct km_AesCtx * ctx = NULL; - struct skcipher_walk walk; - unsigned int nbytes = 0; - int err = 0; - - tfm = crypto_skcipher_reqtfm(req); - ctx = crypto_skcipher_ctx(tfm); - - err = skcipher_walk_virt(&walk, req, false); - - while ((nbytes = walk.nbytes)) { - err = wc_AesSetKey(&ctx->aes, ctx->key, ctx->keylen, walk.iv, - AES_ENCRYPTION); - - if (unlikely(err)) { - pr_err("wc_AesSetKey failed"); - return err; - } - - err = wc_AesCfbDecrypt(&ctx->aes, walk.dst.virt.addr, - walk.src.virt.addr, nbytes); - - if (unlikely(err)) { - pr_err("wc_AesCfbDecrypt failed"); - return err; - } - - err = skcipher_walk_done(&walk, walk.nbytes - nbytes); - } - - return err; -} -#endif /* endif WOLFSSL_AES_CFB */ - - -#if defined(HAVE_AESGCM) -static int km_AesGcmInit(struct crypto_aead * tfm) -{ - struct km_AesCtx * ctx = crypto_aead_ctx(tfm); - km_ForceZero(ctx); - return km_AesInitCommon(ctx, WOLFKM_GCM_DRIVER); -} - -static void km_AesGcmExit(struct crypto_aead * tfm) -{ - struct km_AesCtx * ctx = crypto_aead_ctx(tfm); - km_AesExitCommon(ctx); -} - -static int km_AesGcmSetKey(struct crypto_aead *tfm, const u8 *in_key, - unsigned int key_len) -{ - struct km_AesCtx * ctx = crypto_aead_ctx(tfm); - return km_AesSetKeyCommon(ctx, in_key, key_len, WOLFKM_GCM_DRIVER); -} - -static int km_AesGcmSetAuthsize(struct crypto_aead *tfm, unsigned int authsize) -{ - (void)tfm; - if (authsize > AES_BLOCK_SIZE || - authsize < WOLFSSL_MIN_AUTH_TAG_SZ) { - pr_err("error: invalid authsize: %d\n", authsize); - return -EINVAL; - } - return 0; -} - -/* - * aead ciphers recieve data in scatterlists in following order: - * encrypt - * req->src: aad||plaintext - * req->dst: aad||ciphertext||tag - * decrypt - * req->src: aad||ciphertext||tag - * req->dst: aad||plaintext, return 0 or -EBADMSG - */ - -static int km_AesGcmEncrypt(struct aead_request *req) -{ - struct crypto_aead * tfm = NULL; - struct km_AesCtx * ctx = NULL; - struct skcipher_walk walk; - struct scatter_walk assocSgWalk; - unsigned int nbytes = 0; - u8 authTag[AES_BLOCK_SIZE]; - int err = 0; - unsigned int assocLeft = 0; - unsigned int cryptLeft = 0; - u8 * assoc = NULL; - - tfm = crypto_aead_reqtfm(req); - ctx = crypto_aead_ctx(tfm); - assocLeft = req->assoclen; - cryptLeft = req->cryptlen; - - scatterwalk_start(&assocSgWalk, req->src); - - err = skcipher_walk_aead_encrypt(&walk, req, false); - if (unlikely(err)) { - pr_err("error: skcipher_walk_aead_encrypt: %d\n", err); - return -1; - } - - err = wc_AesGcmInit(&ctx->aes, ctx->key, ctx->keylen, walk.iv, - AES_BLOCK_SIZE); - if (unlikely(err)) { - pr_err("error: wc_AesGcmInit failed with return code %d.\n", err); - return err; - } - - assoc = scatterwalk_map(&assocSgWalk); - if (unlikely(IS_ERR(assoc))) { - pr_err("error: scatterwalk_map failed %ld\n", PTR_ERR(assoc)); - return err; - } - - err = wc_AesGcmEncryptUpdate(&ctx->aes, NULL, NULL, 0, assoc, assocLeft); - assocLeft -= assocLeft; - scatterwalk_unmap(assoc); - assoc = NULL; - - if (unlikely(err)) { - pr_err("error: wc_AesGcmEncryptUpdate failed %d\n", err); - return err; - } - - while ((nbytes = walk.nbytes)) { - int n = nbytes; - - if (likely(cryptLeft && nbytes)) { - n = cryptLeft < nbytes ? cryptLeft : nbytes; - - err = wc_AesGcmEncryptUpdate(&ctx->aes, walk.dst.virt.addr, - walk.src.virt.addr, cryptLeft, NULL, 0); - nbytes -= n; - cryptLeft -= n; - } - - if (unlikely(err)) { - pr_err("wc_AesGcmEncryptUpdate failed %d\n", err); - return err; - } - - err = skcipher_walk_done(&walk, nbytes); - } - - err = wc_AesGcmEncryptFinal(&ctx->aes, authTag, tfm->authsize); - if (unlikely(err)) { - pr_err("error: wc_AesGcmEncryptFinal failed with return code %d\n", err); - return err; - } - - /* Now copy the auth tag into request scatterlist. */ - scatterwalk_map_and_copy(authTag, req->dst, - req->assoclen + req->cryptlen, - tfm->authsize, 1); - - return err; -} - -static int km_AesGcmDecrypt(struct aead_request *req) -{ - struct crypto_aead * tfm = NULL; - struct km_AesCtx * ctx = NULL; - struct skcipher_walk walk; - struct scatter_walk assocSgWalk; - unsigned int nbytes = 0; - u8 origAuthTag[AES_BLOCK_SIZE]; - int err = 0; - unsigned int assocLeft = 0; - unsigned int cryptLeft = 0; - u8 * assoc = NULL; - - tfm = crypto_aead_reqtfm(req); - ctx = crypto_aead_ctx(tfm); - assocLeft = req->assoclen; - cryptLeft = req->cryptlen - tfm->authsize; - - /* Copy out original auth tag from req->src. */ - scatterwalk_map_and_copy(origAuthTag, req->src, - req->assoclen + req->cryptlen - tfm->authsize, - tfm->authsize, 0); - - scatterwalk_start(&assocSgWalk, req->src); - - err = skcipher_walk_aead_decrypt(&walk, req, false); - if (unlikely(err)) { - pr_err("error: skcipher_walk_aead_decrypt: %d\n", err); - return -1; - } - - err = wc_AesGcmInit(&ctx->aes, ctx->key, ctx->keylen, walk.iv, - AES_BLOCK_SIZE); - if (unlikely(err)) { - pr_err("error: wc_AesGcmInit failed with return code %d.\n", err); - return err; - } - - assoc = scatterwalk_map(&assocSgWalk); - if (unlikely(IS_ERR(assoc))) { - pr_err("error: scatterwalk_map failed %ld\n", PTR_ERR(assoc)); - return err; - } - - err = wc_AesGcmDecryptUpdate(&ctx->aes, NULL, NULL, 0, assoc, assocLeft); - assocLeft -= assocLeft; - scatterwalk_unmap(assoc); - assoc = NULL; - - if (unlikely(err)) { - pr_err("error: wc_AesGcmDecryptUpdate failed %d\n", err); - return err; - } - - while ((nbytes = walk.nbytes)) { - int n = nbytes; - - if (likely(cryptLeft && nbytes)) { - n = cryptLeft < nbytes ? cryptLeft : nbytes; - - err = wc_AesGcmDecryptUpdate(&ctx->aes, walk.dst.virt.addr, - walk.src.virt.addr, cryptLeft, NULL, 0); - nbytes -= n; - cryptLeft -= n; - } - - if (unlikely(err)) { - pr_err("wc_AesGcmDecryptUpdate failed %d\n", err); - return err; - } - - err = skcipher_walk_done(&walk, nbytes); - } - - err = wc_AesGcmDecryptFinal(&ctx->aes, origAuthTag, tfm->authsize); - if (unlikely(err)) { - pr_err("error: wc_AesGcmDecryptFinal failed with return code %d\n", err); - - if (err == AES_GCM_AUTH_E) { - return -EBADMSG; - } - else { - return err; - } - } - - return err; -} -#endif /* endif HAVE_AESGCM */ - -#if defined(HAVE_AES_CBC) -static struct skcipher_alg cbcAesAlg = { - .base.cra_name = WOLFKM_CBC_NAME, - .base.cra_driver_name = WOLFKM_CBC_DRIVER, - .base.cra_priority = WOLFKM_ALG_PRIORITY, - .base.cra_blocksize = AES_BLOCK_SIZE, - .base.cra_ctxsize = sizeof(struct km_AesCtx), - .base.cra_module = THIS_MODULE, - .init = km_AesInit, - .exit = km_AesExit, - .min_keysize = (128 / 8), - .max_keysize = (AES_MAX_KEY_SIZE / 8), - .ivsize = AES_BLOCK_SIZE, - .setkey = km_AesSetKey, - .encrypt = km_AesCbcEncrypt, - .decrypt = km_AesCbcDecrypt, -}; -#endif - -#if defined(WOLFSSL_AES_CFB) -static struct skcipher_alg cfbAesAlg = { - .base.cra_name = WOLFKM_CFB_NAME, - .base.cra_driver_name = WOLFKM_CFB_DRIVER, - .base.cra_priority = WOLFKM_ALG_PRIORITY, - .base.cra_blocksize = AES_BLOCK_SIZE, - .base.cra_ctxsize = sizeof(struct km_AesCtx), - .base.cra_module = THIS_MODULE, - .init = km_AesInit, - .exit = km_AesExit, - .min_keysize = (128 / 8), - .max_keysize = (AES_MAX_KEY_SIZE / 8), - .ivsize = AES_BLOCK_SIZE, - .setkey = km_AesSetKey, - .encrypt = km_AesCfbEncrypt, - .decrypt = km_AesCfbDecrypt, -}; -#endif - -#if defined(HAVE_AESGCM) -static struct aead_alg gcmAesAead = { - .base.cra_name = WOLFKM_GCM_NAME, - .base.cra_driver_name = WOLFKM_GCM_DRIVER, - .base.cra_priority = WOLFKM_ALG_PRIORITY, - .base.cra_blocksize = 1, - .base.cra_ctxsize = sizeof(struct km_AesCtx), - .base.cra_module = THIS_MODULE, - .init = km_AesGcmInit, - .exit = km_AesGcmExit, - .setkey = km_AesGcmSetKey, - .setauthsize = km_AesGcmSetAuthsize, - .encrypt = km_AesGcmEncrypt, - .decrypt = km_AesGcmDecrypt, - .ivsize = AES_BLOCK_SIZE, - .maxauthsize = AES_BLOCK_SIZE, - .chunksize = AES_BLOCK_SIZE, -}; -#endif - -static int linuxkm_register_alg(void) -{ - int ret = 0; -#if defined(HAVE_AES_CBC) - ret = crypto_register_skcipher(&cbcAesAlg); - - if (ret) { - pr_err("crypto_register_skcipher failed with return code %d.\n", ret); - return ret; - } -#endif - -#if defined(WOLFSSL_AES_CFB) - ret = crypto_register_skcipher(&cfbAesAlg); - - if (ret) { - pr_err("crypto_register_skcipher failed with return code %d.\n", ret); - return ret; - } -#endif - -#if defined(HAVE_AESGCM) - ret = crypto_register_aead(&gcmAesAead); - - if (ret) { - pr_err("crypto_register_aead failed with return code %d.\n", ret); - return ret; - } -#endif - - return 0; -} - -static void linuxkm_unregister_alg(void) -{ -#if defined(HAVE_AES_CBC) - crypto_unregister_skcipher(&cbcAesAlg); -#endif -#if defined(WOLFSSL_AES_CFB) - crypto_unregister_skcipher(&cfbAesAlg); -#endif -#if defined(HAVE_AESGCM) - crypto_unregister_aead(&gcmAesAead); -#endif -} - -/* Given registered wolfcrypt kernel crypto, sanity test against - * direct wolfcrypt calls. */ - -static int linuxkm_test_alg(void) -{ - int ret = 0; - - ret = linuxkm_test_cbc(); - if (ret) { return ret; } - - ret = linuxkm_test_cfb(); - if (ret) { return ret; } - - ret = linuxkm_test_gcm(); - if (ret) { return ret; } - - return 0; -} - -static int linuxkm_test_cbc(void) -{ - int ret = 0; -#if defined(HAVE_AES_CBC) - struct crypto_skcipher * tfm = NULL; - struct skcipher_request * req = NULL; - struct scatterlist src, dst; - Aes aes; - byte key32[] = - { - 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, - 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 - }; - byte vector[] = /* Now is the time for all good men w/o trailing 0 */ - { - 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, - 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, - 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20, - 0x67,0x6f,0x6f,0x64,0x20,0x6d,0x65,0x6e - }; - byte iv[] = "1234567890abcdef"; - byte enc[sizeof(vector)]; - byte dec[sizeof(vector)]; - u8 * enc2 = NULL; - u8 * dec2 = NULL; - - XMEMSET(enc, 0, sizeof(enc)); - XMEMSET(dec, 0, sizeof(enc)); - - ret = wc_AesInit(&aes, NULL, INVALID_DEVID); - if (ret) { - pr_err("wolfcrypt wc_AesInit failed with return code %d.\n", ret); - return -1; - } - - ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); - if (ret) { - pr_err("wolfcrypt wc_AesSetKey failed with return code %d\n", ret); - return -1; - } - - ret = wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector)); - if (ret) { - pr_err("wolfcrypt wc_AesCbcEncrypt failed with return code %d\n", ret); - return -1; - } - - /* Re init for decrypt and set flag. */ - wc_AesFree(&aes); - - ret = wc_AesInit(&aes, NULL, INVALID_DEVID); - if (ret) { - pr_err("wolfcrypt wc_AesInit failed with return code %d.\n", ret); - return -1; - } - - ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_DECRYPTION); - if (ret) { - pr_err("wolfcrypt wc_AesSetKey failed with return code %d.\n", ret); - return -1; - } - - ret = wc_AesCbcDecrypt(&aes, dec, enc, sizeof(vector)); - if (ret) { - pr_err("wolfcrypt wc_AesCbcDecrypt failed with return code %d\n", ret); - return -1; - } - - ret = XMEMCMP(vector, dec, sizeof(vector)); - if (ret) { - pr_err("error: vector and dec do not match: %d\n", ret); - return -1; - } - - /* now the kernel crypto part */ - enc2 = kmalloc(sizeof(vector), GFP_KERNEL); - if (!enc2) { - pr_err("error: kmalloc failed\n"); - goto test_cbc_end; - } - - dec2 = kmalloc(sizeof(vector), GFP_KERNEL); - if (!dec2) { - pr_err("error: kmalloc failed\n"); - goto test_cbc_end; - } - - memcpy(dec2, vector, sizeof(vector)); - - tfm = crypto_alloc_skcipher(WOLFKM_CBC_DRIVER, 0, 0); - if (IS_ERR(tfm)) { - pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n", - WOLFKM_CBC_DRIVER, PTR_ERR(tfm)); - goto test_cbc_end; - } - - ret = crypto_skcipher_setkey(tfm, key32, AES_BLOCK_SIZE * 2); - if (ret) { - pr_err("error: crypto_skcipher_setkey returned: %d\n", ret); - goto test_cbc_end; - } - - req = skcipher_request_alloc(tfm, GFP_KERNEL); - if (IS_ERR(req)) { - pr_err("error: allocating AES skcipher request %s failed\n", - WOLFKM_CBC_DRIVER); - goto test_cbc_end; - } - - sg_init_one(&src, dec2, sizeof(vector)); - sg_init_one(&dst, enc2, sizeof(vector)); - - skcipher_request_set_crypt(req, &src, &dst, sizeof(vector), iv); - - ret = crypto_skcipher_encrypt(req); - - if (ret) { - pr_err("error: crypto_skcipher_encrypt returned: %d\n", ret); - goto test_cbc_end; - } - - ret = XMEMCMP(enc, enc2, sizeof(vector)); - if (ret) { - pr_err("error: enc and enc2 do not match: %d\n", ret); - goto test_cbc_end; - } - - memset(dec2, 0, sizeof(vector)); - sg_init_one(&src, enc2, sizeof(vector)); - sg_init_one(&dst, dec2, sizeof(vector)); - - skcipher_request_set_crypt(req, &src, &dst, sizeof(vector), iv); - - ret = crypto_skcipher_decrypt(req); - - if (ret) { - pr_err("error: crypto_skcipher_decrypt returned: %d\n", ret); - goto test_cbc_end; - } - - ret = XMEMCMP(dec, dec2, sizeof(vector)); - if (ret) { - pr_err("error: dec and dec2 do not match: %d\n", ret); - goto test_cbc_end; - } - - pr_info("info: test driver %s: good\n", WOLFKM_CBC_DRIVER); - -test_cbc_end: - - if (enc2) { kfree(enc2); enc2 = NULL; } - if (dec2) { kfree(dec2); dec2 = NULL; } - if (req) { skcipher_request_free(req); req = NULL; } - if (tfm) { crypto_free_skcipher(tfm); tfm = NULL; } - -#endif /* if defined HAVE_AES_CBC */ - return ret; -} - -static int linuxkm_test_cfb(void) -{ - int ret = 0; -#if defined(WOLFSSL_AES_CFB) - struct crypto_skcipher * tfm = NULL; - struct skcipher_request * req = NULL; - struct scatterlist src, dst; - Aes aes; - byte key32[] = - { - 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, - 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 - }; - byte vector[] = /* Now is the time for all good men w/o trailing 0 */ - { - 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, - 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, - 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20, - 0x67,0x6f,0x6f,0x64,0x20,0x6d,0x65,0x6e - }; - byte iv[] = "1234567890abcdef"; - byte enc[sizeof(vector)]; - byte dec[sizeof(vector)]; - u8 * enc2 = NULL; - u8 * dec2 = NULL; - - XMEMSET(enc, 0, sizeof(enc)); - XMEMSET(dec, 0, sizeof(enc)); - - ret = wc_AesInit(&aes, NULL, INVALID_DEVID); - if (ret) { - pr_err("wolfcrypt wc_AesInit failed with return code %d.\n", ret); - return -1; - } - - ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); - if (ret) { - pr_err("wolfcrypt wc_AesSetKey failed with return code %d\n", ret); - return -1; - } - - ret = wc_AesCfbEncrypt(&aes, enc, vector, sizeof(vector)); - if (ret) { - pr_err("wolfcrypt wc_AesCfbEncrypt failed with return code %d\n", ret); - return -1; - } - - /* Re init for decrypt and set flag. */ - wc_AesFree(&aes); - - ret = wc_AesInit(&aes, NULL, INVALID_DEVID); - if (ret) { - pr_err("wolfcrypt wc_AesInit failed with return code %d.\n", ret); - return -1; - } - - ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); - if (ret) { - pr_err("wolfcrypt wc_AesSetKey failed with return code %d.\n", ret); - return -1; - } - - ret = wc_AesCfbDecrypt(&aes, dec, enc, sizeof(vector)); - if (ret) { - pr_err("wolfcrypt wc_AesCfbDecrypt failed with return code %d\n", ret); - return -1; - } - - ret = XMEMCMP(vector, dec, sizeof(vector)); - if (ret) { - pr_err("error: vector and dec do not match: %d\n", ret); - return -1; - } - - /* now the kernel crypto part */ - enc2 = kmalloc(sizeof(vector), GFP_KERNEL); - if (!enc2) { - pr_err("error: kmalloc failed\n"); - goto test_cfb_end; - } - - dec2 = kmalloc(sizeof(vector), GFP_KERNEL); - if (!dec2) { - pr_err("error: kmalloc failed\n"); - goto test_cfb_end; - } - - memcpy(dec2, vector, sizeof(vector)); - - tfm = crypto_alloc_skcipher(WOLFKM_CFB_DRIVER, 0, 0); - if (IS_ERR(tfm)) { - pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n", - WOLFKM_CFB_DRIVER, PTR_ERR(tfm)); - goto test_cfb_end; - } - - ret = crypto_skcipher_setkey(tfm, key32, AES_BLOCK_SIZE * 2); - if (ret) { - pr_err("error: crypto_skcipher_setkey returned: %d\n", ret); - goto test_cfb_end; - } - - req = skcipher_request_alloc(tfm, GFP_KERNEL); - if (IS_ERR(req)) { - pr_err("error: allocating AES skcipher request %s failed\n", - WOLFKM_CFB_DRIVER); - goto test_cfb_end; - } - - sg_init_one(&src, dec2, sizeof(vector)); - sg_init_one(&dst, enc2, sizeof(vector)); - - skcipher_request_set_crypt(req, &src, &dst, sizeof(vector), iv); - - ret = crypto_skcipher_encrypt(req); - - if (ret) { - pr_err("error: crypto_skcipher_encrypt returned: %d\n", ret); - goto test_cfb_end; - } - - ret = XMEMCMP(enc, enc2, sizeof(vector)); - if (ret) { - pr_err("error: enc and enc2 do not match: %d\n", ret); - goto test_cfb_end; - } - - memset(dec2, 0, sizeof(vector)); - sg_init_one(&src, enc2, sizeof(vector)); - sg_init_one(&dst, dec2, sizeof(vector)); - - skcipher_request_set_crypt(req, &src, &dst, sizeof(vector), iv); - - ret = crypto_skcipher_decrypt(req); - - if (ret) { - pr_err("error: crypto_skcipher_decrypt returned: %d\n", ret); - goto test_cfb_end; - } - - ret = XMEMCMP(dec, dec2, sizeof(vector)); - if (ret) { - pr_err("error: dec and dec2 do not match: %d\n", ret); - goto test_cfb_end; - } - - pr_info("info: test driver %s: good\n", WOLFKM_CFB_DRIVER); - -test_cfb_end: - - if (enc2) { kfree(enc2); enc2 = NULL; } - if (dec2) { kfree(dec2); dec2 = NULL; } - if (req) { skcipher_request_free(req); req = NULL; } - if (tfm) { crypto_free_skcipher(tfm); tfm = NULL; } -#endif /* if defined WOLFSSL_AES_CFB */ - - return ret; -} - -static int linuxkm_test_gcm(void) -{ - int ret = 0; -#if defined(HAVE_AESGCM) - struct crypto_aead * tfm = NULL; - struct aead_request * req = NULL; - struct scatterlist * src = NULL; - struct scatterlist * dst = NULL; - Aes aes; - byte key32[] = - { - 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, - 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 - }; - byte vector[] = /* Now is the time for all w/o trailing 0 */ - { - 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, - 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, - 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 - }; - const byte assoc[] = - { - 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, - 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, - 0xab, 0xad, 0xda, 0xd2 - }; - byte ivstr[] = "1234567890abcdef"; - byte enc[sizeof(vector)]; - byte authTag[AES_BLOCK_SIZE]; - byte dec[sizeof(vector)]; - u8 * assoc2 = NULL; - u8 * enc2 = NULL; - u8 * dec2 = NULL; - u8 * iv = NULL; - size_t encryptLen = sizeof(vector); - size_t decryptLen = sizeof(vector) + sizeof(authTag); - - /* Init stack variables. */ - XMEMSET(enc, 0, sizeof(vector)); - XMEMSET(dec, 0, sizeof(vector)); - XMEMSET(authTag, 0, AES_BLOCK_SIZE); - - ret = wc_AesInit(&aes, NULL, INVALID_DEVID); - if (ret) { - pr_err("error: wc_AesInit failed with return code %d.\n", ret); - goto test_gcm_end; - } - - ret = wc_AesGcmInit(&aes, key32, sizeof(key32)/sizeof(byte), ivstr, - AES_BLOCK_SIZE); - if (ret) { - pr_err("error: wc_AesGcmInit failed with return code %d.\n", ret); - goto test_gcm_end; - } - - ret = wc_AesGcmEncryptUpdate(&aes, NULL, NULL, 0, assoc, sizeof(assoc)); - if (ret) { - pr_err("error: wc_AesGcmEncryptUpdate failed with return code %d\n", ret); - goto test_gcm_end; - } - - ret = wc_AesGcmEncryptUpdate(&aes, enc, vector, sizeof(vector), NULL, 0); - if (ret) { - pr_err("error: wc_AesGcmEncryptUpdate failed with return code %d\n", ret); - goto test_gcm_end; - } - - ret = wc_AesGcmEncryptFinal(&aes, authTag, AES_BLOCK_SIZE); - if (ret) { - pr_err("error: wc_AesGcmEncryptFinal failed with return code %d\n", ret); - goto test_gcm_end; - } - - ret = wc_AesGcmInit(&aes, key32, sizeof(key32)/sizeof(byte), ivstr, - AES_BLOCK_SIZE); - if (ret) { - pr_err("error: wc_AesGcmInit failed with return code %d.\n", ret); - goto test_gcm_end; - } - - ret = wc_AesGcmDecryptUpdate(&aes, dec, enc, sizeof(vector), assoc, sizeof(assoc)); - if (ret) { - pr_err("error: wc_AesGcmDecryptUpdate failed with return code %d\n", ret); - goto test_gcm_end; - } - - ret = wc_AesGcmDecryptFinal(&aes, authTag, AES_BLOCK_SIZE); - if (ret) { - pr_err("error: wc_AesGcmEncryptFinal failed with return code %d\n", ret); - goto test_gcm_end; - } - - ret = XMEMCMP(vector, dec, sizeof(vector)); - if (ret) { - pr_err("error: gcm: vector and dec do not match: %d\n", ret); - goto test_gcm_end; - } - - /* now the kernel crypto part */ - assoc2 = kmalloc(sizeof(assoc), GFP_KERNEL); - if (IS_ERR(assoc2)) { - pr_err("error: kmalloc failed\n"); - goto test_gcm_end; - } - memset(assoc2, 0, sizeof(assoc)); - memcpy(assoc2, assoc, sizeof(assoc)); - - iv = kmalloc(AES_BLOCK_SIZE, GFP_KERNEL); - if (IS_ERR(iv)) { - pr_err("error: kmalloc failed\n"); - goto test_gcm_end; - } - memset(iv, 0, AES_BLOCK_SIZE); - memcpy(iv, ivstr, AES_BLOCK_SIZE); - - enc2 = kmalloc(decryptLen, GFP_KERNEL); - if (IS_ERR(enc2)) { - pr_err("error: kmalloc failed\n"); - goto test_gcm_end; - } - - dec2 = kmalloc(decryptLen, GFP_KERNEL); - if (IS_ERR(dec2)) { - pr_err("error: kmalloc failed\n"); - goto test_gcm_end; - } - - memset(enc2, 0, decryptLen); - memset(dec2, 0, decryptLen); - memcpy(dec2, vector, sizeof(vector)); - - tfm = crypto_alloc_aead(WOLFKM_GCM_DRIVER, 0, 0); - if (IS_ERR(tfm)) { - pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n", - WOLFKM_GCM_DRIVER, PTR_ERR(tfm)); - goto test_gcm_end; - } - - ret = crypto_aead_setkey(tfm, key32, AES_BLOCK_SIZE * 2); - if (ret) { - pr_err("error: crypto_aead_setkey returned: %d\n", ret); - goto test_gcm_end; - } - - ret = crypto_aead_setauthsize(tfm, sizeof(authTag)); - if (ret) { - pr_err("error: crypto_aead_setauthsize returned: %d\n", ret); - goto test_gcm_end; - } - - req = aead_request_alloc(tfm, GFP_KERNEL); - if (IS_ERR(req)) { - pr_err("error: allocating AES aead request %s failed: %ld\n", - WOLFKM_CBC_DRIVER, PTR_ERR(req)); - goto test_gcm_end; - } - - src = kmalloc(sizeof(struct scatterlist) * 2, GFP_KERNEL); - dst = kmalloc(sizeof(struct scatterlist) * 2, GFP_KERNEL); - - if (IS_ERR(src) || IS_ERR(dst)) { - pr_err("error: kmalloc src or dst failed: %ld, %ld\n", - PTR_ERR(src), PTR_ERR(dst)); - goto test_gcm_end; - } - - sg_init_table(src, 2); - sg_set_buf(src, assoc2, sizeof(assoc)); - sg_set_buf(&src[1], dec2, sizeof(vector)); - - sg_init_table(dst, 2); - sg_set_buf(dst, assoc2, sizeof(assoc)); - sg_set_buf(&dst[1], enc2, decryptLen); - - aead_request_set_callback(req, 0, NULL, NULL); - aead_request_set_ad(req, sizeof(assoc)); - aead_request_set_crypt(req, src, dst, sizeof(vector), iv); - - ret = crypto_aead_encrypt(req); - - if (ret) { - pr_err("error: crypto_aead_encrypt returned: %d\n", ret); - goto test_gcm_end; - } - - ret = XMEMCMP(enc, enc2, sizeof(vector)); - if (ret) { - pr_err("error: enc and enc2 do not match: %d\n", ret); - goto test_gcm_end; - } - - ret = XMEMCMP(authTag, enc2 + encryptLen, sizeof(authTag)); - if (ret) { - pr_err("error: authTags do not match: %d\n", ret); - goto test_gcm_end; - } - - /* Now decrypt crypto request. Reverse src and dst. */ - memset(dec2, 0, decryptLen); - aead_request_set_ad(req, sizeof(assoc)); - aead_request_set_crypt(req, dst, src, decryptLen, iv); - - ret = crypto_aead_decrypt(req); - - if (ret) { - pr_err("error: crypto_aead_decrypt returned: %d\n", ret); - goto test_gcm_end; - } - - ret = XMEMCMP(dec, dec2, sizeof(vector)); - if (ret) { - pr_err("error: dec and dec2 do not match: %d\n", ret); - goto test_gcm_end; - } - - pr_info("info: test driver %s: good\n", WOLFKM_GCM_DRIVER); - -test_gcm_end: - if (req) { aead_request_free(req); req = NULL; } - if (tfm) { crypto_free_aead(tfm); tfm = NULL; } - - if (src) { kfree(src); src = NULL; } - if (dst) { kfree(dst); dst = NULL; } - - if (dec2) { kfree(dec2); dec2 = NULL; } - if (enc2) { kfree(enc2); enc2 = NULL; } - - if (assoc2) { kfree(assoc2); assoc2 = NULL; } - if (iv) { kfree(iv); iv = NULL; } -#endif /* if defined HAVE_AESGCM */ - - return 0; -} - -#endif /* LINUXKM_REGISTER_ALG && !defined(NO_AES) */ diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 730817823..bc3214872 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -12252,6 +12252,14 @@ int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz, /* Galois Field to use */ #define GF_XTS 0x87 +/* Set up keys for encryption and/or decryption. + * + * aes buffer holding aes subkeys + * heap heap hint to use for memory. Can be NULL + * devId id to use with async crypto. Can be 0 + * + * return 0 on success + */ int wc_AesXtsInit(XtsAes* aes, void* heap, int devId) { int ret = 0; @@ -12278,15 +12286,12 @@ int wc_AesXtsInit(XtsAes* aes, void* heap, int devId) /* Set up keys for encryption and/or decryption. * - * tweak AES key for tweak in XTS - * aes AES key for encrypt/decrypt process - * key buffer holding aes key | tweak key + * aes buffer holding aes subkeys + * key AES key for encrypt/decrypt and tweak process (concatenated) * len length of key buffer in bytes. Should be twice that of key size. i.e. * 32 for a 16 byte key. * dir direction: AES_ENCRYPTION, AES_DECRYPTION, or * AES_ENCRYPTION_AND_DECRYPTION - * heap heap hint to use for memory. Can be NULL - * devId id to use with async crypto. Can be 0 * * return 0 on success */ @@ -12680,15 +12685,19 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, if (xaes->aes_encrypt.use_aesni) { #if defined(HAVE_INTEL_AVX1) if (IS_INTEL_AVX1(intel_flags)) { - AES_XTS_encrypt_avx1(in, out, sz, i, (const byte*)xaes->aes_encrypt.key, - (const byte*)xaes->tweak.key, (int)xaes->aes_encrypt.rounds); + AES_XTS_encrypt_avx1(in, out, sz, i, + (const byte*)xaes->aes_encrypt.key, + (const byte*)xaes->tweak.key, + (int)xaes->aes_encrypt.rounds); ret = 0; } else #endif { - AES_XTS_encrypt_aesni(in, out, sz, i, (const byte*)xaes->aes_encrypt.key, - (const byte*)xaes->tweak.key, (int)xaes->aes_encrypt.rounds); + AES_XTS_encrypt_aesni(in, out, sz, i, + (const byte*)xaes->aes_encrypt.key, + (const byte*)xaes->tweak.key, + (int)xaes->aes_encrypt.rounds); ret = 0; } } @@ -12893,15 +12902,19 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, if (xaes->aes_decrypt.use_aesni) { #if defined(HAVE_INTEL_AVX1) if (IS_INTEL_AVX1(intel_flags)) { - AES_XTS_decrypt_avx1(in, out, sz, i, (const byte*)xaes->aes_decrypt.key, - (const byte*)xaes->tweak.key, (int)xaes->aes_decrypt.rounds); + AES_XTS_decrypt_avx1(in, out, sz, i, + (const byte*)xaes->aes_decrypt.key, + (const byte*)xaes->tweak.key, + (int)xaes->aes_decrypt.rounds); ret = 0; } else #endif { - AES_XTS_decrypt_aesni(in, out, sz, i, (const byte*)xaes->aes_decrypt.key, - (const byte*)xaes->tweak.key, (int)xaes->aes_decrypt.rounds); + AES_XTS_decrypt_aesni(in, out, sz, i, + (const byte*)xaes->aes_decrypt.key, + (const byte*)xaes->tweak.key, + (int)xaes->aes_decrypt.rounds); ret = 0; } } diff --git a/wolfcrypt/src/memory.c b/wolfcrypt/src/memory.c index f51e02a40..c4cbeabfc 100644 --- a/wolfcrypt/src/memory.c +++ b/wolfcrypt/src/memory.c @@ -1542,27 +1542,40 @@ WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) { * fuzz vector register access without the detailed debugging. * this is useful for testing in the kernel module build, where glibc and * thread-local storage are unavailable. + * + * note this is not a well-behaved PRNG, but is adequate for fuzzing purposes. + * the prn sequence is incompressible according to ent and xz, and does not + * cycle within 10M iterations with various seeds including zero, but the Chi + * square distribution is poor, and the unconditioned lsb bit balance is ~54% + * regardless of seed. */ WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) { static unsigned long prn = WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED; - unsigned long popcount; + static int balance_bit = 0; /* access to prn is racey, but it doesn't matter. */ - unsigned long new_prn = prn ^ 0xba86943da66ee701ul; + unsigned long new_prn = prn ^ 0xba86943da66ee701ul; /* note this magic + * random number is + * bit-balanced. + */ + /* barrel-roll using the bottom 6 bits. */ if (new_prn & 0x3f) new_prn = (new_prn << (new_prn & 0x3f)) | (new_prn >> (0x40 - (new_prn & 0x3f))); - __asm__ volatile ("popcnt %1, %0;" - :"=r"(popcount) - :"r"(new_prn) - : - ); - new_prn ^= popcount; prn = new_prn; - if (prn & 1) - return IO_FAILED_E; - else - return 0; + balance_bit = !balance_bit; + + if (balance_bit) { + if (prn & 1) + return IO_FAILED_E; + else + return 0; + } else { + if (prn & 1) + return 0; + else + return IO_FAILED_E; + } } #endif /* DEBUG_VECTOR_REGISTER_ACCESS || DEBUG_VECTOR_REGISTER_ACCESS_FUZZING */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 6e215f52a..7f50ee7c1 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -9438,6 +9438,7 @@ static wc_test_ret_t aes_xts_128_test(void) 0x77, 0x8a, 0xe8, 0xb4, 0x3c, 0xb9, 0x8d, 0x5a }; +#ifndef HAVE_FIPS_VERSION /* FIPS requires different keys for main and tweak. */ WOLFSSL_SMALL_STACK_STATIC unsigned char k3[] = { 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, @@ -9462,6 +9463,7 @@ static wc_test_ret_t aes_xts_128_test(void) 0xA0, 0x85, 0xD2, 0x69, 0x6E, 0x87, 0x0A, 0xBF, 0xB5, 0x5A, 0xDD, 0xCB, 0x80, 0xE0, 0xFC, 0xCD }; +#endif /* HAVE_FIPS_VERSION */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if ((aes = (XtsAes *)XMALLOC(sizeof *aes, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL) @@ -9490,7 +9492,7 @@ static wc_test_ret_t aes_xts_128_test(void) ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9501,7 +9503,7 @@ static wc_test_ret_t aes_xts_128_test(void) WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E); ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0); if (ret != 0) @@ -9517,7 +9519,7 @@ static wc_test_ret_t aes_xts_128_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9528,7 +9530,7 @@ static wc_test_ret_t aes_xts_128_test(void) WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E); ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0); if (ret != 0) @@ -9541,7 +9543,7 @@ static wc_test_ret_t aes_xts_128_test(void) XMEMSET(cipher, 0, sizeof(cipher)); ret = wc_AesXtsEncrypt(aes, cipher, pp, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9553,7 +9555,7 @@ static wc_test_ret_t aes_xts_128_test(void) XMEMSET(cipher, 0, sizeof(cipher)); ret = wc_AesXtsEncrypt(aes, cipher, pp, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0); if (ret != 0) @@ -9569,7 +9571,7 @@ static wc_test_ret_t aes_xts_128_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9581,7 +9583,7 @@ static wc_test_ret_t aes_xts_128_test(void) XMEMSET(buf, 0, sizeof(buf)); ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0); if (ret != 0) @@ -9594,7 +9596,7 @@ static wc_test_ret_t aes_xts_128_test(void) XMEMSET(buf, 0, sizeof(buf)); ret = wc_AesXtsDecrypt(aes, buf, c1, sizeof(c1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9606,7 +9608,7 @@ static wc_test_ret_t aes_xts_128_test(void) XMEMSET(buf, 0, sizeof(buf)); ret = wc_AesXtsDecrypt(aes, buf, c1, sizeof(c1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0); if (ret != 0) @@ -9619,7 +9621,7 @@ static wc_test_ret_t aes_xts_128_test(void) XMEMSET(buf, 0, sizeof(buf)); ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9633,13 +9635,15 @@ static wc_test_ret_t aes_xts_128_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(p2, buf, sizeof(p2))) ERROR_OUT(WC_TEST_RET_ENC_NC, out); +#ifndef HAVE_FIPS_VERSION + /* Test ciphertext stealing in-place. */ XMEMCPY(buf, p3, sizeof(p3)); ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_ENCRYPTION); @@ -9648,7 +9652,7 @@ static wc_test_ret_t aes_xts_128_test(void) ret = wc_AesXtsEncrypt(aes, buf, buf, sizeof(p3), i3, sizeof(i3)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9660,13 +9664,15 @@ static wc_test_ret_t aes_xts_128_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecrypt(aes, buf, buf, sizeof(c3), i3, sizeof(i3)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(p3, buf, sizeof(p3))) ERROR_OUT(WC_TEST_RET_ENC_NC, out); +#endif /* !HAVE_FIPS_VERSION */ + #if !defined(BENCH_EMBEDDED) && !defined(HAVE_CAVIUM) && \ !defined(WOLFSSL_AFALG) { @@ -9694,7 +9700,7 @@ static wc_test_ret_t aes_xts_128_test(void) ret = wc_AesXtsEncrypt(aes, large_input, large_input, j, i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9705,7 +9711,7 @@ static wc_test_ret_t aes_xts_128_test(void) ret = wc_AesXtsDecrypt(aes, large_input, large_input, j, i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9850,7 +9856,7 @@ static wc_test_ret_t aes_xts_256_test(void) ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9863,7 +9869,7 @@ static wc_test_ret_t aes_xts_256_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9874,7 +9880,7 @@ static wc_test_ret_t aes_xts_256_test(void) XMEMSET(cipher, 0, sizeof(cipher)); ret = wc_AesXtsEncrypt(aes, cipher, pp, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9886,7 +9892,7 @@ static wc_test_ret_t aes_xts_256_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9897,7 +9903,7 @@ static wc_test_ret_t aes_xts_256_test(void) XMEMSET(buf, 0, sizeof(buf)); ret = wc_AesXtsDecrypt(aes, buf, c1, sizeof(c1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -9910,7 +9916,7 @@ static wc_test_ret_t aes_xts_256_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -10127,7 +10133,7 @@ static wc_test_ret_t aes_xts_sector_test(void) ret = wc_AesXtsEncryptSector(aes, buf, p1, sizeof(p1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -10141,7 +10147,7 @@ static wc_test_ret_t aes_xts_sector_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecryptSector(aes, buf, c1, sizeof(c1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -10155,7 +10161,7 @@ static wc_test_ret_t aes_xts_sector_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsEncryptSector(aes, buf, p2, sizeof(p2), s2); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -10169,7 +10175,7 @@ static wc_test_ret_t aes_xts_sector_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecryptSector(aes, buf, c2, sizeof(c2), s2); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -10186,7 +10192,7 @@ static wc_test_ret_t aes_xts_sector_test(void) ret = wc_AesXtsEncryptConsecutiveSectors(aes, data, p3, sizeof(p3), s3, sectorSz); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -10201,7 +10207,7 @@ static wc_test_ret_t aes_xts_sector_test(void) ret = wc_AesXtsDecryptConsecutiveSectors(aes, data, c3, sizeof(c3), s3, sectorSz); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); @@ -10280,14 +10286,14 @@ static wc_test_ret_t aes_xts_args_test(void) ret = wc_AesXtsEncryptSector(NULL, buf, p1, sizeof(p1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret == 0) ERROR_OUT(WC_TEST_RET_ENC_NC, out); ret = wc_AesXtsEncryptSector(aes, NULL, p1, sizeof(p1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_encrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret == 0) ERROR_OUT(WC_TEST_RET_ENC_NC, out); @@ -10298,14 +10304,14 @@ static wc_test_ret_t aes_xts_args_test(void) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_AesXtsDecryptSector(NULL, buf, c1, sizeof(c1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret == 0) ERROR_OUT(WC_TEST_RET_ENC_NC, out); ret = wc_AesXtsDecryptSector(aes, NULL, c1, sizeof(c1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret == 0) ERROR_OUT(WC_TEST_RET_ENC_NC, out); @@ -30070,8 +30076,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test(void) #endif /* HAVE_ECC160 */ #if (defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 192 ret = ecc_test_curve(&rng, 24, ECC_CURVE_DEF); - printf("keySize=24, Default\n"); if (ret < 0) { + printf("keySize=24, Default\n"); goto done; } #endif /* HAVE_ECC192 */