mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 12:00:51 +02:00
Merge pull request #10696 from douzzer/20260615-linuxkm-fixes
20260615-linuxkm-fixes
This commit is contained in:
@@ -214,6 +214,7 @@ CURVED448_SMALL
|
||||
CUSTOM_ENTROPY_TIMEHIRES
|
||||
CY_USING_HAL
|
||||
DCP_USE_DCACHE
|
||||
DEBUG_FORCE_VECTOR_REGISTER_ACCESS_FUZZING
|
||||
DILITHIUM_MUL_11_SLOW
|
||||
DILITHIUM_MUL_44_SLOW
|
||||
DILITHIUM_MUL_QINV_SLOW
|
||||
@@ -634,6 +635,7 @@ USE_WOLF_STRNSTR
|
||||
USS_API
|
||||
WC_AESXTS_STREAM_NO_REQUEST_ACCOUNTING
|
||||
WC_AES_BS_WORD_SIZE
|
||||
WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH
|
||||
WC_AES_GCM_DEC_AUTH_EARLY
|
||||
WC_ALLOW_ECC_ZERO_HASH
|
||||
WC_ASN_HASH_SHA256
|
||||
@@ -669,6 +671,7 @@ WC_HASH_CUSTOM_MAX_DIGEST_SIZE
|
||||
WC_HASH_CUSTOM_MIN_DIGEST_SIZE
|
||||
WC_INIT_ERROR_WHEN_CONTENDED
|
||||
WC_LINUXKM_NO_USE_HEAP_WRAPPERS
|
||||
WC_MLDSA_NO_ASM
|
||||
WC_MLKEM_KERNEL_ASM
|
||||
WC_NO_ASYNC_SLEEP
|
||||
WC_NO_RNG_SIMPLE
|
||||
|
||||
+51
-47
@@ -165,12 +165,6 @@ AC_ARG_ENABLE([linuxkm],
|
||||
[ENABLED_LINUXKM=no]
|
||||
)
|
||||
|
||||
AC_ARG_ENABLE([linuxkm-defaults],
|
||||
[AS_HELP_STRING([--enable-linuxkm-defaults],[Enable feature defaults for Linux Kernel Module (default: disabled)])],
|
||||
[KERNEL_MODE_DEFAULTS=$enableval],
|
||||
[KERNEL_MODE_DEFAULTS=$ENABLED_LINUXKM]
|
||||
)
|
||||
|
||||
# FreeBSD Kernel Module
|
||||
AC_ARG_ENABLE([freebsdkm],
|
||||
[AS_HELP_STRING([--enable-freebsdkm],[Enable FreeBSD Kernel Module (default: disabled)])],
|
||||
@@ -178,6 +172,29 @@ AC_ARG_ENABLE([freebsdkm],
|
||||
[ENABLED_BSDKM=no]
|
||||
)
|
||||
|
||||
if test "$ENABLED_LINUXKM" != "no" || test "$ENABLED_BSDKM" != "no"
|
||||
then
|
||||
KERNEL_MODE_DEFAULTS=yes
|
||||
else
|
||||
KERNEL_MODE_DEFAULTS=no
|
||||
fi
|
||||
|
||||
AC_ARG_ENABLE([kernel-settings],
|
||||
[AS_HELP_STRING([--enable-kernel-settings],[Enable default settings appropriate for kernel modules (default: disabled)])],
|
||||
[KERNEL_MODE_DEFAULTS=$enableval]
|
||||
)
|
||||
|
||||
# backward-compat alias for --enable-kernel-settings
|
||||
AC_ARG_ENABLE([linuxkm-defaults],
|
||||
[AS_HELP_STRING([--enable-linuxkm-defaults],[Enable default settings appropriate for kernel modules (default: disabled)])],
|
||||
[KERNEL_MODE_DEFAULTS=$enableval]
|
||||
)
|
||||
|
||||
if test "$KERNEL_MODE_DEFAULTS" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KERNEL_MODE_DEFAULTS"
|
||||
fi
|
||||
|
||||
AC_ARG_ENABLE([freebsdkm-crypto-register],
|
||||
[AS_HELP_STRING([--enable-freebsdkm-crypto-register],[Register wolfCrypt implementations with the FreeBSD kernel opencrypto framework. (default: disabled)])],
|
||||
[ENABLED_BSDKM_REGISTER=$enableval],
|
||||
@@ -446,7 +463,7 @@ AC_SUBST([ENABLED_ASM])
|
||||
|
||||
# Default math is SP Math all and not fast math
|
||||
# FIPS v1 and v2 must use fast math
|
||||
DEF_SP_MATH="yes"
|
||||
DEF_SP_MATH_ALL="yes"
|
||||
DEF_FAST_MATH="no"
|
||||
|
||||
# FIPS 140
|
||||
@@ -557,7 +574,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
FIPS_VERSION="v1"
|
||||
HAVE_FIPS_VERSION_MAJOR=1
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="no"
|
||||
DEF_SP_MATH_ALL="no"
|
||||
DEF_FAST_MATH="yes"
|
||||
],
|
||||
[v2|cert3389],[
|
||||
@@ -565,7 +582,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MAJOR=2
|
||||
HAVE_FIPS_VERSION_MINOR=0
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="no"
|
||||
DEF_SP_MATH_ALL="no"
|
||||
DEF_FAST_MATH="yes"
|
||||
],
|
||||
[rand],[
|
||||
@@ -573,7 +590,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MAJOR=2
|
||||
HAVE_FIPS_VERSION_MINOR=1
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="no"
|
||||
DEF_SP_MATH_ALL="no"
|
||||
DEF_FAST_MATH="no"
|
||||
],
|
||||
[v5|cert4718],[
|
||||
@@ -582,7 +599,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MINOR=2
|
||||
HAVE_FIPS_VERSION_PATCH=1
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="no"
|
||||
DEF_SP_MATH_ALL="no"
|
||||
DEF_FAST_MATH="yes"
|
||||
],
|
||||
[v5.2.3],[
|
||||
@@ -591,7 +608,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MINOR=2
|
||||
HAVE_FIPS_VERSION_PATCH=3
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="yes"
|
||||
DEF_SP_MATH_ALL="yes"
|
||||
DEF_FAST_MATH="no"
|
||||
],
|
||||
[v5.2.4],[
|
||||
@@ -600,7 +617,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MINOR=2
|
||||
HAVE_FIPS_VERSION_PATCH=4
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="yes"
|
||||
DEF_SP_MATH_ALL="yes"
|
||||
DEF_FAST_MATH="no"
|
||||
],
|
||||
[v5-RC12],[
|
||||
@@ -609,7 +626,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MINOR=2
|
||||
HAVE_FIPS_VERSION_PATCH=0
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="no"
|
||||
DEF_SP_MATH_ALL="no"
|
||||
DEF_FAST_MATH="yes"
|
||||
],
|
||||
[v5-ready],[
|
||||
@@ -617,7 +634,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MAJOR=5
|
||||
HAVE_FIPS_VERSION_MINOR=3
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="no"
|
||||
DEF_SP_MATH_ALL="no"
|
||||
DEF_FAST_MATH="yes"
|
||||
],
|
||||
[v5-dev],[
|
||||
@@ -626,7 +643,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MINOR=2
|
||||
HAVE_FIPS_VERSION_PATCH=1
|
||||
ENABLED_FIPS="yes"
|
||||
# for dev, DEF_SP_MATH and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
|
||||
# for dev, DEF_SP_MATH_ALL and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
|
||||
],
|
||||
[v5-kcapi],[
|
||||
FIPS_VERSION="v5-dev"
|
||||
@@ -634,7 +651,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MINOR=3
|
||||
HAVE_FIPS_VERSION_PATCH=0
|
||||
ENABLED_FIPS="yes"
|
||||
# for dev, DEF_SP_MATH and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
|
||||
# for dev, DEF_SP_MATH_ALL and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
|
||||
],
|
||||
[v6|v6-dev],[
|
||||
FIPS_VERSION="v6"
|
||||
@@ -643,7 +660,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MINOR=0
|
||||
HAVE_FIPS_VERSION_PATCH=0
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="yes"
|
||||
DEF_SP_MATH_ALL="yes"
|
||||
DEF_FAST_MATH="no"
|
||||
],
|
||||
[v7],[
|
||||
@@ -653,7 +670,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MINOR=0
|
||||
HAVE_FIPS_VERSION_PATCH=0
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="yes"
|
||||
DEF_SP_MATH_ALL="yes"
|
||||
DEF_FAST_MATH="no"
|
||||
],
|
||||
# Should always remain one ahead of the latest so as not to be confused with
|
||||
@@ -665,7 +682,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MINOR=0
|
||||
HAVE_FIPS_VERSION_PATCH=0
|
||||
ENABLED_FIPS="yes"
|
||||
DEF_SP_MATH="yes"
|
||||
DEF_SP_MATH_ALL="yes"
|
||||
DEF_FAST_MATH="no"
|
||||
],
|
||||
[dev|v7-dev],[
|
||||
@@ -674,7 +691,7 @@ AS_CASE([$ENABLED_FIPS],
|
||||
HAVE_FIPS_VERSION_MINOR=0
|
||||
HAVE_FIPS_VERSION_PATCH=0
|
||||
ENABLED_FIPS="yes"
|
||||
# for dev, DEF_SP_MATH and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
|
||||
# for dev, DEF_SP_MATH_ALL and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
|
||||
],
|
||||
[lean-aesgcm|lean-aesgcm-ready|lean-aesgcm-dev],[
|
||||
FIPS_VERSION="$ENABLED_FIPS"
|
||||
@@ -809,16 +826,10 @@ then
|
||||
fi
|
||||
AC_SUBST([ENABLED_KERNEL_BENCHMARKS])
|
||||
|
||||
if test "$ENABLED_LINUXKM" = "yes" && test "$KERNEL_MODE_DEFAULTS" = "yes"
|
||||
# Kernel mode only supports sp-math-all with smallstack.
|
||||
if test "$KERNEL_MODE_DEFAULTS" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DWOLFSSL_SMALL_STACK_STATIC -DWC_SHA3_NO_ASM"
|
||||
if test "$ENABLED_LINUXKM_PIE" = "yes"; then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OCSP_ISSUER_CHECK"
|
||||
fi
|
||||
if test "$ENABLED_FIPS" = "no"; then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_OLD_PRIME_CHECK"
|
||||
fi
|
||||
DEF_SP_MATH="yes"
|
||||
DEF_SP_MATH_ALL="yes"
|
||||
DEF_FAST_MATH="no"
|
||||
fi
|
||||
|
||||
@@ -848,11 +859,11 @@ then
|
||||
# Currently DWARF 5 is the default debug format, but it results in
|
||||
# "Unsupported DW_TAG_atomic_type(0x47): type: 0x1eefc" in some
|
||||
# kernel module builds.
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM -DWC_SIPHASH_NO_ASM -gdwarf-4"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM -gdwarf-4"
|
||||
AS_IF([test "$ax_enable_debug" = "yes"],
|
||||
[AM_CFLAGS="$AM_CFLAGS -g3"],
|
||||
[AM_CFLAGS="$AM_CFLAGS -g1"])
|
||||
AM_CCASFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM -DWC_SIPHASH_NO_ASM -gdwarf-4"
|
||||
AM_CCASFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM -gdwarf-4"
|
||||
AS_IF([test "$ax_enable_debug" = "yes"],
|
||||
[AM_CCASFLAGS="$AM_CFLAGS -g3"],
|
||||
[AM_CCASFLAGS="$AM_CFLAGS -g1"])
|
||||
@@ -879,8 +890,6 @@ then
|
||||
if test "${KERNEL_ARCH}" = ""; then
|
||||
AC_MSG_ERROR([Linux kernel target architecture for build tree ${KERNEL_ROOT} could not be determined. Is target kernel configured?])
|
||||
fi
|
||||
|
||||
AM_CFLAGS="$AM_CFLAGS -DNO_DEV_RANDOM -DNO_WRITEV -DNO_STDIO_FILESYSTEM -DWOLFSSL_NO_SOCK -DWOLFSSL_USER_IO"
|
||||
fi
|
||||
|
||||
#
|
||||
@@ -894,7 +903,6 @@ if test "x$ENABLED_BSDKM" = "xyes"
|
||||
then
|
||||
# note: bsdkm is wolfcrypt only for now.
|
||||
HAVE_KERNEL_MODE=yes
|
||||
KERNEL_MODE_DEFAULTS=yes
|
||||
ENABLED_NO_LIBRARY=yes
|
||||
ENABLED_BENCHMARK=no
|
||||
|
||||
@@ -938,9 +946,9 @@ then
|
||||
DEF_FAST_MATH=no
|
||||
fi
|
||||
|
||||
if test "$DEF_SP_MATH" = "yes" && (test "$enable_fastmath" = "yes" || test "$enable_fasthugemath" = "yes" || test "$enable_heapmath" = "yes")
|
||||
if test "$DEF_SP_MATH_ALL" = "yes" && (test "$enable_fastmath" = "yes" || test "$enable_fasthugemath" = "yes" || test "$enable_heapmath" = "yes")
|
||||
then
|
||||
DEF_SP_MATH=no
|
||||
DEF_SP_MATH_ALL=no
|
||||
fi
|
||||
|
||||
# Single Precision maths implementation
|
||||
@@ -953,7 +961,7 @@ AC_ARG_ENABLE([sp],
|
||||
AC_ARG_ENABLE([sp-math-all],
|
||||
[AS_HELP_STRING([--enable-sp-math-all],[Enable Single Precision math implementation for full algorithm suite (default: enabled)])],
|
||||
[ ENABLED_SP_MATH_ALL=$enableval ],
|
||||
[ ENABLED_SP_MATH_ALL=$DEF_SP_MATH ],
|
||||
[ ENABLED_SP_MATH_ALL=$DEF_SP_MATH_ALL ],
|
||||
)
|
||||
|
||||
# Single Precision maths (acceleration for common key sizes and curves)
|
||||
@@ -985,7 +993,7 @@ then
|
||||
fi
|
||||
fi
|
||||
|
||||
# enable SP math assembly support automatically for x86_64 and aarch64 (except Linux kernel module)
|
||||
# enable SP math assembly support automatically for x86_64 and aarch64 (except kernel modules)
|
||||
SP_ASM_DEFAULT=no
|
||||
if test "$ENABLED_SP_MATH" = "yes" && test "$KERNEL_MODE_DEFAULTS" = "no"
|
||||
then
|
||||
@@ -1272,7 +1280,7 @@ then
|
||||
|
||||
if test "$ENABLED_SP_MATH" != "yes"
|
||||
then
|
||||
# linuxkm is incompatible with opensslextra and its dependents.
|
||||
# kernel modules are currently incompatible with opensslextra and its dependents.
|
||||
if test "$KERNEL_MODE_DEFAULTS" != "yes"
|
||||
then
|
||||
test "$enable_opensslextra" = "" && enable_opensslextra=yes
|
||||
@@ -1318,7 +1326,7 @@ if test "$ENABLED_ALL_OSP" = "yes"
|
||||
then
|
||||
if test "$KERNEL_MODE_DEFAULTS" = "yes"
|
||||
then
|
||||
AC_MSG_ERROR([--enable-all-osp is incompatible with --enable-linuxkm-defaults])
|
||||
AC_MSG_ERROR([--enable-all-osp is incompatible with kernel mode defaults])
|
||||
fi
|
||||
|
||||
test "$enable_tailscale" = "" && enable_tailscale=yes
|
||||
@@ -1593,12 +1601,8 @@ then
|
||||
# AFALG lacks AES-EAX
|
||||
test "$enable_aeseax" = "" && test "$enable_afalg" != "yes" && enable_aeseax=yes
|
||||
test "$enable_sakke" = "" && test "$enable_ecc" != "no" && enable_sakke=yes
|
||||
|
||||
if test "$KERNEL_MODE_DEFAULTS" != "yes"
|
||||
then
|
||||
test "$enable_cryptocb" = "" && enable_cryptocb=yes
|
||||
test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
|
||||
fi
|
||||
test "$enable_cryptocb" = "" && enable_cryptocb=yes
|
||||
test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
|
||||
fi
|
||||
|
||||
if test "$ENABLED_FIPS" = "no" || test "$HAVE_FIPS_VERSION" -ge 6
|
||||
|
||||
+13
-1
@@ -80,11 +80,21 @@ endif
|
||||
|
||||
HOST_EXTRACFLAGS += $(NOSTDINC_FLAGS) $(LINUXINCLUDE) $(KBUILD_CFLAGS) -static -fno-omit-frame-pointer
|
||||
|
||||
ifdef CONFIG_CC_IS_CLANG
|
||||
HOST_EXTRACFLAGS += -mfunction-return=keep
|
||||
endif
|
||||
|
||||
# "-mindirect-branch=keep -mfunction-return=keep" to avoid "undefined reference
|
||||
# to `__x86_return_thunk'" on CONFIG_RETHUNK kernels (5.19.0-rc7)
|
||||
ifdef CONFIG_CC_IS_GCC
|
||||
ifeq "$(KERNEL_ARCH_X86)" "yes"
|
||||
HOST_EXTRACFLAGS += -mindirect-branch=keep -mfunction-return=keep
|
||||
endif
|
||||
endif
|
||||
|
||||
ifdef CONFIG_CC_IS_CLANG
|
||||
WOLFSSL_CFLAGS += -Wno-unused-parameter
|
||||
endif
|
||||
|
||||
# this rule is needed to get build to succeed in 4.x (get_thread_size still doesn't get built)
|
||||
$(obj)/linuxkm/get_thread_size: $(src)/linuxkm/get_thread_size.c
|
||||
@@ -93,7 +103,9 @@ ifndef KERNEL_THREAD_STACK_SIZE
|
||||
$(WOLFSSL_OBJ_TARGETS): | $(obj)/linuxkm/get_thread_size
|
||||
KERNEL_THREAD_STACK_SIZE=$(shell test -x $(obj)/linuxkm/get_thread_size && $(obj)/linuxkm/get_thread_size || echo 16384)
|
||||
endif
|
||||
MAX_STACK_FRAME_SIZE=$(shell echo $$(( $(KERNEL_THREAD_STACK_SIZE) / 4)))
|
||||
ifndef MAX_STACK_FRAME_SIZE
|
||||
MAX_STACK_FRAME_SIZE=$(shell echo $$(( $(KERNEL_THREAD_STACK_SIZE) / 4)))
|
||||
endif
|
||||
|
||||
$(LIBWOLFSSL_NAME)-y := $(WOLFSSL_OBJ_FILES) linuxkm/module_hooks.o linuxkm/module_exports.o
|
||||
|
||||
|
||||
@@ -82,7 +82,7 @@ static inline long find_reloc_tab_offset(
|
||||
unsigned long hop;
|
||||
|
||||
if (seg_in_offset >= (size_t)reloc_tab[reloc_tab_len - 1].offset) {
|
||||
RELOC_DEBUG_PRINTF("ERROR: %s failed.\n", __FUNCTION__);
|
||||
RELOC_DEBUG_PRINTF("ERROR: %s failed.\n", __func__);
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
@@ -113,7 +113,7 @@ static inline long find_reloc_tab_offset(
|
||||
|
||||
#ifdef DEBUG_LINUXKM_PIE_SUPPORT
|
||||
if (ret < 0)
|
||||
RELOC_DEBUG_PRINTF("ERROR: %s returning %ld.\n", __FUNCTION__, ret);
|
||||
RELOC_DEBUG_PRINTF("ERROR: %s returning %ld.\n", __func__, ret);
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
@@ -122,8 +122,11 @@ static inline long find_reloc_tab_offset(
|
||||
* build and target host, but if we were, these macros would byte swap.
|
||||
* Currently, we detect and fail early on endianness conflicts.
|
||||
*/
|
||||
#define wc_get_unaligned(v) ({ typeof(*(v)) _v_aligned; XMEMCPY((void *)&_v_aligned, (void *)(v), sizeof _v_aligned); _v_aligned; })
|
||||
#define wc_put_unaligned(v, v_out) do { typeof(v) _v = (v); XMEMCPY((void *)(v_out), (void *)&_v, sizeof(typeof(*(v_out)))); } while (0)
|
||||
#define wc_get_unaligned(v) (((const struct __attribute__((packed)) { typeof(*(v)) x; } *)(v))->x)
|
||||
#define wc_put_unaligned(v, v_out) do { \
|
||||
struct __attribute__((packed)) { typeof(*(v_out)) x; } *_pptr = (typeof(_pptr))(v_out); \
|
||||
_pptr->x = (v); \
|
||||
} while (0)
|
||||
|
||||
ssize_t wc_reloc_normalize_segment(
|
||||
const byte *seg_in,
|
||||
@@ -173,7 +176,7 @@ ssize_t wc_reloc_normalize_segment(
|
||||
else
|
||||
{
|
||||
RELOC_DEBUG_PRINTF("ERROR: %s returning BAD_FUNC_ARG with span %llx-%llx versus text %llx-%llx and rodata %llx-%llx.\n",
|
||||
__FUNCTION__,
|
||||
__func__,
|
||||
(unsigned long long)(uintptr_t)seg_in,
|
||||
(unsigned long long)(uintptr_t)(seg_in + *seg_in_out_len),
|
||||
(unsigned long long)seg_map->text_start,
|
||||
|
||||
+93
-13
@@ -76,6 +76,31 @@
|
||||
#define _GCC_STDINT_H
|
||||
#define WC_PTR_TYPE uintptr_t
|
||||
|
||||
#ifdef __clang__
|
||||
/* inhibit inclusion of LLVM stdint.h (included via LLVM stdatomic.h) to
|
||||
* avoid conflicts with linux/types.h.
|
||||
*/
|
||||
#define __CLANG_STDINT_H
|
||||
#define uint_least64_t uint64_t
|
||||
#define int_least64_t int64_t
|
||||
#define uint_least32_t uint32_t
|
||||
#define int_least32_t int32_t
|
||||
#define uint_least16_t uint16_t
|
||||
#define int_least16_t int16_t
|
||||
#define uint_least8_t uint8_t
|
||||
#define int_least8_t int8_t
|
||||
#define uint_fast64_t uint64_t
|
||||
#define int_fast64_t int64_t
|
||||
#define uint_fast32_t uint32_t
|
||||
#define int_fast32_t int32_t
|
||||
#define uint_fast16_t uint16_t
|
||||
#define int_fast16_t int16_t
|
||||
#define uint_fast8_t uint8_t
|
||||
#define int_fast8_t int8_t
|
||||
#define uintmax_t uint64_t
|
||||
#define intmax_t int64_t
|
||||
#endif
|
||||
|
||||
/* needed to suppress inclusion of stdio.h in wolfssl/wolfcrypt/types.h */
|
||||
#define XSNPRINTF snprintf
|
||||
|
||||
@@ -192,6 +217,7 @@
|
||||
enum wc_svr_flags {
|
||||
WC_SVR_FLAG_NONE = 0,
|
||||
WC_SVR_FLAG_INHIBIT = 1,
|
||||
WC_SVR_FLAG_FUZZ
|
||||
};
|
||||
|
||||
#if defined(WOLFSSL_AESNI) || defined(USE_INTEL_SPEEDUP) || \
|
||||
@@ -319,6 +345,10 @@
|
||||
_Pragma("GCC diagnostic ignored \"-Wcast-function-type\""); /* needed for kernel 4.14.336 */
|
||||
_Pragma("GCC diagnostic ignored \"-Wformat-nonliteral\""); /* needed for kernel 4.9.282 */
|
||||
_Pragma("GCC diagnostic ignored \"-Wattributes\"");
|
||||
#ifdef __clang__
|
||||
_Pragma("clang diagnostic ignored \"-Wshorten-64-to-32\"");
|
||||
_Pragma("clang diagnostic ignored \"-Wframe-address\"");
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_KASAN
|
||||
#ifndef WC_SANITIZE_DISABLE
|
||||
@@ -705,11 +735,7 @@
|
||||
#endif
|
||||
#endif
|
||||
#ifndef CAN_SAVE_VECTOR_REGISTERS
|
||||
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
|
||||
#define CAN_SAVE_VECTOR_REGISTERS() (wc_can_save_vector_registers_x86() && (SAVE_VECTOR_REGISTERS2_fuzzer() == 0))
|
||||
#else
|
||||
#define CAN_SAVE_VECTOR_REGISTERS() wc_can_save_vector_registers_x86()
|
||||
#endif
|
||||
#define CAN_SAVE_VECTOR_REGISTERS() wc_can_save_vector_registers_x86()
|
||||
#endif
|
||||
#ifndef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS(fail_clause) { \
|
||||
@@ -721,12 +747,7 @@
|
||||
#endif
|
||||
#ifndef SAVE_VECTOR_REGISTERS2
|
||||
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
|
||||
#define SAVE_VECTOR_REGISTERS2() ({ \
|
||||
int _fuzzer_ret = SAVE_VECTOR_REGISTERS2_fuzzer(); \
|
||||
(_fuzzer_ret == 0) ? \
|
||||
wc_save_vector_registers_x86(WC_SVR_FLAG_NONE) : \
|
||||
_fuzzer_ret; \
|
||||
})
|
||||
#define SAVE_VECTOR_REGISTERS2() wc_save_vector_registers_x86(WC_SVR_FLAG_FUZZ)
|
||||
#else
|
||||
#define SAVE_VECTOR_REGISTERS2() wc_save_vector_registers_x86(WC_SVR_FLAG_NONE)
|
||||
#endif
|
||||
@@ -784,6 +805,28 @@
|
||||
|
||||
_Pragma("GCC diagnostic pop");
|
||||
|
||||
#define PTR_ERR(x) ((int)PTR_ERR(x))
|
||||
|
||||
#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(7,0,0) && !defined(NO_AES)
|
||||
/* with CONFIG_FORTIFY_SOURCE we've seen false positive
|
||||
* maybe-uninitialized on counter in AES_GCM_encrypt_C(). This is easy
|
||||
* to mitigate with a grafted-on attribute.
|
||||
*/
|
||||
#if FIPS_VERSION3_LT(6,0,0)
|
||||
struct Aes;
|
||||
WOLFSSL_LOCAL void __attribute__((nonnull(1))) GHASH(struct Aes *aes, const unsigned char* a,
|
||||
unsigned int aSz, const unsigned char* c,
|
||||
unsigned int cSz, unsigned char* s, unsigned int sSz);
|
||||
#else
|
||||
struct Gcm;
|
||||
WOLFSSL_LOCAL void __attribute__((nonnull(1))) GHASH(struct Gcm *gcm, const unsigned char* a,
|
||||
unsigned int aSz, const unsigned char* c,
|
||||
unsigned int cSz, unsigned char* s, unsigned int sSz);
|
||||
#endif
|
||||
/* Need to suppress the otherwise-warned nullness checks in old FIPS aes.c. */
|
||||
_Pragma("GCC diagnostic ignored \"-Wnonnull-compare\"");
|
||||
#endif
|
||||
|
||||
/* avoid -Wpointer-arith, encountered when -DCONFIG_FORTIFY_SOURCE */
|
||||
#undef __is_constexpr
|
||||
#define __is_constexpr(x) __builtin_constant_p(x)
|
||||
@@ -896,6 +939,13 @@
|
||||
extern struct WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap);
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
#ifdef HAVE_OCSP
|
||||
struct OcspResponse;
|
||||
extern int CheckOcspResponder(struct OcspResponse *bs, unsigned char* subjectNameHash,
|
||||
unsigned char* subjectKeyHash, unsigned char extExtKeyUsage, unsigned char* issuerNameHash,
|
||||
unsigned char* issuerKeyHash);
|
||||
#endif
|
||||
|
||||
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
||||
|
||||
#if defined(WC_CONTAINERIZE_THIS) && !defined(WC_SYM_RELOC_TABLES)
|
||||
@@ -994,9 +1044,12 @@
|
||||
#ifndef __ARCH_STRSTR_NO_REDIRECT
|
||||
typeof(strstr) *strstr;
|
||||
#endif
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(7, 2, 0)
|
||||
/* note strncpy() purged from kernel by 079a028d63 */
|
||||
#ifndef __ARCH_STRNCPY_NO_REDIRECT
|
||||
typeof(strncpy) *strncpy;
|
||||
#endif
|
||||
#endif /* LINUX_VERSION_CODE < KERNEL_VERSION(7, 2, 0) */
|
||||
#ifndef __ARCH_STRNCAT_NO_REDIRECT
|
||||
typeof(strncat) *strncat;
|
||||
#endif
|
||||
@@ -1190,8 +1243,8 @@
|
||||
typeof(wolfCrypt_FIPS_ft_ro_sanity) *wolfCrypt_FIPS_ft_ro_sanity;
|
||||
typeof(wolfCrypt_FIPS_f_ro_sanity) *wolfCrypt_FIPS_f_ro_sanity;
|
||||
typeof(wc_RunAllCast_fips) *wc_RunAllCast_fips;
|
||||
#endif
|
||||
#endif
|
||||
#endif /* FIPS_VERSION3_GE(6,0,0) */
|
||||
#endif /* HAVE_FIPS */
|
||||
|
||||
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
|
||||
typeof(GetCA) *GetCA;
|
||||
@@ -1211,6 +1264,10 @@
|
||||
typeof(wolfSSL_X509_NAME_new_ex) *wolfSSL_X509_NAME_new_ex;
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
#ifdef HAVE_OCSP
|
||||
typeof(CheckOcspResponder) *CheckOcspResponder;
|
||||
#endif
|
||||
|
||||
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
||||
|
||||
typeof(dump_stack) *dump_stack;
|
||||
@@ -1342,9 +1399,11 @@
|
||||
#ifndef __ARCH_STRSTR_NO_REDIRECT
|
||||
#define strstr WC_PIE_INDIRECT_SYM(strstr)
|
||||
#endif
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(7, 2, 0)
|
||||
#ifndef __ARCH_STRNCPY_NO_REDIRECT
|
||||
#define strncpy WC_PIE_INDIRECT_SYM(strncpy)
|
||||
#endif
|
||||
#endif
|
||||
#ifndef __ARCH_STRNCAT_NO_REDIRECT
|
||||
#define strncat WC_PIE_INDIRECT_SYM(strncat)
|
||||
#endif
|
||||
@@ -1504,6 +1563,10 @@
|
||||
#define wolfSSL_X509_NAME_new_ex WC_PIE_INDIRECT_SYM(wolfSSL_X509_NAME_new_ex)
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
#ifdef HAVE_OCSP
|
||||
#define CheckOcspResponder WC_PIE_INDIRECT_SYM(CheckOcspResponder)
|
||||
#endif
|
||||
|
||||
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
||||
|
||||
#define dump_stack WC_PIE_INDIRECT_SYM(dump_stack)
|
||||
@@ -1748,6 +1811,23 @@
|
||||
|
||||
#endif /* BUILDING_WOLFSSL */
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(7, 2, 0)
|
||||
/* note strncpy() purged from kernel by 079a028d63 */
|
||||
static __always_inline char *wc_linuxkm_strncpy(char *dst, const char *src, size_t dsize) {
|
||||
char *dstart = dst, *dend = dst + dsize;
|
||||
while (dst < dend) {
|
||||
if (*src == 0) {
|
||||
*dst = 0;
|
||||
/* don't bother zero-filling dst. */
|
||||
break;
|
||||
}
|
||||
*dst++ = *src++;
|
||||
}
|
||||
return dstart;
|
||||
}
|
||||
#define strncpy wc_linuxkm_strncpy
|
||||
#endif
|
||||
|
||||
#if !defined(BUILDING_WOLFSSL)
|
||||
/* some caller code needs these. */
|
||||
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS)
|
||||
|
||||
+20
-20
@@ -1201,9 +1201,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
|
||||
#endif
|
||||
if (unlikely(IS_ERR(assoc))) {
|
||||
err = (int)PTR_ERR(assoc);
|
||||
pr_err("%s: scatterwalk_map failed: %ld\n",
|
||||
pr_err("%s: scatterwalk_map failed: %d\n",
|
||||
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
|
||||
PTR_ERR(assoc));
|
||||
(int)PTR_ERR(assoc));
|
||||
assoc = NULL;
|
||||
goto out;
|
||||
}
|
||||
@@ -1415,9 +1415,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
|
||||
#endif
|
||||
if (unlikely(IS_ERR(in_map))) {
|
||||
err = (int)PTR_ERR(in_map);
|
||||
pr_err("%s: scatterwalk_map failed: %ld\n",
|
||||
pr_err("%s: scatterwalk_map failed: %d\n",
|
||||
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
|
||||
PTR_ERR(in_map));
|
||||
(int)PTR_ERR(in_map));
|
||||
in_map = NULL;
|
||||
goto out;
|
||||
}
|
||||
@@ -1433,9 +1433,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
|
||||
#endif
|
||||
if (unlikely(IS_ERR(out_map))) {
|
||||
err = (int)PTR_ERR(out_map);
|
||||
pr_err("%s: scatterwalk_map failed: %ld\n",
|
||||
pr_err("%s: scatterwalk_map failed: %d\n",
|
||||
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
|
||||
PTR_ERR(out_map));
|
||||
(int)PTR_ERR(out_map));
|
||||
out_map = NULL;
|
||||
goto out;
|
||||
}
|
||||
@@ -1916,9 +1916,9 @@ static int AesCcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4309_p)
|
||||
#endif
|
||||
if (unlikely(IS_ERR(in_map))) {
|
||||
err = (int)PTR_ERR(in_map);
|
||||
pr_err("%s: scatterwalk_map failed: %ld\n",
|
||||
pr_err("%s: scatterwalk_map failed: %d\n",
|
||||
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
|
||||
PTR_ERR(in_map));
|
||||
(int)PTR_ERR(in_map));
|
||||
in_map = NULL;
|
||||
goto out;
|
||||
}
|
||||
@@ -1934,9 +1934,9 @@ static int AesCcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4309_p)
|
||||
#endif
|
||||
if (unlikely(IS_ERR(out_map))) {
|
||||
err = (int)PTR_ERR(out_map);
|
||||
pr_err("%s: scatterwalk_map failed: %ld\n",
|
||||
pr_err("%s: scatterwalk_map failed: %d\n",
|
||||
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
|
||||
PTR_ERR(out_map));
|
||||
(int)PTR_ERR(out_map));
|
||||
out_map = NULL;
|
||||
goto out;
|
||||
}
|
||||
@@ -3129,8 +3129,8 @@ static int linuxkm_test_aescbc(void)
|
||||
|
||||
tfm = crypto_alloc_skcipher(WOLFKM_AESCBC_NAME, 0, 0);
|
||||
if (IS_ERR(tfm)) {
|
||||
pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n",
|
||||
WOLFKM_AESCBC_DRIVER, PTR_ERR(tfm));
|
||||
pr_err("error: allocating AES skcipher algorithm %s failed: %d\n",
|
||||
WOLFKM_AESCBC_DRIVER, (int)PTR_ERR(tfm));
|
||||
tfm = NULL;
|
||||
goto test_cbc_end;
|
||||
}
|
||||
@@ -3342,8 +3342,8 @@ static int linuxkm_test_aescfb(void)
|
||||
|
||||
tfm = crypto_alloc_skcipher(WOLFKM_AESCFB_NAME, 0, 0);
|
||||
if (IS_ERR(tfm)) {
|
||||
pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n",
|
||||
WOLFKM_AESCFB_DRIVER, PTR_ERR(tfm));
|
||||
pr_err("error: allocating AES skcipher algorithm %s failed: %d\n",
|
||||
WOLFKM_AESCFB_DRIVER, (int)PTR_ERR(tfm));
|
||||
tfm = NULL;
|
||||
goto test_cfb_end;
|
||||
}
|
||||
@@ -3606,8 +3606,8 @@ static int linuxkm_test_aesgcm(void)
|
||||
|
||||
tfm = crypto_alloc_aead(WOLFKM_AESGCM_NAME, 0, 0);
|
||||
if (IS_ERR(tfm)) {
|
||||
pr_err("error: allocating AES aead algorithm %s failed: %ld\n",
|
||||
WOLFKM_AESGCM_DRIVER, PTR_ERR(tfm));
|
||||
pr_err("error: allocating AES aead algorithm %s failed: %d\n",
|
||||
WOLFKM_AESGCM_DRIVER, (int)PTR_ERR(tfm));
|
||||
tfm = NULL;
|
||||
goto test_gcm_end;
|
||||
}
|
||||
@@ -3658,7 +3658,7 @@ static int linuxkm_test_aesgcm(void)
|
||||
|
||||
sg_init_table(dst, 2);
|
||||
sg_set_buf(dst, assoc2, sizeof(assoc));
|
||||
sg_set_buf(&dst[1], enc2, decryptLen);
|
||||
sg_set_buf(&dst[1], enc2, (unsigned int)decryptLen);
|
||||
|
||||
aead_request_set_callback(req, 0, NULL, NULL);
|
||||
aead_request_set_ad(req, sizeof(assoc));
|
||||
@@ -3686,7 +3686,7 @@ static int linuxkm_test_aesgcm(void)
|
||||
/* Now decrypt crypto request. Reverse src and dst. */
|
||||
XMEMSET(dec2, 0, decryptLen);
|
||||
aead_request_set_ad(req, sizeof(assoc));
|
||||
aead_request_set_crypt(req, dst, src, decryptLen, iv);
|
||||
aead_request_set_crypt(req, dst, src, (unsigned int)decryptLen, iv);
|
||||
|
||||
ret = crypto_aead_decrypt(req);
|
||||
|
||||
@@ -4209,7 +4209,7 @@ static int aes_xts_128_test(void)
|
||||
|
||||
tfm = crypto_alloc_skcipher(WOLFKM_AESXTS_NAME, 0, 0);
|
||||
if (IS_ERR(tfm)) {
|
||||
ret = PTR_ERR(tfm);
|
||||
ret = (int)PTR_ERR(tfm);
|
||||
pr_err("error: allocating AES skcipher algorithm %s failed: %d\n",
|
||||
WOLFKM_AESXTS_DRIVER, ret);
|
||||
tfm = NULL;
|
||||
@@ -4706,7 +4706,7 @@ static int aes_xts_256_test(void)
|
||||
|
||||
tfm = crypto_alloc_skcipher(WOLFKM_AESXTS_NAME, 0, 0);
|
||||
if (IS_ERR(tfm)) {
|
||||
ret = PTR_ERR(tfm);
|
||||
ret = (int)PTR_ERR(tfm);
|
||||
pr_err("error: allocating AES skcipher algorithm %s failed: %d\n",
|
||||
WOLFKM_AESXTS_DRIVER, ret);
|
||||
tfm = NULL;
|
||||
|
||||
@@ -2901,8 +2901,8 @@ static int linuxkm_test_kpp_driver(const char * driver,
|
||||
* */
|
||||
tfm = crypto_alloc_kpp(driver, 0, 0);
|
||||
if (IS_ERR(tfm)) {
|
||||
pr_err("error: allocating kpp algorithm %s failed: %ld\n",
|
||||
driver, PTR_ERR(tfm));
|
||||
pr_err("error: allocating kpp algorithm %s failed: %d\n",
|
||||
driver, (int)PTR_ERR(tfm));
|
||||
if (PTR_ERR(tfm) == -ENOMEM)
|
||||
test_rc = MEMORY_E;
|
||||
else
|
||||
|
||||
@@ -911,15 +911,15 @@ static int linuxkm_test_ecdh_nist_driver(const char * driver,
|
||||
#if defined(HAVE_FIPS) && defined(CONFIG_CRYPTO_MANAGER) && \
|
||||
!defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
|
||||
if ((PTR_ERR(tfm) == -ENOENT) && fips_enabled) {
|
||||
pr_info("info: skipping unsupported kpp algorithm %s: %ld\n",
|
||||
driver, PTR_ERR(tfm));
|
||||
pr_info("info: skipping unsupported kpp algorithm %s: %d\n",
|
||||
driver, (int)PTR_ERR(tfm));
|
||||
test_rc = NOT_COMPILED_IN;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
pr_err("error: allocating kpp algorithm %s failed: %ld\n",
|
||||
driver, PTR_ERR(tfm));
|
||||
pr_err("error: allocating kpp algorithm %s failed: %d\n",
|
||||
driver, (int)PTR_ERR(tfm));
|
||||
if (PTR_ERR(tfm) == -ENOMEM)
|
||||
test_rc = MEMORY_E;
|
||||
else
|
||||
|
||||
@@ -749,15 +749,15 @@ static int linuxkm_test_ecdsa_nist_driver(const char * driver,
|
||||
* in kernel crypto/testmgr.c, and the kernel will block
|
||||
* its allocation if fips_enabled is set. */
|
||||
if ((PTR_ERR(tfm) == -ENOENT) && fips_enabled) {
|
||||
pr_info("info: skipping unsupported akcipher algorithm %s: %ld\n",
|
||||
driver, PTR_ERR(tfm));
|
||||
pr_info("info: skipping unsupported akcipher algorithm %s: %d\n",
|
||||
driver, (int)PTR_ERR(tfm));
|
||||
test_rc = NOT_COMPILED_IN;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
pr_err("error: allocating akcipher algorithm %s failed: %ld\n",
|
||||
driver, PTR_ERR(tfm));
|
||||
pr_err("error: allocating akcipher algorithm %s failed: %d\n",
|
||||
driver, (int)PTR_ERR(tfm));
|
||||
if (PTR_ERR(tfm) == -ENOMEM)
|
||||
test_rc = MEMORY_E;
|
||||
else
|
||||
|
||||
@@ -125,8 +125,8 @@ WC_MAYBE_UNUSED static int check_skcipher_driver_masking(struct crypto_skcipher
|
||||
tfm = crypto_alloc_skcipher(alg_name, 0, 0);
|
||||
}
|
||||
if (IS_ERR(tfm)) {
|
||||
pr_err("error: allocating skcipher algorithm %s failed: %ld\n",
|
||||
alg_name, PTR_ERR(tfm));
|
||||
pr_err("error: allocating skcipher algorithm %s failed: %d\n",
|
||||
alg_name, (int)PTR_ERR(tfm));
|
||||
return -EINVAL;
|
||||
}
|
||||
actual_driver_name = crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
|
||||
@@ -158,8 +158,8 @@ WC_MAYBE_UNUSED static int check_aead_driver_masking(struct crypto_aead *tfm, co
|
||||
tfm = crypto_alloc_aead(alg_name, 0, 0);
|
||||
}
|
||||
if (IS_ERR(tfm)) {
|
||||
pr_err("error: allocating AEAD algorithm %s failed: %ld\n",
|
||||
alg_name, PTR_ERR(tfm));
|
||||
pr_err("error: allocating AEAD algorithm %s failed: %d\n",
|
||||
alg_name, (int)PTR_ERR(tfm));
|
||||
return -EINVAL;
|
||||
}
|
||||
actual_driver_name = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
|
||||
@@ -191,8 +191,8 @@ WC_MAYBE_UNUSED static int check_shash_driver_masking(struct crypto_shash *tfm,
|
||||
tfm = crypto_alloc_shash(alg_name, 0, 0);
|
||||
}
|
||||
if (IS_ERR(tfm)) {
|
||||
pr_err("error: allocating shash algorithm %s failed: %ld\n",
|
||||
alg_name, PTR_ERR(tfm));
|
||||
pr_err("error: allocating shash algorithm %s failed: %d\n",
|
||||
alg_name, (int)PTR_ERR(tfm));
|
||||
return -EINVAL;
|
||||
}
|
||||
actual_driver_name = crypto_tfm_alg_driver_name(crypto_shash_tfm(tfm));
|
||||
|
||||
@@ -2298,8 +2298,8 @@ static int linuxkm_test_rsa_driver(const char * driver, int nbits)
|
||||
* */
|
||||
tfm = crypto_alloc_akcipher(driver, 0, 0);
|
||||
if (IS_ERR(tfm)) {
|
||||
pr_err("error: allocating akcipher algorithm %s failed: %ld\n",
|
||||
driver, PTR_ERR(tfm));
|
||||
pr_err("error: allocating akcipher algorithm %s failed: %d\n",
|
||||
driver, (int)PTR_ERR(tfm));
|
||||
tfm = NULL;
|
||||
goto test_rsa_end;
|
||||
}
|
||||
@@ -2722,8 +2722,8 @@ static int linuxkm_test_pkcs1pad_driver(const char * driver, int nbits,
|
||||
skipped = 1;
|
||||
}
|
||||
else {
|
||||
pr_err("error: allocating akcipher algorithm %s failed: %ld\n",
|
||||
driver, PTR_ERR(tfm));
|
||||
pr_err("error: allocating akcipher algorithm %s failed: %d\n",
|
||||
driver, (int)PTR_ERR(tfm));
|
||||
if (PTR_ERR(tfm) == -ENOMEM) {
|
||||
test_rc = MEMORY_E;
|
||||
}
|
||||
@@ -3229,8 +3229,8 @@ static int linuxkm_test_pkcs1_driver(const char * driver, int nbits,
|
||||
skipped = 1;
|
||||
}
|
||||
else {
|
||||
pr_err("error: allocating sig algorithm %s failed: %ld\n",
|
||||
driver, PTR_ERR(tfm));
|
||||
pr_err("error: allocating sig algorithm %s failed: %d\n",
|
||||
driver, (int)PTR_ERR(tfm));
|
||||
if (PTR_ERR(tfm) == -ENOMEM) {
|
||||
test_rc = MEMORY_E;
|
||||
}
|
||||
|
||||
+28
-24
@@ -1231,15 +1231,11 @@ static int wc_linuxkm_drbg_generate(struct wc_rng_bank *ctx,
|
||||
continue;
|
||||
|
||||
if (unlikely(ret == WC_NO_ERR_TRACE(RNG_FAILURE_E))) {
|
||||
if (slen > 0) {
|
||||
ret = -EINVAL;
|
||||
if (slen > 0)
|
||||
break;
|
||||
}
|
||||
|
||||
if (retried) {
|
||||
ret = -EINVAL;
|
||||
if (retried)
|
||||
break;
|
||||
}
|
||||
retried = 1;
|
||||
|
||||
ret = wc_rng_bank_inst_reinit(ctx,
|
||||
@@ -1248,20 +1244,21 @@ static int wc_linuxkm_drbg_generate(struct wc_rng_bank *ctx,
|
||||
WC_RNG_BANK_FLAG_CAN_WAIT);
|
||||
|
||||
if (ret == 0) {
|
||||
pr_warn("WARNING: reinitialized DRBG #%d after RNG_FAILURE_E from wc_RNG_GenerateBlock().\n", raw_smp_processor_id());
|
||||
pr_warn_ratelimited("WARNING: reinitialized DRBG #%d after RNG_FAILURE_E from wc_RNG_GenerateBlock().\n", raw_smp_processor_id());
|
||||
continue;
|
||||
}
|
||||
else {
|
||||
pr_warn_once("ERROR: reinitialization of DRBG #%d after RNG_FAILURE_E failed with ret %d.\n", raw_smp_processor_id(), ret);
|
||||
ret = -EINVAL;
|
||||
pr_err_ratelimited("ERROR: reinitialization of DRBG #%d after RNG_FAILURE_E failed with ret %d.\n", raw_smp_processor_id(), ret);
|
||||
break;
|
||||
}
|
||||
}
|
||||
else {
|
||||
pr_warn_once("ERROR: wc_linuxkm_drbg_generate() wc_RNG_GenerateBlock returned %d.\n",ret);
|
||||
ret = -EINVAL;
|
||||
else
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (ret != 0) {
|
||||
pr_err_ratelimited("ERROR: wc_linuxkm_drbg_generate() failing on wolfCrypt code %d.\n",ret);
|
||||
ret = -EINVAL;
|
||||
}
|
||||
|
||||
out:
|
||||
@@ -1355,7 +1352,12 @@ static int wc_linuxkm_drbg_loaded = 0;
|
||||
static int wc__get_random_bytes(void *buf, size_t len)
|
||||
{
|
||||
struct wc_rng_bank *current_default_wc_rng_bank;
|
||||
int ret = wc_rng_bank_default_checkout(¤t_default_wc_rng_bank);
|
||||
int ret;
|
||||
|
||||
if (len > WC_MAX_UINT_OF(unsigned int))
|
||||
return -EINVAL;
|
||||
|
||||
ret = wc_rng_bank_default_checkout(¤t_default_wc_rng_bank);
|
||||
if (ret) {
|
||||
#ifdef WC_VERBOSE_RNG
|
||||
pr_err_ratelimited("ERROR: wc_rng_bank_default_checkout() in wc__get_random_bytes() returned %d.\n", ret);
|
||||
@@ -1364,7 +1366,7 @@ static int wc__get_random_bytes(void *buf, size_t len)
|
||||
}
|
||||
else {
|
||||
ret = wc_linuxkm_drbg_generate(current_default_wc_rng_bank,
|
||||
NULL, 0, buf, len);
|
||||
NULL, 0, buf, (unsigned int)len);
|
||||
(void)wc_rng_bank_default_checkin(¤t_default_wc_rng_bank);
|
||||
if (ret) {
|
||||
pr_warn("BUG: wc__get_random_bytes falling through to native get_random_bytes with wc_linuxkm_drbg_default_instance_registered, ret=%d.\n", ret);
|
||||
@@ -1377,14 +1379,14 @@ static int wc__get_random_bytes(void *buf, size_t len)
|
||||
/* used by kernel >=5.14.0 */
|
||||
static ssize_t wc_get_random_bytes_user(struct iov_iter *iter) {
|
||||
struct wc_rng_bank *current_default_wc_rng_bank;
|
||||
int ret;
|
||||
ssize_t ret;
|
||||
if (unlikely(!iov_iter_count(iter)))
|
||||
return 0;
|
||||
|
||||
ret = wc_rng_bank_default_checkout(¤t_default_wc_rng_bank);
|
||||
if (ret) {
|
||||
#ifdef WC_VERBOSE_RNG
|
||||
pr_err_ratelimited("ERROR: wc_rng_bank_default_checkout() in wc_get_random_bytes_user() returned %d.\n", ret);
|
||||
pr_err_ratelimited("ERROR: wc_rng_bank_default_checkout() in wc_get_random_bytes_user() returned %ld.\n", ret);
|
||||
#endif
|
||||
return -ECANCELED;
|
||||
}
|
||||
@@ -1396,7 +1398,7 @@ static ssize_t wc_get_random_bytes_user(struct iov_iter *iter) {
|
||||
ret = wc_linuxkm_drbg_generate(current_default_wc_rng_bank,
|
||||
NULL, 0, block, sizeof block);
|
||||
if (unlikely(ret != 0)) {
|
||||
pr_err("ERROR: wc_get_random_bytes_user() wc_linuxkm_drbg_generate() returned %d.\n", ret);
|
||||
pr_err("ERROR: wc_get_random_bytes_user() wc_linuxkm_drbg_generate() returned %ld.\n", ret);
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -1438,7 +1440,7 @@ static ssize_t wc_get_random_bytes_user(struct iov_iter *iter) {
|
||||
|
||||
/* used by kernel 4.9.0-5.13.x */
|
||||
static ssize_t wc_extract_crng_user(void __user *buf, size_t nbytes) {
|
||||
int ret;
|
||||
ssize_t ret;
|
||||
struct wc_rng_bank *current_default_wc_rng_bank;
|
||||
if (unlikely(!nbytes))
|
||||
return 0;
|
||||
@@ -1446,7 +1448,7 @@ static ssize_t wc_extract_crng_user(void __user *buf, size_t nbytes) {
|
||||
ret = wc_rng_bank_default_checkout(¤t_default_wc_rng_bank);
|
||||
if (ret) {
|
||||
#ifdef WC_VERBOSE_RNG
|
||||
pr_err_ratelimited("ERROR: wc_rng_bank_default_checkout() in wc_extract_crng_user() returned %d.\n", ret);
|
||||
pr_err_ratelimited("ERROR: wc_rng_bank_default_checkout() in wc_extract_crng_user() returned %ld.\n", ret);
|
||||
#endif
|
||||
return -ECANCELED;
|
||||
}
|
||||
@@ -1458,11 +1460,13 @@ static ssize_t wc_extract_crng_user(void __user *buf, size_t nbytes) {
|
||||
ret = wc_linuxkm_drbg_generate(current_default_wc_rng_bank,
|
||||
NULL, 0, block, sizeof block);
|
||||
if (unlikely(ret != 0)) {
|
||||
pr_err("ERROR: wc_extract_crng_user() wc_linuxkm_drbg_generate() returned %d.\n", ret);
|
||||
pr_err("ERROR: wc_extract_crng_user() wc_linuxkm_drbg_generate() returned %ld.\n", ret);
|
||||
break;
|
||||
}
|
||||
|
||||
this_copied = min(nbytes - total_copied, sizeof(block));
|
||||
this_copied = nbytes - total_copied;
|
||||
if (this_copied > sizeof(block))
|
||||
this_copied = sizeof(block);
|
||||
if (copy_to_user((byte *)buf + total_copied, block, this_copied)) {
|
||||
ret = -EFAULT;
|
||||
break;
|
||||
@@ -1811,8 +1815,8 @@ static int wc_linuxkm_drbg_startup(void)
|
||||
{
|
||||
struct crypto_rng *tfm = crypto_alloc_rng(wc_linuxkm_drbg.base.cra_name, 0, 0);
|
||||
if (IS_ERR(tfm)) {
|
||||
pr_err("ERROR: allocating rng algorithm %s failed: %ld\n",
|
||||
wc_linuxkm_drbg.base.cra_name, PTR_ERR(tfm));
|
||||
pr_err("ERROR: allocating rng algorithm %s failed: %d\n",
|
||||
wc_linuxkm_drbg.base.cra_name, (int)PTR_ERR(tfm));
|
||||
ret = PTR_ERR(tfm);
|
||||
tfm = NULL;
|
||||
}
|
||||
|
||||
@@ -265,7 +265,7 @@ static ssize_t dump_to_file(const char *path, const u8 *buf, size_t buf_len)
|
||||
|
||||
fp = filp_open(path, O_WRONLY | O_CREAT, 0644);
|
||||
if (IS_ERR(fp)) {
|
||||
pr_err("libwolfssl: cannot open %s: %ld\n", path, PTR_ERR(fp));
|
||||
pr_err("libwolfssl: cannot open %s: %d\n", path, (int)PTR_ERR(fp));
|
||||
return PTR_ERR(fp);
|
||||
}
|
||||
|
||||
@@ -1412,9 +1412,11 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
|
||||
#ifndef __ARCH_STRSTR_NO_REDIRECT
|
||||
wolfssl_linuxkm_pie_redirect_table.strstr = strstr;
|
||||
#endif
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(7, 2, 0)
|
||||
#ifndef __ARCH_STRNCPY_NO_REDIRECT
|
||||
wolfssl_linuxkm_pie_redirect_table.strncpy = strncpy;
|
||||
#endif
|
||||
#endif
|
||||
#ifndef __ARCH_STRNCAT_NO_REDIRECT
|
||||
wolfssl_linuxkm_pie_redirect_table.strncat = strncat;
|
||||
#endif
|
||||
@@ -1689,6 +1691,10 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
|
||||
wolfssl_linuxkm_pie_redirect_table.wolfSSL_X509_NAME_free = wolfSSL_X509_NAME_free;
|
||||
wolfssl_linuxkm_pie_redirect_table.wolfSSL_X509_NAME_new_ex = wolfSSL_X509_NAME_new_ex;
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
#ifdef HAVE_OCSP
|
||||
wolfssl_linuxkm_pie_redirect_table.CheckOcspResponder = CheckOcspResponder;
|
||||
#endif
|
||||
|
||||
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
||||
|
||||
wolfssl_linuxkm_pie_redirect_table.dump_stack = dump_stack;
|
||||
@@ -1867,7 +1873,7 @@ static int updateFipsHash(void)
|
||||
pr_err("ERROR: crypto_alloc_shash failed: target kernel is missing algorithm implementation for hash type %u\n", FIPS_IN_CORE_HASH_TYPE);
|
||||
ret = NOT_COMPILED_IN;
|
||||
} else {
|
||||
pr_err("ERROR: crypto_alloc_shash failed with ret %ld\n",PTR_ERR(tfm));
|
||||
pr_err("ERROR: crypto_alloc_shash failed with ret %d\n", (int)PTR_ERR(tfm));
|
||||
ret = HASH_TYPE_E;
|
||||
}
|
||||
tfm = NULL;
|
||||
|
||||
@@ -323,6 +323,11 @@ WARN_UNUSED_RESULT int wc_can_save_vector_registers_x86(void)
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
|
||||
if (SAVE_VECTOR_REGISTERS2_fuzzer() != 0)
|
||||
return 0;
|
||||
#endif
|
||||
|
||||
if ((preempt_count() == 0) || may_use_simd())
|
||||
return 1;
|
||||
else
|
||||
@@ -423,6 +428,14 @@ WARN_UNUSED_RESULT int wc_save_vector_registers_x86(enum wc_svr_flags flags)
|
||||
return 0;
|
||||
}
|
||||
|
||||
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
|
||||
if (flags & WC_SVR_FLAG_FUZZ) {
|
||||
int ret = SAVE_VECTOR_REGISTERS2_fuzzer();
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
if ((preempt_count() == 0) || may_use_simd()) {
|
||||
/* fpregs_lock() calls either local_bh_disable() or preempt_disable()
|
||||
* depending on CONFIG_PREEMPT_RT -- we call both, explicitly.
|
||||
|
||||
@@ -109,7 +109,6 @@ endif
|
||||
|
||||
if BUILD_AESNI
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_x86_64_asm.S
|
||||
if BUILD_X86_ASM
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
|
||||
else
|
||||
@@ -272,7 +271,6 @@ endif BUILD_PPC32_ASM
|
||||
|
||||
if BUILD_AESNI
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_x86_64_asm.S
|
||||
if BUILD_X86_ASM
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
|
||||
else
|
||||
@@ -604,7 +602,6 @@ endif BUILD_PPC32_ASM
|
||||
|
||||
if BUILD_AESNI
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_x86_64_asm.S
|
||||
if BUILD_X86_ASM
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
|
||||
else
|
||||
|
||||
+26
-26
@@ -14185,9 +14185,9 @@ static int test_wolfSSL_ECH_conn_ex(method_provider serverMeth,
|
||||
ExpectIntEQ(WOLFSSL_SUCCESS,
|
||||
wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
|
||||
ExpectIntEQ(WOLFSSL_SUCCESS,
|
||||
wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
|
||||
wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM));
|
||||
ExpectIntEQ(WOLFSSL_SUCCESS,
|
||||
wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
|
||||
wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, WOLFSSL_FILETYPE_PEM));
|
||||
|
||||
tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL);
|
||||
|
||||
@@ -16358,8 +16358,8 @@ static int test_wolfSSL_sk_SSL_CIPHER(void)
|
||||
#else
|
||||
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
|
||||
#endif
|
||||
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
|
||||
ExpectNotNull(ssl = SSL_new(ctx));
|
||||
ExpectNotNull(sk = SSL_get_ciphers(ssl));
|
||||
ExpectNotNull(dupSk = sk_SSL_CIPHER_dup(sk));
|
||||
@@ -16394,8 +16394,8 @@ static int test_wolfSSL_set1_curves_list(void)
|
||||
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
|
||||
#endif
|
||||
ExpectTrue(SSL_CTX_use_certificate_file(ctx, eccCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM));
|
||||
ExpectNotNull(ssl = SSL_new(ctx));
|
||||
|
||||
ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
|
||||
@@ -16553,8 +16553,8 @@ static int test_wolfSSL_set1_sigalgs_list(void)
|
||||
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
|
||||
#endif
|
||||
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
|
||||
ExpectNotNull(ssl = SSL_new(ctx));
|
||||
|
||||
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(NULL, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
|
||||
@@ -16703,8 +16703,8 @@ static int test_wolfSSL_set_tlsext_status_type(void)
|
||||
|
||||
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
|
||||
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
|
||||
ExpectNotNull(ssl = SSL_new(ctx));
|
||||
ExpectIntEQ(SSL_set_tlsext_status_type(ssl,TLSEXT_STATUSTYPE_ocsp),
|
||||
SSL_SUCCESS);
|
||||
@@ -16774,7 +16774,7 @@ static int test_wolfSSL_X509_ALGOR_get0(void)
|
||||
const byte badObj[] = { 0x06, 0x00 };
|
||||
|
||||
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
ExpectNotNull(alg = X509_get0_tbs_sigalg(x509));
|
||||
|
||||
/* Invalid case */
|
||||
@@ -19807,7 +19807,7 @@ static int test_wolfSSL_X509_SEP(void)
|
||||
#if 0
|
||||
/* Use certificate with the extension here. */
|
||||
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
|
||||
outSz = 0;
|
||||
ExpectNotNull(out = wolfSSL_X509_get_device_type(x509, NULL, &outSz));
|
||||
@@ -20592,7 +20592,7 @@ static int test_wolfSSL_CTX_ctrl(void)
|
||||
SSL_FILETYPE_ASN1));
|
||||
#else
|
||||
ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_file(
|
||||
cliEccCertFile, SSL_FILETYPE_PEM));
|
||||
cliEccCertFile, WOLFSSL_FILETYPE_PEM));
|
||||
#endif
|
||||
ExpectNotNull(pkey = X509_get_pubkey(ecX509));
|
||||
/* current ECC key is 256 bit (32 bytes) */
|
||||
@@ -21022,9 +21022,9 @@ static int test_wolfSSL_OCSP_id_get0_info(void)
|
||||
ASN1_INTEGER* x509Int = NULL;
|
||||
|
||||
ExpectNotNull(cert = wolfSSL_X509_load_certificate_file(svrCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
|
||||
ExpectNotNull(id = OCSP_cert_to_id(NULL, cert, issuer));
|
||||
ExpectNotNull(id2 = OCSP_cert_to_id(NULL, cert, issuer));
|
||||
@@ -27379,7 +27379,7 @@ static int test_wolfSSL_crypto_policy_certs_and_keys(void)
|
||||
if (ctx != NULL) {
|
||||
/* 1024 RSA */
|
||||
rc = SSL_CTX_use_PrivateKey_file(ctx, key1024,
|
||||
SSL_FILETYPE_PEM);
|
||||
WOLFSSL_FILETYPE_PEM);
|
||||
|
||||
if (is_legacy) {
|
||||
ExpectIntEQ(rc, WOLFSSL_SUCCESS);
|
||||
@@ -27390,7 +27390,7 @@ static int test_wolfSSL_crypto_policy_certs_and_keys(void)
|
||||
|
||||
/* 2048 RSA */
|
||||
rc = SSL_CTX_use_PrivateKey_file(ctx, key2048,
|
||||
SSL_FILETYPE_PEM);
|
||||
WOLFSSL_FILETYPE_PEM);
|
||||
|
||||
if (!is_future) {
|
||||
ExpectIntEQ(rc, WOLFSSL_SUCCESS);
|
||||
@@ -27401,17 +27401,17 @@ static int test_wolfSSL_crypto_policy_certs_and_keys(void)
|
||||
|
||||
/* 3072 RSA */
|
||||
rc = SSL_CTX_use_PrivateKey_file(ctx, key3072,
|
||||
SSL_FILETYPE_PEM);
|
||||
WOLFSSL_FILETYPE_PEM);
|
||||
ExpectIntEQ(rc, WOLFSSL_SUCCESS);
|
||||
|
||||
/* 256 ecc */
|
||||
rc = SSL_CTX_use_PrivateKey_file(ctx, key256,
|
||||
SSL_FILETYPE_PEM);
|
||||
WOLFSSL_FILETYPE_PEM);
|
||||
ExpectIntEQ(rc, WOLFSSL_SUCCESS);
|
||||
|
||||
/* 384 ecc */
|
||||
rc = SSL_CTX_use_PrivateKey_file(ctx, key384,
|
||||
SSL_FILETYPE_PEM);
|
||||
WOLFSSL_FILETYPE_PEM);
|
||||
ExpectIntEQ(rc, WOLFSSL_SUCCESS);
|
||||
|
||||
/* cleanup */
|
||||
@@ -27867,9 +27867,9 @@ static int test_wolfSSL_SSL_in_init(void)
|
||||
#endif
|
||||
if ((testCertFile != NULL) && (testKeyFile != NULL)) {
|
||||
ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
}
|
||||
|
||||
ExpectNotNull(ssl = SSL_new(ctx));
|
||||
@@ -28192,9 +28192,9 @@ static int test_wolfSSL_set_psk_use_session_callback(void)
|
||||
#endif
|
||||
if ((testCertFile != NULL) && (testKeyFile != NULL)) {
|
||||
ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
}
|
||||
|
||||
ExpectNotNull(ssl = SSL_new(ctx));
|
||||
@@ -28413,9 +28413,9 @@ static int test_SSL_CIPHER_get_xxx(void)
|
||||
#endif
|
||||
if (testCertFile != NULL && testKeyFile != NULL) {
|
||||
ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
}
|
||||
|
||||
ExpectNotNull(ssl = SSL_new(ctx));
|
||||
|
||||
@@ -1291,22 +1291,22 @@ int test_dtls_rtx_across_epoch_change(void)
|
||||
/* CH0 */
|
||||
wolfSSL_SetLoggingPrefix("client:");
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), SSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* HRR */
|
||||
wolfSSL_SetLoggingPrefix("server:");
|
||||
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), SSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* CH1 */
|
||||
wolfSSL_SetLoggingPrefix("client:");
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), SSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* SH ... FINISHED */
|
||||
wolfSSL_SetLoggingPrefix("server:");
|
||||
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), SSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* we should have now SH ... FINISHED messages in the buffer*/
|
||||
ExpectIntGE(test_ctx.c_msg_count, 2);
|
||||
@@ -1319,7 +1319,7 @@ int test_dtls_rtx_across_epoch_change(void)
|
||||
/* Read the SH */
|
||||
wolfSSL_SetLoggingPrefix("client:");
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), SSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* trigger client timeout */
|
||||
ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
|
||||
|
||||
@@ -1530,19 +1530,19 @@ int test_dtls13_min_rtx_interval(void)
|
||||
|
||||
/* CH0 */
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), SSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* HRR */
|
||||
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), SSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* CH1 */
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), SSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* SH ... FINISHED */
|
||||
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), SSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* We should have SH ... FINISHED messages in the buffer */
|
||||
ExpectIntGE(test_ctx.c_msg_count, 2);
|
||||
|
||||
+184
-74
@@ -110,6 +110,8 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
|
||||
* WOLFSSL_HW_METRICS: Track hardware acceleration usage default: off
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_AES_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#if !defined(NO_AES)
|
||||
@@ -827,6 +829,30 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
|
||||
#if !defined(NO_AVX512_SUPPORT) && !defined(HAVE_INTEL_AVX512)
|
||||
#define HAVE_INTEL_AVX512
|
||||
#endif
|
||||
|
||||
/* Below this threshold the narrower path (AVX1 / AES-NI) is faster on
|
||||
* Zen 4 than the wide VAES/AVX512 path. Verify and tune
|
||||
* per-microarchecture.
|
||||
*/
|
||||
#ifndef WC_VAES_MIN_BLOCKS
|
||||
#define WC_VAES_MIN_BLOCKS 8
|
||||
#elif WC_VAES_MIN_BLOCKS < 1
|
||||
#error Invalid WC_VAES_MIN_BLOCKS
|
||||
#endif
|
||||
/* CFB/ECB: wide ECB setup (key broadcast) doesn't pay off below this. */
|
||||
#ifndef WC_VAES_ECB_MIN_BLOCKS
|
||||
#define WC_VAES_ECB_MIN_BLOCKS WC_VAES_MIN_BLOCKS
|
||||
#elif WC_VAES_ECB_MIN_BLOCKS < 1
|
||||
#error Invalid WC_VAES_ECB_MIN_BLOCKS
|
||||
#endif
|
||||
/* GCM one-shot: AVX2 faster than wide below this (layout/setup, not
|
||||
* amortization); pure GMAC (sz==0) routes to AVX2 by construction.
|
||||
*/
|
||||
#ifndef WC_VAES_GCM_MIN_BLOCKS
|
||||
#define WC_VAES_GCM_MIN_BLOCKS WC_VAES_MIN_BLOCKS
|
||||
#elif WC_VAES_GCM_MIN_BLOCKS < 1
|
||||
#error Invalid WC_VAES_GCM_MIN_BLOCKS
|
||||
#endif
|
||||
#endif
|
||||
|
||||
void AES_CTR_encrypt_AESNI(const unsigned char* in, unsigned char* out,
|
||||
@@ -885,13 +911,15 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
|
||||
unsigned char* out, word32 sz, const unsigned char* key, int nr)
|
||||
{
|
||||
#ifdef HAVE_INTEL_AVX512
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_ECB_encrypt_avx512(in, out, sz, key, nr);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_INTEL_VAES
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_ECB_encrypt_vaes(in, out, sz, key, nr);
|
||||
}
|
||||
else
|
||||
@@ -912,13 +940,15 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
|
||||
unsigned char* out, word32 sz, const unsigned char* key, int nr)
|
||||
{
|
||||
#ifdef HAVE_INTEL_AVX512
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_ECB_decrypt_avx512(in, out, sz, key, nr);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_INTEL_VAES
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_ECB_decrypt_vaes(in, out, sz, key, nr);
|
||||
}
|
||||
else
|
||||
@@ -941,13 +971,15 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
|
||||
const unsigned char* key, int nr)
|
||||
{
|
||||
#ifdef HAVE_INTEL_AVX512
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_CBC_encrypt_avx512(in, out, iv, sz, key, nr);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_INTEL_VAES
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_CBC_encrypt_vaes(in, out, iv, sz, key, nr);
|
||||
}
|
||||
else
|
||||
@@ -970,13 +1002,15 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
|
||||
const unsigned char* key, int nr)
|
||||
{
|
||||
#ifdef HAVE_INTEL_AVX512
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_CBC_decrypt_avx512(in, out, iv, sz, key, nr);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_INTEL_VAES
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_CBC_decrypt_vaes(in, out, iv, sz, key, nr);
|
||||
}
|
||||
else
|
||||
@@ -998,13 +1032,15 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
|
||||
unsigned char* ctr)
|
||||
{
|
||||
#ifdef HAVE_INTEL_AVX512
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_CTR_encrypt_avx512(in, out, sz, key, nr, ctr);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_INTEL_VAES
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_CTR_encrypt_vaes(in, out, sz, key, nr, ctr);
|
||||
}
|
||||
else
|
||||
@@ -7959,6 +7995,63 @@ static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
|
||||
|
||||
#endif
|
||||
|
||||
#if !defined(NO_INLINE) && defined(__GNUC__) && !defined(__cplusplus)
|
||||
/* Inline for callers here in aes.c, but a callable local function for outside
|
||||
* callers. Don't use WC_INLINE unconditionally, because we can't count on
|
||||
* correct behavior beyond gcc/clang, and we don't want the the WC_MAYBE_UNUSED
|
||||
* attribute in NO_INLINE builds.
|
||||
*/
|
||||
WC_INLINE
|
||||
#endif
|
||||
int wc_local_AesGcmCheckTagSz(word32 authTagSz) {
|
||||
#ifdef WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH
|
||||
#ifdef HAVE_FIPS
|
||||
#error WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH not allowed with FIPS 140.
|
||||
#endif
|
||||
wc_static_assert(WOLFSSL_MIN_AUTH_TAG_SZ >= 4);
|
||||
if ((authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
|
||||
(authTagSz > WC_AES_BLOCK_SIZE))
|
||||
{
|
||||
WOLFSSL_MSG("AES-GCM unsupported authTagSz");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
else
|
||||
return 0;
|
||||
#else
|
||||
/* A switch is actually better for the optimizer than most hand-rolled
|
||||
* equivalents, because it hands the compiler the exact value set and lets
|
||||
* it pick the best lowering per WOLFSSL_MIN_AUTH_TAG_SZ configuration.
|
||||
*/
|
||||
switch (authTagSz) {
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 4
|
||||
case 4:
|
||||
#endif
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 8
|
||||
case 8:
|
||||
#endif
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 12
|
||||
case 12:
|
||||
#endif
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 13
|
||||
case 13:
|
||||
#endif
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 14
|
||||
case 14:
|
||||
#endif
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 15
|
||||
case 15:
|
||||
#endif
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 16
|
||||
case 16:
|
||||
#endif
|
||||
return 0;
|
||||
default:
|
||||
WOLFSSL_MSG("AES-GCM unsupported authTagSz");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_RISCV_ASM)
|
||||
/* implemented in wolfcrypt/src/port/risc-v/riscv-64-aes.c */
|
||||
|
||||
@@ -8476,10 +8569,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
|
||||
word32 blocks, partial;
|
||||
byte* h;
|
||||
|
||||
if (gcm == NULL) {
|
||||
return;
|
||||
}
|
||||
|
||||
h = gcm->H;
|
||||
XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
|
||||
|
||||
@@ -8811,10 +8900,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
|
||||
byte scratch[WC_AES_BLOCK_SIZE];
|
||||
word32 blocks, partial;
|
||||
|
||||
if (gcm == NULL) {
|
||||
return;
|
||||
}
|
||||
|
||||
XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
|
||||
|
||||
/* Hash in A, the Additional Authentication Data */
|
||||
@@ -9303,10 +9388,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
|
||||
byte scratch[WC_AES_BLOCK_SIZE];
|
||||
word32 blocks, partial;
|
||||
|
||||
if (gcm == NULL) {
|
||||
return;
|
||||
}
|
||||
|
||||
XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
|
||||
|
||||
/* Hash in A, the Additional Authentication Data */
|
||||
@@ -9459,10 +9540,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
|
||||
word32 blocks, partial;
|
||||
word64 bigH[2];
|
||||
|
||||
if (gcm == NULL) {
|
||||
return;
|
||||
}
|
||||
|
||||
XMEMCPY(bigH, gcm->H, WC_AES_BLOCK_SIZE);
|
||||
#ifdef LITTLE_ENDIAN_ORDER
|
||||
ByteReverseWords64(bigH, bigH, WC_AES_BLOCK_SIZE);
|
||||
@@ -9776,10 +9853,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
|
||||
word32 blocks, partial;
|
||||
word32 bigH[4];
|
||||
|
||||
if (gcm == NULL) {
|
||||
return;
|
||||
}
|
||||
|
||||
XMEMCPY(bigH, gcm->H, WC_AES_BLOCK_SIZE);
|
||||
#ifdef LITTLE_ENDIAN_ORDER
|
||||
ByteReverseWords(bigH, bigH, WC_AES_BLOCK_SIZE);
|
||||
@@ -10168,14 +10241,13 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
word32 keySize;
|
||||
|
||||
/* argument checks */
|
||||
if (aes == NULL || authTagSz > WC_AES_BLOCK_SIZE || ivSz == 0) {
|
||||
if (aes == NULL || ivSz == 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
status = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (status != 0)
|
||||
return status;
|
||||
|
||||
status = wc_AesGetKeySize(aes, &keySize);
|
||||
if (status)
|
||||
@@ -10699,16 +10771,15 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
* out are don't cares (GMAC case), matching wc_AesGcmDecrypt. */
|
||||
if (aes == NULL || iv == NULL || ivSz == 0 ||
|
||||
(sz != 0 && (in == NULL || out == NULL)) ||
|
||||
authTag == NULL || authTagSz > WC_AES_BLOCK_SIZE ||
|
||||
authTag == NULL ||
|
||||
((authInSz > 0) && (authIn == NULL)))
|
||||
{
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
#ifndef WOLF_CRYPTO_CB_FIND
|
||||
@@ -10837,7 +10908,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
#ifdef WOLFSSL_AESNI
|
||||
if (aes->use_aesni) {
|
||||
#ifdef HAVE_INTEL_AVX512
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_GCM_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_GCM_encrypt_avx512(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
|
||||
authTagSz, (const byte*)aes->key, (int)aes->rounds);
|
||||
ret = 0;
|
||||
@@ -10845,7 +10917,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_INTEL_VAES
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_GCM_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_GCM_encrypt_vaes(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
|
||||
authTagSz, (const byte*)aes->key, (int)aes->rounds);
|
||||
ret = 0;
|
||||
@@ -10904,13 +10977,16 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
/* If the sz is non-zero, both in and out must be set. If sz is 0,
|
||||
* in and out are don't cares, as this is is the GMAC case. */
|
||||
if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
|
||||
authTag == NULL || authTagSz > WC_AES_BLOCK_SIZE ||
|
||||
authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ || ivSz == 0 ||
|
||||
authTag == NULL || ivSz == 0 ||
|
||||
((authInSz > 0) && (authIn == NULL)))
|
||||
{
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
ret = wc_AesGetKeySize(aes, &keySize);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
@@ -11470,12 +11546,15 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
/* If the sz is non-zero, both in and out must be set. If sz is 0,
|
||||
* in and out are don't cares, as this is is the GMAC case. */
|
||||
if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
|
||||
authTag == NULL || authTagSz > WC_AES_BLOCK_SIZE ||
|
||||
authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ || ivSz == 0) {
|
||||
|
||||
authTag == NULL || ivSz == 0)
|
||||
{
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
#ifndef WOLF_CRYPTO_CB_FIND
|
||||
if (aes->devId != INVALID_DEVID)
|
||||
@@ -11611,7 +11690,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
#ifdef WOLFSSL_AESNI
|
||||
if (aes->use_aesni) {
|
||||
#ifdef HAVE_INTEL_AVX512
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_GCM_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_GCM_decrypt_avx512(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
|
||||
authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
|
||||
if (res == 0)
|
||||
@@ -11622,7 +11702,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_INTEL_VAES
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_GCM_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_GCM_decrypt_vaes(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
|
||||
authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
|
||||
if (res == 0)
|
||||
@@ -12094,14 +12175,16 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
|
||||
if (blocks > 0) {
|
||||
/* GHASH full blocks now. */
|
||||
#ifdef HAVE_INTEL_AVX512
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_GCM_aad_update_avx512(a, blocks * WC_AES_BLOCK_SIZE,
|
||||
AES_TAG(aes), aes->gcm.H);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_INTEL_VAES
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_GCM_aad_update_vaes(a, blocks * WC_AES_BLOCK_SIZE,
|
||||
AES_TAG(aes), aes->gcm.H);
|
||||
}
|
||||
@@ -12268,7 +12351,8 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
|
||||
if (blocks > 0) {
|
||||
/* Encrypt and GHASH full blocks now. */
|
||||
#ifdef HAVE_INTEL_AVX512
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_GCM_encrypt_update_avx512((byte*)aes->key, (int)aes->rounds,
|
||||
c, p, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
|
||||
AES_COUNTER(aes));
|
||||
@@ -12276,7 +12360,8 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_INTEL_VAES
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_GCM_encrypt_update_vaes((byte*)aes->key, (int)aes->rounds,
|
||||
c, p, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
|
||||
AES_COUNTER(aes));
|
||||
@@ -12593,7 +12678,8 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
|
||||
if (blocks > 0) {
|
||||
/* Decrypt and GHASH full blocks now. */
|
||||
#ifdef HAVE_INTEL_AVX512
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_GCM_decrypt_update_avx512((byte*)aes->key, (int)aes->rounds,
|
||||
p, c, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
|
||||
AES_COUNTER(aes));
|
||||
@@ -12601,7 +12687,8 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_INTEL_VAES
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_GCM_decrypt_update_vaes((byte*)aes->key, (int)aes->rounds,
|
||||
p, c, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
|
||||
AES_COUNTER(aes));
|
||||
@@ -13487,11 +13574,13 @@ int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag, word32 authTagSz)
|
||||
int ret = 0;
|
||||
|
||||
/* Check validity of parameters. */
|
||||
if ((aes == NULL) || (authTag == NULL) || (authTagSz > WC_AES_BLOCK_SIZE) ||
|
||||
(authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ)) {
|
||||
if ((aes == NULL) || (authTag == NULL)) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
|
||||
/* Check key has been set. */
|
||||
if ((ret == 0) && (!aes->gcmKeySet)) {
|
||||
ret = MISSING_KEY;
|
||||
@@ -13629,11 +13718,13 @@ int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, word32 authTagSz)
|
||||
int ret = 0;
|
||||
|
||||
/* Check validity of parameters. */
|
||||
if ((aes == NULL) || (authTag == NULL) || (authTagSz > WC_AES_BLOCK_SIZE) ||
|
||||
(authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ)) {
|
||||
if ((aes == NULL) || (authTag == NULL)) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
|
||||
/* Check key has been set. */
|
||||
if ((ret == 0) && (!aes->gcmKeySet)) {
|
||||
ret = MISSING_KEY;
|
||||
@@ -13886,6 +13977,9 @@ int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len)
|
||||
}
|
||||
|
||||
|
||||
/* Note, wc_GmacUpdate() is not a streaming API, it's a one-shot calculation of
|
||||
* the authTag.
|
||||
*/
|
||||
int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
|
||||
const byte* authIn, word32 authInSz,
|
||||
byte* authTag, word32 authTagSz)
|
||||
@@ -15446,19 +15540,29 @@ static WARN_UNUSED_RESULT int AesCfbDecrypt_C(Aes* aes, byte* out,
|
||||
!defined(WOLFSSL_PIC32MZ_CRYPT) && \
|
||||
(defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_ARMASM))
|
||||
{
|
||||
ALIGN16 byte tmp[4 * WC_AES_BLOCK_SIZE];
|
||||
while (sz >= 4 * WC_AES_BLOCK_SIZE) {
|
||||
#ifndef WC_AES_CFB_DEC_BUF_BLOCKS
|
||||
#define WC_AES_CFB_DEC_BUF_BLOCKS 32
|
||||
#elif WC_AES_CFB_DEC_BUF_BLOCKS < 2
|
||||
#error Invalid WC_AES_CFB_DEC_BUF_BLOCKS
|
||||
#endif
|
||||
ALIGN16 byte tmp[WC_AES_CFB_DEC_BUF_BLOCKS * WC_AES_BLOCK_SIZE];
|
||||
while (sz >= 2 * WC_AES_BLOCK_SIZE) {
|
||||
word32 blocks = sz / WC_AES_BLOCK_SIZE;
|
||||
word32 nbytes;
|
||||
if (blocks > WC_AES_CFB_DEC_BUF_BLOCKS)
|
||||
blocks = WC_AES_CFB_DEC_BUF_BLOCKS;
|
||||
nbytes = blocks * WC_AES_BLOCK_SIZE;
|
||||
XMEMCPY(tmp, aes->reg, WC_AES_BLOCK_SIZE);
|
||||
XMEMCPY(tmp + WC_AES_BLOCK_SIZE, in, 3 * WC_AES_BLOCK_SIZE);
|
||||
XMEMCPY(aes->reg, in + 3 * WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
|
||||
ret = wc_AesEcbEncrypt(aes, tmp, tmp, 4 * WC_AES_BLOCK_SIZE);
|
||||
XMEMCPY(tmp + WC_AES_BLOCK_SIZE, in, nbytes - WC_AES_BLOCK_SIZE);
|
||||
XMEMCPY(aes->reg, in + nbytes - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
|
||||
ret = wc_AesEcbEncrypt(aes, tmp, tmp, nbytes);
|
||||
if (ret != 0) {
|
||||
break;
|
||||
}
|
||||
xorbufout(out, in, tmp, 4 * WC_AES_BLOCK_SIZE);
|
||||
out += 4 * WC_AES_BLOCK_SIZE;
|
||||
in += 4 * WC_AES_BLOCK_SIZE;
|
||||
sz -= 4 * WC_AES_BLOCK_SIZE;
|
||||
xorbufout(out, in, tmp, nbytes);
|
||||
out += nbytes;
|
||||
in += nbytes;
|
||||
sz -= nbytes;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
@@ -16753,7 +16857,8 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
|
||||
if (aes->use_aesni) {
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
#if defined(HAVE_INTEL_AVX512)
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_XTS_encrypt_avx512(in, out, sz, i,
|
||||
(const byte*)aes->key,
|
||||
(const byte*)xaes->tweak.key,
|
||||
@@ -16763,7 +16868,8 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
|
||||
else
|
||||
#endif
|
||||
#if defined(HAVE_INTEL_VAES)
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_XTS_encrypt_vaes(in, out, sz, i,
|
||||
(const byte*)aes->key,
|
||||
(const byte*)xaes->tweak.key,
|
||||
@@ -16988,7 +17094,8 @@ static int AesXtsEncryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 s
|
||||
if (aes->use_aesni) {
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
#if defined(HAVE_INTEL_AVX512)
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_XTS_encrypt_update_avx512(in, out, sz,
|
||||
(const byte*)aes->key,
|
||||
stream->tweak_block,
|
||||
@@ -17292,7 +17399,8 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
|
||||
if (aes->use_aesni) {
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
#if defined(HAVE_INTEL_AVX512)
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_XTS_decrypt_avx512(in, out, sz, i,
|
||||
(const byte*)aes->key,
|
||||
(const byte*)xaes->tweak.key,
|
||||
@@ -17522,7 +17630,8 @@ static int AesXtsDecryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 s
|
||||
if (aes->use_aesni) {
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
#if defined(HAVE_INTEL_AVX512)
|
||||
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
|
||||
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_XTS_decrypt_update_avx512(in, out, sz,
|
||||
(const byte*)aes->key,
|
||||
stream->tweak_block,
|
||||
@@ -17532,7 +17641,8 @@ static int AesXtsDecryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 s
|
||||
else
|
||||
#endif
|
||||
#if defined(HAVE_INTEL_VAES)
|
||||
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
|
||||
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
|
||||
AES_XTS_decrypt_update_vaes(in, out, sz,
|
||||
(const byte*)aes->key,
|
||||
stream->tweak_block,
|
||||
|
||||
+3
-3
@@ -15340,10 +15340,10 @@ int GetFormattedTime_ex(void* currTime, byte* buf, word32 len, byte format)
|
||||
if (format == ASN_UTC_TIME) {
|
||||
/* UTC Time */
|
||||
if (ts->tm_year >= 50 && ts->tm_year < 100) {
|
||||
year = ts->tm_year;
|
||||
year = (int)ts->tm_year;
|
||||
}
|
||||
else {
|
||||
year = ts->tm_year - 100;
|
||||
year = (int)ts->tm_year - 100;
|
||||
}
|
||||
mon = ts->tm_mon + 1;
|
||||
day = ts->tm_mday;
|
||||
@@ -15360,7 +15360,7 @@ int GetFormattedTime_ex(void* currTime, byte* buf, word32 len, byte format)
|
||||
}
|
||||
else {
|
||||
/* GeneralizedTime */
|
||||
year = ts->tm_year + 1900;
|
||||
year = (int)ts->tm_year + 1900;
|
||||
mon = ts->tm_mon + 1;
|
||||
day = ts->tm_mday;
|
||||
hour = ts->tm_hour;
|
||||
|
||||
@@ -19,6 +19,8 @@
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_CMAC_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef WOLFSSL_QNX_CAAM
|
||||
|
||||
@@ -29,7 +29,9 @@
|
||||
* secret. Requires CURVE25519_SMALL. Default: off.
|
||||
*/
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
#define _WC_BUILDING_CURVE25519_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef NO_CURVED25519_X64
|
||||
#undef USE_INTEL_SPEEDUP
|
||||
|
||||
@@ -37,6 +37,8 @@
|
||||
* default: off
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_CURVE448_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef HAVE_CURVE448
|
||||
|
||||
@@ -19,6 +19,8 @@
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_DH_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifndef NO_DH
|
||||
|
||||
@@ -19,6 +19,8 @@
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_ECC_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef WOLFSSL_ECC_NO_SMALL_STACK
|
||||
|
||||
@@ -28,6 +28,8 @@
|
||||
* Check that the private key didn't change during the signing operations.
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_ED25519_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef HAVE_ED25519
|
||||
|
||||
@@ -30,6 +30,8 @@
|
||||
* Check that the private key didn't change during the signing operations.
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_ED448_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef HAVE_ED448
|
||||
|
||||
@@ -35,6 +35,8 @@
|
||||
* WOLFSSL_KCAPI_HMAC: Linux kernel crypto API for HMAC default: off
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_HMAC_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifndef NO_HMAC
|
||||
|
||||
@@ -19,6 +19,8 @@
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_KDF_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifndef NO_KDF
|
||||
|
||||
+20
-3
@@ -15262,9 +15262,26 @@ authenv_atrbend:
|
||||
}
|
||||
if (ret == 0 &&
|
||||
(encOID == AES128GCMb || encOID == AES192GCMb ||
|
||||
encOID == AES256GCMb) &&
|
||||
authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("AuthEnvelopedData GCM authTag too small");
|
||||
encOID == AES256GCMb)) {
|
||||
#if (defined(HAVE_FIPS) && FIPS_VERSION3_LT(7,0,0)) || \
|
||||
defined(HAVE_SELFTEST) || !defined(HAVE_AESGCM)
|
||||
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("AuthEnvelopedData GCM authTag too small");
|
||||
ret = ASN_PARSE_E;
|
||||
}
|
||||
#else
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (ret != 0) {
|
||||
ret = ASN_PARSE_E;
|
||||
WOLFSSL_MSG("AuthEnvelopedData GCM authTag invalid size");
|
||||
}
|
||||
#endif
|
||||
}
|
||||
if (ret == 0 &&
|
||||
(encOID == AES128CCMb || encOID == AES192CCMb ||
|
||||
encOID == AES256CCMb) &&
|
||||
authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("AuthEnvelopedData CCM authTag too small");
|
||||
ret = ASN_PARSE_E;
|
||||
}
|
||||
|
||||
|
||||
@@ -354,10 +354,9 @@ int wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
|
||||
WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
|
||||
|
||||
@@ -584,15 +584,10 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
WOLFSSL_MSG("IV size not supported on system");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
if (authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("Authentication tag size not supported on system");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
if (aes->alFd == WC_SOCK_NOTSET) {
|
||||
WOLFSSL_MSG("AF_ALG GcmEncrypt called with alFd unset");
|
||||
@@ -796,15 +791,10 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
WOLFSSL_MSG("IV size not supported on system");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
if (authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("Authentication tag size not supported on system");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
if (aes->rdFd == WC_SOCK_NOTSET) {
|
||||
aes->dir = AES_DECRYPTION;
|
||||
|
||||
@@ -357,10 +357,9 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz)
|
||||
{
|
||||
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
|
||||
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
int ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
return wc_DevCrypto_AesGcm(aes, out, (byte*)in, sz, iv, ivSz,
|
||||
authTag, authTagSz, authIn, authInSz,
|
||||
@@ -374,6 +373,10 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
const byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz)
|
||||
{
|
||||
int ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
return wc_DevCrypto_AesGcm(aes, out, (byte*)in, sz, iv, ivSz,
|
||||
(byte*)authTag, authTagSz, authIn, authInSz,
|
||||
COP_DECRYPT);
|
||||
|
||||
@@ -246,10 +246,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if ((ret == 0) && (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ)) {
|
||||
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
if (ret == 0)
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
|
||||
if (ret == 0) {
|
||||
ret = kcapi_aead_init(&aes->handle, WC_NAME_AESGCM, 0);
|
||||
@@ -361,10 +359,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if ((ret == 0) && (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ)) {
|
||||
WOLFSSL_MSG("GcmDecrypt authTagSz too small error");
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
if (ret == 0)
|
||||
ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
|
||||
if (ret == 0) {
|
||||
ret = kcapi_aead_init(&aes->handle, WC_NAME_AESGCM, 0);
|
||||
|
||||
@@ -4552,7 +4552,6 @@ static WC_INLINE void FlattenSzInBits(byte* buf, word32 sz)
|
||||
void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
|
||||
byte* s, word32 sSz)
|
||||
{
|
||||
if (gcm != NULL) {
|
||||
ALIGN8 byte x[WC_AES_BLOCK_SIZE];
|
||||
ALIGN8 byte scratch[WC_AES_BLOCK_SIZE];
|
||||
byte* h = gcm->H;
|
||||
@@ -4688,7 +4687,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
|
||||
|
||||
/* Copy the result into s. */
|
||||
XMEMCPY(s, x, sSz);
|
||||
}
|
||||
}
|
||||
|
||||
#define HAVE_GHASH
|
||||
@@ -5295,7 +5293,6 @@ static void ghash_blocks(byte* x, byte* y, const byte* in, word32 blocks)
|
||||
void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
|
||||
byte* s, word32 sSz)
|
||||
{
|
||||
if (gcm != NULL) {
|
||||
ALIGN8 byte x[WC_AES_BLOCK_SIZE];
|
||||
ALIGN8 byte scratch[WC_AES_BLOCK_SIZE];
|
||||
word32 blocks, partial;
|
||||
@@ -5343,7 +5340,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
|
||||
|
||||
/* Copy the result into s. */
|
||||
XMEMCPY(s, x, sSz);
|
||||
}
|
||||
}
|
||||
|
||||
#define HAVE_GHASH
|
||||
@@ -6932,11 +6928,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if ((ret == 0) && ((tagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
|
||||
(tagSz > WC_AES_BLOCK_SIZE))) {
|
||||
WOLFSSL_MSG("GcmEncrypt tagSz error");
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
if (ret == 0)
|
||||
ret = wc_local_AesGcmCheckTagSz(tagSz);
|
||||
|
||||
if (ret == 0) {
|
||||
switch (aes->rounds) {
|
||||
@@ -8572,13 +8565,15 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
|
||||
/* sanity checks */
|
||||
if ((aes == NULL) || (nonce == NULL) || (tag == NULL) ||
|
||||
(tagSz > WC_AES_BLOCK_SIZE) || (tagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
|
||||
((aad == NULL) && (aadSz > 0)) || (nonceSz == 0) ||
|
||||
((sz != 0) && ((in == NULL) || (out == NULL)))) {
|
||||
WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
ret = wc_local_AesGcmCheckTagSz(tagSz);
|
||||
|
||||
if (ret == 0) {
|
||||
switch (aes->rounds) {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
@@ -8721,7 +8716,6 @@ static WC_INLINE void GMULT(byte *x, byte m[32][WC_AES_BLOCK_SIZE])
|
||||
void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
|
||||
byte* s, word32 sSz)
|
||||
{
|
||||
if (gcm != NULL) {
|
||||
ALIGN8 byte x[WC_AES_BLOCK_SIZE];
|
||||
ALIGN8 byte scratch[WC_AES_BLOCK_SIZE];
|
||||
word32 blocks, partial;
|
||||
@@ -8770,7 +8764,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
|
||||
|
||||
/* Copy the result into s. */
|
||||
XMEMCPY(s, x, sSz);
|
||||
}
|
||||
}
|
||||
#endif /* !HAVE_GHASH */
|
||||
|
||||
@@ -8835,12 +8828,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if ((ret == 0) && ((tagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
|
||||
(tagSz > WC_AES_BLOCK_SIZE))) {
|
||||
WOLFSSL_MSG("GcmEncrypt tagSz error");
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
ret = wc_local_AesGcmCheckTagSz(tagSz);
|
||||
|
||||
if (ret == 0) {
|
||||
if (nonceSz == GCM_NONCE_MID_SZ) {
|
||||
@@ -8931,13 +8920,15 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
|
||||
/* Validate parameters. */
|
||||
if ((aes == NULL) || (nonce == NULL) || (tag == NULL) ||
|
||||
(tagSz > WC_AES_BLOCK_SIZE) || (tagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
|
||||
((aad == NULL) && (aadSz > 0)) || (nonceSz == 0) ||
|
||||
((sz != 0) && ((in == NULL) || (out == NULL)))) {
|
||||
WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
ret = wc_local_AesGcmCheckTagSz(tagSz);
|
||||
|
||||
if (ret == 0) {
|
||||
if (nonceSz == GCM_NONCE_MID_SZ) {
|
||||
/* Counter is IV with bottom 4 bytes set to: 0x00,0x00,0x00,0x01. */
|
||||
|
||||
@@ -687,9 +687,10 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz)
|
||||
{
|
||||
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
int ret = wc_local_AesGcmCheckTagSz(authTagSz);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
return AesAuthEncrypt(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
|
||||
authIn, authInSz, AES_CFG_MODE_GCM_HY0CALC);
|
||||
}
|
||||
|
||||
@@ -19,6 +19,8 @@
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_PWDBASED_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifndef NO_PWDBASED
|
||||
|
||||
@@ -102,6 +102,8 @@ This library contains implementation for the random number generator.
|
||||
* WOLFSSL_XILINX_CRYPT_VERSAL: Xilinx Versal crypto RNG default: off
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_RANDOM_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
/* on HPUX 11 you may need to install /dev/random see
|
||||
@@ -553,7 +555,7 @@ static int Hash_df(DRBG_internal* drbg, byte* out, word32 outSz, byte type,
|
||||
|
||||
#ifdef WC_VERBOSE_RNG
|
||||
if (ret != 0)
|
||||
WOLFSSL_DEBUG_PRINTF("ERROR: %s failed with err = %d", __FUNCTION__,
|
||||
WOLFSSL_DEBUG_PRINTF("ERROR: %s failed with err = %d", __func__,
|
||||
ret);
|
||||
#endif
|
||||
|
||||
@@ -1146,7 +1148,7 @@ static int Hash512_df(DRBG_SHA512_internal* drbg, byte* out, word32 outSz,
|
||||
|
||||
#ifdef WC_VERBOSE_RNG
|
||||
if (ret != 0)
|
||||
WOLFSSL_DEBUG_PRINTF("ERROR: %s failed with err = %d", __FUNCTION__,
|
||||
WOLFSSL_DEBUG_PRINTF("ERROR: %s failed with err = %d", __func__,
|
||||
ret);
|
||||
#endif
|
||||
|
||||
|
||||
@@ -27,6 +27,8 @@ RSA keys can be used to encrypt, decrypt, sign and verify data.
|
||||
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_RSA_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifndef NO_RSA
|
||||
|
||||
@@ -39,6 +39,8 @@
|
||||
* PSOC6_HASH_SHA1: PSoC6 hardware SHA-1 default: off
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_SHA_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef DEBUG_WOLFSSL_VERBOSE
|
||||
|
||||
@@ -38,6 +38,8 @@ on the specific device platform.
|
||||
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_SHA256_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
/*
|
||||
|
||||
+95
-30
@@ -38,6 +38,8 @@
|
||||
* PSOC6_HASH_SHA3: PSoC6 hardware SHA-3 default: off
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_SHA3_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef WC_SHA3_NO_ASM
|
||||
@@ -798,12 +800,26 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
|
||||
word32 check = 0;
|
||||
word32 total_check = 0;
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
|
||||
if (SHA3_BLOCK == sha3_block_avx2) {
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
}
|
||||
#ifdef USE_INTEL_SPEEDUP
|
||||
#ifdef WC_C_DYNAMIC_FALLBACK
|
||||
void (*sha3_block)(word64 *s) = SHA3_BLOCK;
|
||||
void (*sha3_block_n)(word64 *s, const byte* data, word32 n,
|
||||
word64 c) = SHA3_BLOCK_N;
|
||||
#endif
|
||||
|
||||
if (sha3_block == sha3_block_avx2) {
|
||||
int ret = SAVE_VECTOR_REGISTERS2();
|
||||
if (ret != 0) {
|
||||
#ifdef WC_C_DYNAMIC_FALLBACK
|
||||
sha3_block = BlockSha3;
|
||||
sha3_block_n = NULL;
|
||||
#else
|
||||
return ret;
|
||||
#endif
|
||||
}
|
||||
}
|
||||
#endif /* USE_INTEL_SPEEDUP */
|
||||
|
||||
if (sha3->i > 0) {
|
||||
byte *t;
|
||||
byte l = (byte)(p * 8 - sha3->i);
|
||||
@@ -846,7 +862,7 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
|
||||
#endif
|
||||
#endif
|
||||
#ifdef SHA3_FUNC_PTR
|
||||
(*SHA3_BLOCK)(sha3->s);
|
||||
(*sha3_block)(sha3->s);
|
||||
#else
|
||||
BlockSha3(sha3->s);
|
||||
#endif
|
||||
@@ -855,8 +871,8 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
|
||||
}
|
||||
blocks = len / (p * 8U);
|
||||
#ifdef SHA3_FUNC_PTR
|
||||
if ((SHA3_BLOCK_N != NULL) && (blocks > 0)) {
|
||||
(*SHA3_BLOCK_N)(sha3->s, data, blocks, p * 8U);
|
||||
if ((sha3_block_n != NULL) && (blocks > 0)) {
|
||||
(*sha3_block_n)(sha3->s, data, blocks, p * 8U);
|
||||
len -= blocks * (p * 8U);
|
||||
data += blocks * (p * 8U);
|
||||
blocks = 0;
|
||||
@@ -882,7 +898,7 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
|
||||
#endif
|
||||
#endif
|
||||
#ifdef SHA3_FUNC_PTR
|
||||
(*SHA3_BLOCK)(sha3->s);
|
||||
(*sha3_block)(sha3->s);
|
||||
#else
|
||||
BlockSha3(sha3->s);
|
||||
#endif
|
||||
@@ -894,8 +910,8 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
|
||||
return BAD_COND_E;
|
||||
}
|
||||
#endif
|
||||
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
|
||||
if (SHA3_BLOCK == sha3_block_avx2) {
|
||||
#ifdef USE_INTEL_SPEEDUP
|
||||
if (sha3_block == sha3_block_avx2) {
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
}
|
||||
#endif
|
||||
@@ -925,6 +941,9 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
|
||||
#ifdef WC_SHA3_FAULT_HARDEN
|
||||
int check = 0;
|
||||
#endif
|
||||
#if defined(WC_C_DYNAMIC_FALLBACK) && defined(USE_INTEL_SPEEDUP)
|
||||
void (*sha3_block)(word64 *s) = SHA3_BLOCK;
|
||||
#endif
|
||||
|
||||
#if !defined(BIG_ENDIAN_ORDER) && !defined(WC_SHA3_FAULT_HARDEN)
|
||||
xorbuf(sha3->s, sha3->t, sha3->i);
|
||||
@@ -960,14 +979,22 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
|
||||
if (SHA3_BLOCK == sha3_block_avx2)
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
#ifdef USE_INTEL_SPEEDUP
|
||||
if (sha3_block == sha3_block_avx2) {
|
||||
int ret = SAVE_VECTOR_REGISTERS2();
|
||||
if (ret != 0) {
|
||||
#ifdef WC_C_DYNAMIC_FALLBACK
|
||||
sha3_block = BlockSha3;
|
||||
#else
|
||||
return ret;
|
||||
#endif
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
for (j = 0; l - j >= rate; j += rate) {
|
||||
#ifdef SHA3_FUNC_PTR
|
||||
(*SHA3_BLOCK)(sha3->s);
|
||||
(*sha3_block)(sha3->s);
|
||||
#else
|
||||
BlockSha3(sha3->s);
|
||||
#endif
|
||||
@@ -979,7 +1006,7 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
|
||||
}
|
||||
if (j != l) {
|
||||
#ifdef SHA3_FUNC_PTR
|
||||
(*SHA3_BLOCK)(sha3->s);
|
||||
(*sha3_block)(sha3->s);
|
||||
#else
|
||||
BlockSha3(sha3->s);
|
||||
#endif
|
||||
@@ -988,8 +1015,8 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
|
||||
#endif
|
||||
XMEMCPY(hash + j, sha3->s, l - j);
|
||||
}
|
||||
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
|
||||
if (SHA3_BLOCK == sha3_block_avx2) {
|
||||
#ifdef USE_INTEL_SPEEDUP
|
||||
if (sha3_block == sha3_block_avx2) {
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
}
|
||||
#endif
|
||||
@@ -1950,16 +1977,34 @@ int wc_Shake128_Absorb(wc_Shake* shake, const byte* data, word32 len)
|
||||
*/
|
||||
int wc_Shake128_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
|
||||
{
|
||||
#if defined(WC_C_DYNAMIC_FALLBACK) && defined(USE_INTEL_SPEEDUP)
|
||||
void (*sha3_block)(word64 *s);
|
||||
#endif
|
||||
|
||||
if ((shake == NULL) || (out == NULL && blockCnt != 0)) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
|
||||
if (SHA3_BLOCK == sha3_block_avx2)
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
|
||||
#ifdef USE_INTEL_SPEEDUP
|
||||
#ifdef WC_C_DYNAMIC_FALLBACK
|
||||
sha3_block = SHA3_BLOCK;
|
||||
#endif
|
||||
|
||||
if (sha3_block == sha3_block_avx2) {
|
||||
int ret = SAVE_VECTOR_REGISTERS2();
|
||||
if (ret != 0) {
|
||||
#ifdef WC_C_DYNAMIC_FALLBACK
|
||||
sha3_block = BlockSha3;
|
||||
#else
|
||||
return ret;
|
||||
#endif
|
||||
}
|
||||
}
|
||||
#endif /* USE_INTEL_SPEEDUP */
|
||||
|
||||
for (; (blockCnt > 0); blockCnt--) {
|
||||
#ifdef SHA3_FUNC_PTR
|
||||
(*SHA3_BLOCK)(shake->s);
|
||||
(*sha3_block)(shake->s);
|
||||
#else
|
||||
BlockSha3(shake->s);
|
||||
#endif
|
||||
@@ -1970,8 +2015,9 @@ int wc_Shake128_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
|
||||
#endif
|
||||
out += WC_SHA3_128_COUNT * 8;
|
||||
}
|
||||
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
|
||||
if (SHA3_BLOCK == sha3_block_avx2)
|
||||
|
||||
#ifdef USE_INTEL_SPEEDUP
|
||||
if (sha3_block == sha3_block_avx2)
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
#endif
|
||||
|
||||
@@ -2191,16 +2237,34 @@ int wc_Shake256_Absorb(wc_Shake* shake, const byte* data, word32 len)
|
||||
*/
|
||||
int wc_Shake256_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
|
||||
{
|
||||
#if defined(WC_C_DYNAMIC_FALLBACK) && defined(USE_INTEL_SPEEDUP)
|
||||
void (*sha3_block)(word64 *s);
|
||||
#endif
|
||||
|
||||
if ((shake == NULL) || (out == NULL && blockCnt != 0)) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
|
||||
if (SHA3_BLOCK == sha3_block_avx2)
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
|
||||
#ifdef USE_INTEL_SPEEDUP
|
||||
#ifdef WC_C_DYNAMIC_FALLBACK
|
||||
sha3_block = SHA3_BLOCK;
|
||||
#endif
|
||||
|
||||
if (sha3_block == sha3_block_avx2) {
|
||||
int ret = SAVE_VECTOR_REGISTERS2();
|
||||
if (ret != 0) {
|
||||
#ifdef WC_C_DYNAMIC_FALLBACK
|
||||
sha3_block = BlockSha3;
|
||||
#else
|
||||
return ret;
|
||||
#endif
|
||||
}
|
||||
}
|
||||
#endif /* USE_INTEL_SPEEDUP */
|
||||
|
||||
for (; (blockCnt > 0); blockCnt--) {
|
||||
#ifdef SHA3_FUNC_PTR
|
||||
(*SHA3_BLOCK)(shake->s);
|
||||
(*sha3_block)(shake->s);
|
||||
#else
|
||||
BlockSha3(shake->s);
|
||||
#endif
|
||||
@@ -2211,8 +2275,9 @@ int wc_Shake256_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
|
||||
#endif
|
||||
out += WC_SHA3_256_COUNT * 8;
|
||||
}
|
||||
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
|
||||
if (SHA3_BLOCK == sha3_block_avx2)
|
||||
|
||||
#ifdef USE_INTEL_SPEEDUP
|
||||
if (sha3_block == sha3_block_avx2)
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
#endif
|
||||
|
||||
|
||||
@@ -54,6 +54,8 @@
|
||||
* WOLFSSL_RENESAS_RSIP: Renesas RSIP SHA acceleration default: off
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_SHA512_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#if (defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)) && \
|
||||
|
||||
@@ -19,6 +19,8 @@
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_WC_LMS_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#if defined(WOLFSSL_HAVE_LMS)
|
||||
|
||||
@@ -37,6 +37,8 @@
|
||||
* Enable when memory is limited.
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_WC_LMS_IMPL_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#include <wolfssl/wolfcrypt/wc_lms.h>
|
||||
|
||||
@@ -135,6 +135,8 @@
|
||||
* shift equivalent.
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_WC_MLDSA_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#if FIPS_VERSION3_GE(2,0,0)
|
||||
@@ -148,6 +150,12 @@
|
||||
|
||||
#if defined(WOLFSSL_HAVE_MLDSA)
|
||||
|
||||
#if defined(WC_MLDSA_NO_ASM) || defined(WC_SHA3_NO_ASM)
|
||||
#undef USE_INTEL_SPEEDUP
|
||||
#undef WOLFSSL_ARMASM
|
||||
#undef WOLFSSL_RISCV_ASM
|
||||
#endif
|
||||
|
||||
/* Pull in the legacy compatibility shim. wc_mldsa.h pulls in dilithium.h
|
||||
* itself for the forward arm of the sub-config gate translation (so the
|
||||
* canonical WOLFSSL_MLDSA_* gates are visible to wc_mldsa.h's own
|
||||
|
||||
@@ -70,6 +70,8 @@
|
||||
* Cannot be used with WOLFSSL_NO_MALLOC.
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_WC_MLKEM_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef WC_MLKEM_NO_ASM
|
||||
|
||||
@@ -67,6 +67,8 @@
|
||||
* some platforms and is smaller in code size.
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_WC_MLKEM_POLY_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef WC_MLKEM_NO_ASM
|
||||
|
||||
@@ -19,6 +19,8 @@
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_WC_SLHDSA_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#if FIPS_VERSION3_GE(2,0,0)
|
||||
@@ -47,7 +49,7 @@
|
||||
#include <wolfssl/wolfcrypt/hmac.h>
|
||||
#endif
|
||||
|
||||
#ifdef WC_SLHDSA_NO_ASM
|
||||
#if defined(WC_SLHDSA_NO_ASM) || defined(WC_SHA3_NO_ASM)
|
||||
#undef USE_INTEL_SPEEDUP
|
||||
#undef WOLFSSL_ARMASM
|
||||
#undef WOLFSSL_RISCV_ASM
|
||||
@@ -3281,6 +3283,8 @@ static int slhdsakey_wots_pkgen_chain_c(SlhDsaKey* key, const byte* sk_seed,
|
||||
|
||||
WC_ALLOC_VAR_EX(sk, byte, (SLHDSA_MAX_MSG_SZ + 3) * SLHDSA_MAX_N,
|
||||
key->heap, DYNAMIC_TYPE_SLHDSA, ret = MEMORY_E);
|
||||
if (ret == 0)
|
||||
XMEMSET(sk, 0, (SLHDSA_MAX_MSG_SZ + 3) * SLHDSA_MAX_N);
|
||||
if (ret == 0) {
|
||||
/* Step 4. len consecutive addresses. */
|
||||
for (i = 0; i < len; i++) {
|
||||
|
||||
@@ -19,6 +19,8 @@
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_WC_XMSS_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#ifdef WOLFSSL_HAVE_XMSS
|
||||
|
||||
@@ -29,6 +29,8 @@
|
||||
* (https://ece.engr.uvic.ca/~raltawy/SAC2021/9.pdf)
|
||||
*/
|
||||
|
||||
#define _WC_BUILDING_WC_XMSS_IMPL_C
|
||||
|
||||
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
|
||||
|
||||
#include <wolfssl/wolfcrypt/wc_xmss.h>
|
||||
|
||||
+39
-19
@@ -1127,7 +1127,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cts_test(void);
|
||||
do { \
|
||||
ret = (err); \
|
||||
ESP_LOGE(ESPIDF_TAG, "Failed: Error = %d during %s, line %d", \
|
||||
err, __FUNCTION__, __LINE__); \
|
||||
err, __func__, __LINE__); \
|
||||
ESP_LOGI(ESPIDF_TAG, "Extended system info:"); \
|
||||
esp_ShowExtendedSystemInfo(); \
|
||||
ESP_LOGW(ESPIDF_TAG, "Paused for %d seconds! " \
|
||||
@@ -19580,9 +19580,24 @@ static wc_test_ret_t aesgcm_non12iv_test(Aes* enc, Aes* dec)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
|
||||
for (tlen = WOLFSSL_MIN_AUTH_TAG_SZ; tlen < 16; tlen++) {
|
||||
for (tlen = WOLFSSL_MIN_AUTH_TAG_SZ; tlen <= WC_AES_BLOCK_SIZE; tlen++) {
|
||||
int ii;
|
||||
|
||||
#ifndef WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH
|
||||
switch (tlen) {
|
||||
case 4:
|
||||
case 8:
|
||||
case 12:
|
||||
case 13:
|
||||
case 14:
|
||||
case 15:
|
||||
case 16:
|
||||
break;
|
||||
default:
|
||||
continue;
|
||||
}
|
||||
#endif
|
||||
|
||||
XMEMSET(resultT, 0, sizeof(resultT));
|
||||
wc_AesGcmSetKey(enc, k3, (word32)k3Sz);
|
||||
/* AES-GCM encrypt and decrypt both use AES encrypt internally */
|
||||
@@ -57775,7 +57790,7 @@ static wc_test_ret_t slhdsa_keygen_kat(enum SlhDsaParam param,
|
||||
DYNAMIC_TYPE_TMP_BUFFER, return WC_TEST_RET_ENC_EC(MEMORY_E));
|
||||
XMEMSET(key, 0, sizeof(*key));
|
||||
|
||||
ret = wc_SlhDsaKey_Init(key, param, NULL, INVALID_DEVID);
|
||||
ret = wc_SlhDsaKey_Init(key, param, NULL, devId);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
}
|
||||
@@ -58058,30 +58073,30 @@ static wc_test_ret_t slhdsa_id_label_test(void)
|
||||
|
||||
/* NULL key rejected. */
|
||||
ret = wc_SlhDsaKey_Init_id(NULL, param, id, (int)sizeof(id), HEAP_HINT,
|
||||
INVALID_DEVID);
|
||||
devId);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
|
||||
/* (id == NULL, len > 0) is the silent-contradiction case the original
|
||||
* review flagged; must be rejected. */
|
||||
ret = wc_SlhDsaKey_Init_id(&key, param, NULL, 8, HEAP_HINT, INVALID_DEVID);
|
||||
ret = wc_SlhDsaKey_Init_id(&key, param, NULL, 8, HEAP_HINT, devId);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
|
||||
/* Length over the cap rejected with BUFFER_E. */
|
||||
ret = wc_SlhDsaKey_Init_id(&key, param, id, SLHDSA_MAX_ID_LEN + 1,
|
||||
HEAP_HINT, INVALID_DEVID);
|
||||
HEAP_HINT, devId);
|
||||
if (ret != WC_NO_ERR_TRACE(BUFFER_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
|
||||
/* Negative length rejected. */
|
||||
ret = wc_SlhDsaKey_Init_id(&key, param, id, -1, HEAP_HINT, INVALID_DEVID);
|
||||
ret = wc_SlhDsaKey_Init_id(&key, param, id, -1, HEAP_HINT, devId);
|
||||
if (ret != WC_NO_ERR_TRACE(BUFFER_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
|
||||
/* Successful init copies the id and stores its length. */
|
||||
ret = wc_SlhDsaKey_Init_id(&key, param, id, (int)sizeof(id), HEAP_HINT,
|
||||
INVALID_DEVID);
|
||||
devId);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
if (key.idLen != (int)sizeof(id))
|
||||
@@ -58094,7 +58109,7 @@ static wc_test_ret_t slhdsa_id_label_test(void)
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
/* (id != NULL, len == 0) is accepted as a no-op. */
|
||||
ret = wc_SlhDsaKey_Init_id(&key, param, id, 0, HEAP_HINT, INVALID_DEVID);
|
||||
ret = wc_SlhDsaKey_Init_id(&key, param, id, 0, HEAP_HINT, devId);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
if (key.idLen != 0)
|
||||
@@ -58112,7 +58127,7 @@ static wc_test_ret_t slhdsa_id_label_test(void)
|
||||
for (i = 0; i < SLHDSA_MAX_ID_LEN; i++)
|
||||
id_max[i] = (unsigned char)(0x40 + i);
|
||||
ret = wc_SlhDsaKey_Init_id(&key, param, id_max, SLHDSA_MAX_ID_LEN,
|
||||
HEAP_HINT, INVALID_DEVID);
|
||||
HEAP_HINT, devId);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
if (key.idLen != SLHDSA_MAX_ID_LEN)
|
||||
@@ -58128,22 +58143,22 @@ static wc_test_ret_t slhdsa_id_label_test(void)
|
||||
|
||||
/* Init_label: NULL label / NULL key rejected. */
|
||||
ret = wc_SlhDsaKey_Init_label(NULL, param, label, HEAP_HINT,
|
||||
INVALID_DEVID);
|
||||
devId);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ret = wc_SlhDsaKey_Init_label(&key, param, NULL, HEAP_HINT,
|
||||
INVALID_DEVID);
|
||||
devId);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
|
||||
/* Empty label is rejected. */
|
||||
ret = wc_SlhDsaKey_Init_label(&key, param, "", HEAP_HINT, INVALID_DEVID);
|
||||
ret = wc_SlhDsaKey_Init_label(&key, param, "", HEAP_HINT, devId);
|
||||
if (ret != WC_NO_ERR_TRACE(BUFFER_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
|
||||
/* Successful init copies the label and stores its length. */
|
||||
ret = wc_SlhDsaKey_Init_label(&key, param, label, HEAP_HINT,
|
||||
INVALID_DEVID);
|
||||
devId);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
if (key.labelLen != (int)XSTRLEN(label))
|
||||
@@ -58167,7 +58182,7 @@ static wc_test_ret_t slhdsa_id_label_test(void)
|
||||
label_max[i] = 'L';
|
||||
label_max[SLHDSA_MAX_LABEL_LEN] = '\0';
|
||||
ret = wc_SlhDsaKey_Init_label(&key, param, label_max, HEAP_HINT,
|
||||
INVALID_DEVID);
|
||||
devId);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
if (key.labelLen != SLHDSA_MAX_LABEL_LEN)
|
||||
@@ -59234,7 +59249,7 @@ wc_test_ret_t slhdsa_test(void)
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_SLHDSA_VERIFY_ONLY
|
||||
ret = wc_SlhDsaKey_Init(key, SLHDSA_SHAKE128S, NULL, INVALID_DEVID);
|
||||
ret = wc_SlhDsaKey_Init(key, SLHDSA_SHAKE128S, NULL, devId);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
}
|
||||
@@ -74914,11 +74929,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void)
|
||||
*
|
||||
* Only enforce when slhdsa_test() actually runs a cb-routed op:
|
||||
* !VERIFY_ONLY runs slhdsa_test_param (uses devId), or
|
||||
* PARAM_128S enables the in-tree KAT verify (also uses devId). */
|
||||
* PARAM_128S enables the in-tree KAT verify (also uses devId).
|
||||
*
|
||||
* The FIPS wrappers force the devId to FIPS_INVALID_DEVID, so we skip
|
||||
* the check for FIPS.
|
||||
*/
|
||||
int baseline = myCtx.exampleVar;
|
||||
ret = slhdsa_test();
|
||||
#if !defined(WOLFSSL_SLHDSA_VERIFY_ONLY) || \
|
||||
defined(WOLFSSL_SLHDSA_PARAM_128S)
|
||||
#if (!defined(WOLFSSL_SLHDSA_VERIFY_ONLY) || \
|
||||
defined(WOLFSSL_SLHDSA_PARAM_128S)) && \
|
||||
!defined(HAVE_FIPS)
|
||||
if ((ret == 0) && (myCtx.exampleVar == baseline))
|
||||
ret = WC_TEST_RET_ENC_NC;
|
||||
#endif
|
||||
|
||||
@@ -74,9 +74,11 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp
|
||||
OcspEntry *entry, OcspRequest *ocspRequest,
|
||||
void* heap);
|
||||
|
||||
#ifndef CheckOcspResponder
|
||||
WOLFSSL_LOCAL int CheckOcspResponder(OcspResponse *bs, byte* subjectNameHash,
|
||||
byte* subjectKeyHash, byte extExtKeyUsage, byte* issuerNameHash,
|
||||
byte* issuerKeyHash);
|
||||
#endif
|
||||
|
||||
/* Allocates and initializes a WOLFSSL_OCSP object */
|
||||
WOLFSSL_API WOLFSSL_OCSP* wc_NewOCSP(WOLFSSL_CERT_MANAGER* cm);
|
||||
|
||||
@@ -70,8 +70,9 @@ WOLFSSL_LOCAL void GenerateM0(Gcm* gcm);
|
||||
!defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
|
||||
WOLFSSL_LOCAL void GMULT(byte* X, byte* Y);
|
||||
#endif
|
||||
WOLFSSL_LOCAL void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
|
||||
word32 cSz, byte* s, word32 sSz);
|
||||
WOLFSSL_LOCAL void WC_ARG_NOT_NULL(1) GHASH(Gcm* gcm, const byte* a,
|
||||
word32 aSz, const byte* c,
|
||||
word32 cSz, byte* s, word32 sSz);
|
||||
#endif
|
||||
|
||||
#ifndef NO_AES
|
||||
@@ -614,6 +615,7 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_AESGCM
|
||||
WOLFSSL_LOCAL int wc_local_AesGcmCheckTagSz(word32 authTagSz);
|
||||
#ifdef WOLFSSL_XILINX_CRYPT
|
||||
WOLFSSL_API int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
|
||||
word32 kup);
|
||||
|
||||
@@ -728,7 +728,7 @@ int StackSizeHWMReset(void)
|
||||
|
||||
#if defined(__GNUC__) || defined(__clang__)
|
||||
#define STACK_SIZE_INIT() \
|
||||
(void)StackSizeSetOffset(__FUNCTION__, __builtin_frame_address(0))
|
||||
(void)StackSizeSetOffset(__func__, __builtin_frame_address(0))
|
||||
#endif
|
||||
|
||||
#endif /* HAVE_STACK_SIZE_VERBOSE */
|
||||
|
||||
+20
-12
@@ -356,9 +356,6 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
#ifndef WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED
|
||||
#define WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED 0
|
||||
#endif
|
||||
#ifndef CAN_SAVE_VECTOR_REGISTERS
|
||||
#define CAN_SAVE_VECTOR_REGISTERS() (SAVE_VECTOR_REGISTERS2_fuzzer() == 0)
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef DEBUG_VECTOR_REGISTER_ACCESS
|
||||
@@ -385,7 +382,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
fprintf(stderr, \
|
||||
("%s() %s @ L %d : incr : " \
|
||||
"wc_svr_count %d (last op %s L %d)\n"), \
|
||||
__FUNCTION__, \
|
||||
__func__, \
|
||||
__FILE__, \
|
||||
__LINE__, \
|
||||
wc_svr_count, \
|
||||
@@ -408,7 +405,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
fprintf(stderr, \
|
||||
("%s() %s @ L %d : incr : " \
|
||||
"wc_svr_count %d (last op %s L %d)\n"), \
|
||||
__FUNCTION__, \
|
||||
__func__, \
|
||||
__FILE__, \
|
||||
__LINE__, \
|
||||
wc_svr_count, \
|
||||
@@ -420,15 +417,26 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
} while (0)
|
||||
|
||||
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
|
||||
|
||||
#ifndef CAN_SAVE_VECTOR_REGISTERS
|
||||
#define CAN_SAVE_VECTOR_REGISTERS() \
|
||||
((wc_svr_count > 0) ? 1 : \
|
||||
SAVE_VECTOR_REGISTERS2_fuzzer() == 0)
|
||||
#endif
|
||||
|
||||
#define SAVE_VECTOR_REGISTERS2(...) ({ \
|
||||
int _svr2_val = SAVE_VECTOR_REGISTERS2_fuzzer(); \
|
||||
int _svr2_val; \
|
||||
if (wc_svr_count > 0) \
|
||||
_svr2_val = 0; \
|
||||
else \
|
||||
_svr2_val = SAVE_VECTOR_REGISTERS2_fuzzer(); \
|
||||
if (_svr2_val == 0) { \
|
||||
++wc_svr_count; \
|
||||
if (wc_svr_count > 5) { \
|
||||
fprintf(stderr, \
|
||||
("%s() %s @ L %d : incr : " \
|
||||
"wc_svr_count %d (last op %s L %d)\n"), \
|
||||
__FUNCTION__, \
|
||||
__func__, \
|
||||
__FILE__, \
|
||||
__LINE__, \
|
||||
wc_svr_count, \
|
||||
@@ -452,7 +460,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
fprintf(stderr, \
|
||||
("%s() %s @ L %d : incr : " \
|
||||
"wc_svr_count %d (last op %s L %d)\n"), \
|
||||
__FUNCTION__, \
|
||||
__func__, \
|
||||
__FILE__, \
|
||||
__LINE__, \
|
||||
wc_svr_count, \
|
||||
@@ -467,7 +475,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
fprintf(stderr, \
|
||||
("%s() %s @ L %d : incr : " \
|
||||
"wc_svr_count %d (last op %s L %d)\n"), \
|
||||
__FUNCTION__, \
|
||||
__func__, \
|
||||
__FILE__, \
|
||||
__LINE__, \
|
||||
wc_svr_count, \
|
||||
@@ -489,7 +497,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
fprintf(stderr, \
|
||||
("ASSERT_SAVED_VECTOR_REGISTERS : %s() %s @ L %d : " \
|
||||
"wc_svr_count %d (last op %s L %d)\n"), \
|
||||
__FUNCTION__, \
|
||||
__func__, \
|
||||
__FILE__, \
|
||||
__LINE__, \
|
||||
wc_svr_count, \
|
||||
@@ -503,7 +511,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
fprintf(stderr, \
|
||||
("ASSERT_RESTORED_VECTOR_REGISTERS : %s() %s @ L %d" \
|
||||
" : wc_svr_count %d (last op %s L %d)\n"), \
|
||||
__FUNCTION__, \
|
||||
__func__, \
|
||||
__FILE__, \
|
||||
__LINE__, \
|
||||
wc_svr_count, \
|
||||
@@ -519,7 +527,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
fprintf(stderr, \
|
||||
("%s() %s @ L %d : decr : " \
|
||||
"wc_svr_count %d (last op %s L %d)\n"), \
|
||||
__FUNCTION__, \
|
||||
__func__, \
|
||||
__FILE__, \
|
||||
__LINE__, \
|
||||
wc_svr_count, \
|
||||
|
||||
@@ -1641,14 +1641,14 @@
|
||||
#if (defined(DEBUG_WOLFSSL) || defined(DEBUG_WOLFSSL_MALLOC))
|
||||
#define XMALLOC(s, h, type) \
|
||||
((void)(h), (void)(type), wc_debug_pvPortMalloc( \
|
||||
(s), (__FILE__), (__LINE__), (__FUNCTION__) ))
|
||||
s, __FILE__, __LINE__, __func__))
|
||||
#else
|
||||
#define XMALLOC(s, h, type) \
|
||||
((void)(h), (void)(type), wc_pvPortMalloc((s))) /* native heap */
|
||||
((void)(h), (void)(type), wc_pvPortMalloc(s)) /* native heap */
|
||||
#endif
|
||||
#else
|
||||
#define XMALLOC(s, h, type) \
|
||||
((void)(h), (void)(type), pvPortMalloc((s))) /* native heap */
|
||||
((void)(h), (void)(type), pvPortMalloc(s)) /* native heap */
|
||||
#endif
|
||||
|
||||
/* XFREE */
|
||||
@@ -1656,14 +1656,14 @@
|
||||
#if (defined(DEBUG_WOLFSSL) || defined(DEBUG_WOLFSSL_MALLOC))
|
||||
#define XFREE(p, h, type) \
|
||||
((void)(h), (void)(type), wc_debug_pvPortFree( \
|
||||
(p), (__FILE__), (__LINE__), (__FUNCTION__) ))
|
||||
p, __FILE__, __LINE__, __func__))
|
||||
#else
|
||||
#define XFREE(p, h, type) \
|
||||
((void)(h), (void)(type), wc_pvPortFree((p)))
|
||||
((void)(h), (void)(type), wc_pvPortFree(p))
|
||||
#endif
|
||||
#else
|
||||
#define XFREE(p, h, type) \
|
||||
((void)(h), (void)(type), vPortFree((p))) /* native heap */
|
||||
((void)(h), (void)(type), vPortFree(p)) /* native heap */
|
||||
#endif
|
||||
|
||||
/* XREALLOC */
|
||||
@@ -1671,19 +1671,19 @@
|
||||
#if (defined(DEBUG_WOLFSSL) || defined(DEBUG_WOLFSSL_MALLOC))
|
||||
#define XREALLOC(p, n, h, t) \
|
||||
((void)(h), (void)(t), wc_debug_pvPortRealloc( \
|
||||
(p), (n),(__FILE__), (__LINE__), (__FUNCTION__) ))
|
||||
p, n, __FILE__, __LINE__, __func__))
|
||||
#else
|
||||
/* In the Espressif EDP-IDF, realloc(p, n) is equivalent to
|
||||
* heap_caps_realloc(p, s, MALLOC_CAP_8BIT)
|
||||
* There's no pvPortRealloc available, use native heap: */
|
||||
#define XREALLOC(p, n, h, t) \
|
||||
((void)(h), (void)(t), wc_pvPortRealloc((p), (n)))
|
||||
((void)(h), (void)(t), wc_pvPortRealloc(p, n))
|
||||
#endif
|
||||
#elif defined(USE_INTEGER_HEAP_MATH) || defined(OPENSSL_EXTRA) || \
|
||||
defined(OPENSSL_ALL)
|
||||
/* FreeRTOS pvPortRealloc() implementation can be found here:
|
||||
* https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
|
||||
#define XREALLOC(p, n, h, t) ((void)(h), (void)(t), pvPortRealloc((p), (n)))
|
||||
#define XREALLOC(p, n, h, t) ((void)(h), (void)(t), pvPortRealloc(p, n))
|
||||
#else
|
||||
/* no XREALLOC available */
|
||||
#endif
|
||||
@@ -3558,6 +3558,12 @@
|
||||
#error WOLFSSL_MIN_AUTH_TAG_SZ must be at least 1
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_FIPS) && FIPS_VERSION3_GE(7, 0, 0)
|
||||
/* No short (<96 bit) tags per SP 800-38D 2026 revision in process. */
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ < 12
|
||||
#error WOLFSSL_MIN_AUTH_TAG_SZ must be >= 12 per SP 800-38D Rev 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* sniffer requires:
|
||||
* static RSA cipher suites
|
||||
@@ -3998,8 +4004,31 @@
|
||||
#undef HAVE_PUBLIC_FFDHE
|
||||
#endif
|
||||
|
||||
#undef WOLFSSL_MIN_AUTH_TAG_SZ
|
||||
#define WOLFSSL_MIN_AUTH_TAG_SZ 4
|
||||
#if defined(HAVE_FIPS)
|
||||
#if FIPS_VERSION3_LT(7, 0, 0)
|
||||
/* support RFC 4106 IPsec ESP 64 bit tags */
|
||||
#undef WOLFSSL_MIN_AUTH_TAG_SZ
|
||||
#define WOLFSSL_MIN_AUTH_TAG_SZ 8
|
||||
#else
|
||||
/* No short (<96 bit) tags per SP 800-38D 2026 revision in process. */
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ < 12
|
||||
#undef WOLFSSL_MIN_AUTH_TAG_SZ
|
||||
#define WOLFSSL_MIN_AUTH_TAG_SZ 12
|
||||
#endif
|
||||
#endif
|
||||
#elif defined(CONFIG_CRYPTO_MANAGER_EXTRA_TESTS) || defined(CONFIG_CRYPTO_SELFTESTS_FULL)
|
||||
/* The Linux kernel native crypto fuzzer expects small AES-GCM tag sizes to succeed. */
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ > 4
|
||||
#undef WOLFSSL_MIN_AUTH_TAG_SZ
|
||||
#define WOLFSSL_MIN_AUTH_TAG_SZ 4
|
||||
#endif
|
||||
#else
|
||||
/* support RFC 4106 IPsec ESP */
|
||||
#if WOLFSSL_MIN_AUTH_TAG_SZ > 8
|
||||
#undef WOLFSSL_MIN_AUTH_TAG_SZ
|
||||
#define WOLFSSL_MIN_AUTH_TAG_SZ 8
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(LINUXKM_LKCAPI_REGISTER) && !defined(WOLFSSL_ASN_INT_LEAD_0_ANY)
|
||||
/* kernel 5.10 crypto manager tests key(s) that fail unless leading
|
||||
@@ -4011,9 +4040,9 @@
|
||||
#define WOLFSSL_AARCH64_PRIVILEGE_MODE
|
||||
#endif
|
||||
|
||||
/* USE_INTEL_SPEEDUP currently gives wrong results for ML-KEM in linuxkm. */
|
||||
#if !defined(WC_MLKEM_NO_ASM) && !defined(WC_MLKEM_KERNEL_ASM)
|
||||
#define WC_MLKEM_NO_ASM
|
||||
#ifndef WC_SIPHASH_NO_ASM
|
||||
/* siphash asm produces wrong results in kernel mode. */
|
||||
#define WC_SIPHASH_NO_ASM
|
||||
#endif
|
||||
#endif /* WOLFSSL_LINUXKM */
|
||||
|
||||
@@ -4094,8 +4123,10 @@
|
||||
#define WOLFSSL_HAVE_MAX
|
||||
#endif /* WOLFSSL_BSDKM */
|
||||
|
||||
/* Common setup for kernel mode builds */
|
||||
#ifdef WOLFSSL_KERNEL_MODE
|
||||
/* Common setup for kernel mode builds, also compatible with user library via
|
||||
* WOLFSSL_KERNEL_MODE_DEFAULTS.
|
||||
*/
|
||||
#if defined(WOLFSSL_KERNEL_MODE) || defined(WOLFSSL_KERNEL_MODE_DEFAULTS)
|
||||
#ifndef WOLFSSL_API_PREFIX_MAP
|
||||
#define WOLFSSL_API_PREFIX_MAP
|
||||
#endif
|
||||
@@ -4149,7 +4180,11 @@
|
||||
#undef WOLFSSL_GENERAL_ALIGNMENT
|
||||
#define WOLFSSL_GENERAL_ALIGNMENT SIZEOF_LONG
|
||||
#endif
|
||||
#endif /* WOLFSSL_KERNEL_MODE */
|
||||
|
||||
#ifndef WOLFSSL_SMALL_STACK_STATIC
|
||||
#define WOLFSSL_SMALL_STACK_STATIC
|
||||
#endif
|
||||
#endif /* WOLFSSL_KERNEL_MODE || WOLFSSL_KERNEL_MODE_DEFAULTS */
|
||||
|
||||
#if defined(WC_SYM_RELOC_TABLES) && defined(HAVE_FIPS) && \
|
||||
!defined(WC_PIE_RELOC_TABLES)
|
||||
@@ -4189,6 +4224,15 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* SHA-3 low level state can't alternate freely between C and intelasm. */
|
||||
#if (defined(_WC_BUILDING_WC_MLKEM_POLY_C) || \
|
||||
defined(_WC_BUILDING_WC_MLDSA_C) || \
|
||||
defined(_WC_BUILDING_WC_SLHDSA_C)) && \
|
||||
defined(DEBUG_VECTOR_REGISTER_ACCESS_FUZZING) && \
|
||||
!defined(DEBUG_FORCE_VECTOR_REGISTER_ACCESS_FUZZING)
|
||||
#undef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
|
||||
#endif
|
||||
|
||||
/* Make sure setting OPENSSL_ALL also sets OPENSSL_EXTRA. */
|
||||
#if defined(OPENSSL_ALL) && !defined(OPENSSL_EXTRA)
|
||||
#define OPENSSL_EXTRA
|
||||
|
||||
@@ -433,10 +433,6 @@ enum {
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
|
||||
#define INLINE WC_INLINE
|
||||
#endif
|
||||
|
||||
/* set up rotate style */
|
||||
#if ((defined(_MSC_VER) && !defined(WOLFSSL_NOT_WINDOWS_API)) || \
|
||||
defined(__BCPLUSPLUS__)) && !defined(WOLFSSL_SGX) && \
|
||||
|
||||
@@ -106,7 +106,10 @@
|
||||
#endif
|
||||
#endif /* !WC_DEPRECATED */
|
||||
|
||||
/* use inlining if compiler allows */
|
||||
/* Use inlining if compiler allows -- omit the static attribute here, so that
|
||||
* WC_INLINE can be used on functions that are instantiated both inline in the
|
||||
* TU, and callable from outside the TU.
|
||||
*/
|
||||
#ifndef WC_INLINE
|
||||
#ifndef NO_INLINE
|
||||
#ifdef _MSC_VER
|
||||
@@ -143,6 +146,10 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
|
||||
#define INLINE WC_INLINE
|
||||
#endif
|
||||
|
||||
#ifndef WC_NO_INLINE
|
||||
#ifdef noinline
|
||||
#define WC_NO_INLINE noinline
|
||||
@@ -549,8 +556,7 @@
|
||||
* should not be included. Use FreeBSD <machine/atomic.h> instead.
|
||||
* definitions are in bsdkm/bsdkm_wc_port.h */
|
||||
#elif defined(HAVE_C___ATOMIC) && defined(WOLFSSL_HAVE_ATOMIC_H) && \
|
||||
!defined(__cplusplus) && \
|
||||
!(defined(__clang__) && defined(WOLFSSL_KERNEL_MODE))
|
||||
!defined(__cplusplus)
|
||||
/* Default C Implementation */
|
||||
#include <stdatomic.h>
|
||||
typedef atomic_int wolfSSL_Atomic_Int;
|
||||
|
||||
Reference in New Issue
Block a user