Merge pull request #10696 from douzzer/20260615-linuxkm-fixes

20260615-linuxkm-fixes
This commit is contained in:
philljj
2026-06-30 12:00:25 -05:00
committed by GitHub
59 changed files with 824 additions and 398 deletions
+3
View File
@@ -214,6 +214,7 @@ CURVED448_SMALL
CUSTOM_ENTROPY_TIMEHIRES
CY_USING_HAL
DCP_USE_DCACHE
DEBUG_FORCE_VECTOR_REGISTER_ACCESS_FUZZING
DILITHIUM_MUL_11_SLOW
DILITHIUM_MUL_44_SLOW
DILITHIUM_MUL_QINV_SLOW
@@ -634,6 +635,7 @@ USE_WOLF_STRNSTR
USS_API
WC_AESXTS_STREAM_NO_REQUEST_ACCOUNTING
WC_AES_BS_WORD_SIZE
WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH
WC_AES_GCM_DEC_AUTH_EARLY
WC_ALLOW_ECC_ZERO_HASH
WC_ASN_HASH_SHA256
@@ -669,6 +671,7 @@ WC_HASH_CUSTOM_MAX_DIGEST_SIZE
WC_HASH_CUSTOM_MIN_DIGEST_SIZE
WC_INIT_ERROR_WHEN_CONTENDED
WC_LINUXKM_NO_USE_HEAP_WRAPPERS
WC_MLDSA_NO_ASM
WC_MLKEM_KERNEL_ASM
WC_NO_ASYNC_SLEEP
WC_NO_RNG_SIMPLE
+51 -47
View File
@@ -165,12 +165,6 @@ AC_ARG_ENABLE([linuxkm],
[ENABLED_LINUXKM=no]
)
AC_ARG_ENABLE([linuxkm-defaults],
[AS_HELP_STRING([--enable-linuxkm-defaults],[Enable feature defaults for Linux Kernel Module (default: disabled)])],
[KERNEL_MODE_DEFAULTS=$enableval],
[KERNEL_MODE_DEFAULTS=$ENABLED_LINUXKM]
)
# FreeBSD Kernel Module
AC_ARG_ENABLE([freebsdkm],
[AS_HELP_STRING([--enable-freebsdkm],[Enable FreeBSD Kernel Module (default: disabled)])],
@@ -178,6 +172,29 @@ AC_ARG_ENABLE([freebsdkm],
[ENABLED_BSDKM=no]
)
if test "$ENABLED_LINUXKM" != "no" || test "$ENABLED_BSDKM" != "no"
then
KERNEL_MODE_DEFAULTS=yes
else
KERNEL_MODE_DEFAULTS=no
fi
AC_ARG_ENABLE([kernel-settings],
[AS_HELP_STRING([--enable-kernel-settings],[Enable default settings appropriate for kernel modules (default: disabled)])],
[KERNEL_MODE_DEFAULTS=$enableval]
)
# backward-compat alias for --enable-kernel-settings
AC_ARG_ENABLE([linuxkm-defaults],
[AS_HELP_STRING([--enable-linuxkm-defaults],[Enable default settings appropriate for kernel modules (default: disabled)])],
[KERNEL_MODE_DEFAULTS=$enableval]
)
if test "$KERNEL_MODE_DEFAULTS" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KERNEL_MODE_DEFAULTS"
fi
AC_ARG_ENABLE([freebsdkm-crypto-register],
[AS_HELP_STRING([--enable-freebsdkm-crypto-register],[Register wolfCrypt implementations with the FreeBSD kernel opencrypto framework. (default: disabled)])],
[ENABLED_BSDKM_REGISTER=$enableval],
@@ -446,7 +463,7 @@ AC_SUBST([ENABLED_ASM])
# Default math is SP Math all and not fast math
# FIPS v1 and v2 must use fast math
DEF_SP_MATH="yes"
DEF_SP_MATH_ALL="yes"
DEF_FAST_MATH="no"
# FIPS 140
@@ -557,7 +574,7 @@ AS_CASE([$ENABLED_FIPS],
FIPS_VERSION="v1"
HAVE_FIPS_VERSION_MAJOR=1
ENABLED_FIPS="yes"
DEF_SP_MATH="no"
DEF_SP_MATH_ALL="no"
DEF_FAST_MATH="yes"
],
[v2|cert3389],[
@@ -565,7 +582,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MAJOR=2
HAVE_FIPS_VERSION_MINOR=0
ENABLED_FIPS="yes"
DEF_SP_MATH="no"
DEF_SP_MATH_ALL="no"
DEF_FAST_MATH="yes"
],
[rand],[
@@ -573,7 +590,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MAJOR=2
HAVE_FIPS_VERSION_MINOR=1
ENABLED_FIPS="yes"
DEF_SP_MATH="no"
DEF_SP_MATH_ALL="no"
DEF_FAST_MATH="no"
],
[v5|cert4718],[
@@ -582,7 +599,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MINOR=2
HAVE_FIPS_VERSION_PATCH=1
ENABLED_FIPS="yes"
DEF_SP_MATH="no"
DEF_SP_MATH_ALL="no"
DEF_FAST_MATH="yes"
],
[v5.2.3],[
@@ -591,7 +608,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MINOR=2
HAVE_FIPS_VERSION_PATCH=3
ENABLED_FIPS="yes"
DEF_SP_MATH="yes"
DEF_SP_MATH_ALL="yes"
DEF_FAST_MATH="no"
],
[v5.2.4],[
@@ -600,7 +617,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MINOR=2
HAVE_FIPS_VERSION_PATCH=4
ENABLED_FIPS="yes"
DEF_SP_MATH="yes"
DEF_SP_MATH_ALL="yes"
DEF_FAST_MATH="no"
],
[v5-RC12],[
@@ -609,7 +626,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MINOR=2
HAVE_FIPS_VERSION_PATCH=0
ENABLED_FIPS="yes"
DEF_SP_MATH="no"
DEF_SP_MATH_ALL="no"
DEF_FAST_MATH="yes"
],
[v5-ready],[
@@ -617,7 +634,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MAJOR=5
HAVE_FIPS_VERSION_MINOR=3
ENABLED_FIPS="yes"
DEF_SP_MATH="no"
DEF_SP_MATH_ALL="no"
DEF_FAST_MATH="yes"
],
[v5-dev],[
@@ -626,7 +643,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MINOR=2
HAVE_FIPS_VERSION_PATCH=1
ENABLED_FIPS="yes"
# for dev, DEF_SP_MATH and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
# for dev, DEF_SP_MATH_ALL and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
],
[v5-kcapi],[
FIPS_VERSION="v5-dev"
@@ -634,7 +651,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MINOR=3
HAVE_FIPS_VERSION_PATCH=0
ENABLED_FIPS="yes"
# for dev, DEF_SP_MATH and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
# for dev, DEF_SP_MATH_ALL and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
],
[v6|v6-dev],[
FIPS_VERSION="v6"
@@ -643,7 +660,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MINOR=0
HAVE_FIPS_VERSION_PATCH=0
ENABLED_FIPS="yes"
DEF_SP_MATH="yes"
DEF_SP_MATH_ALL="yes"
DEF_FAST_MATH="no"
],
[v7],[
@@ -653,7 +670,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MINOR=0
HAVE_FIPS_VERSION_PATCH=0
ENABLED_FIPS="yes"
DEF_SP_MATH="yes"
DEF_SP_MATH_ALL="yes"
DEF_FAST_MATH="no"
],
# Should always remain one ahead of the latest so as not to be confused with
@@ -665,7 +682,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MINOR=0
HAVE_FIPS_VERSION_PATCH=0
ENABLED_FIPS="yes"
DEF_SP_MATH="yes"
DEF_SP_MATH_ALL="yes"
DEF_FAST_MATH="no"
],
[dev|v7-dev],[
@@ -674,7 +691,7 @@ AS_CASE([$ENABLED_FIPS],
HAVE_FIPS_VERSION_MINOR=0
HAVE_FIPS_VERSION_PATCH=0
ENABLED_FIPS="yes"
# for dev, DEF_SP_MATH and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
# for dev, DEF_SP_MATH_ALL and DEF_FAST_MATH follow non-FIPS defaults (currently sp-math-all)
],
[lean-aesgcm|lean-aesgcm-ready|lean-aesgcm-dev],[
FIPS_VERSION="$ENABLED_FIPS"
@@ -809,16 +826,10 @@ then
fi
AC_SUBST([ENABLED_KERNEL_BENCHMARKS])
if test "$ENABLED_LINUXKM" = "yes" && test "$KERNEL_MODE_DEFAULTS" = "yes"
# Kernel mode only supports sp-math-all with smallstack.
if test "$KERNEL_MODE_DEFAULTS" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DWOLFSSL_SMALL_STACK_STATIC -DWC_SHA3_NO_ASM"
if test "$ENABLED_LINUXKM_PIE" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OCSP_ISSUER_CHECK"
fi
if test "$ENABLED_FIPS" = "no"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_OLD_PRIME_CHECK"
fi
DEF_SP_MATH="yes"
DEF_SP_MATH_ALL="yes"
DEF_FAST_MATH="no"
fi
@@ -848,11 +859,11 @@ then
# Currently DWARF 5 is the default debug format, but it results in
# "Unsupported DW_TAG_atomic_type(0x47): type: 0x1eefc" in some
# kernel module builds.
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM -DWC_SIPHASH_NO_ASM -gdwarf-4"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM -gdwarf-4"
AS_IF([test "$ax_enable_debug" = "yes"],
[AM_CFLAGS="$AM_CFLAGS -g3"],
[AM_CFLAGS="$AM_CFLAGS -g1"])
AM_CCASFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM -DWC_SIPHASH_NO_ASM -gdwarf-4"
AM_CCASFLAGS="$AM_CFLAGS -DWOLFSSL_LINUXKM -gdwarf-4"
AS_IF([test "$ax_enable_debug" = "yes"],
[AM_CCASFLAGS="$AM_CFLAGS -g3"],
[AM_CCASFLAGS="$AM_CFLAGS -g1"])
@@ -879,8 +890,6 @@ then
if test "${KERNEL_ARCH}" = ""; then
AC_MSG_ERROR([Linux kernel target architecture for build tree ${KERNEL_ROOT} could not be determined. Is target kernel configured?])
fi
AM_CFLAGS="$AM_CFLAGS -DNO_DEV_RANDOM -DNO_WRITEV -DNO_STDIO_FILESYSTEM -DWOLFSSL_NO_SOCK -DWOLFSSL_USER_IO"
fi
#
@@ -894,7 +903,6 @@ if test "x$ENABLED_BSDKM" = "xyes"
then
# note: bsdkm is wolfcrypt only for now.
HAVE_KERNEL_MODE=yes
KERNEL_MODE_DEFAULTS=yes
ENABLED_NO_LIBRARY=yes
ENABLED_BENCHMARK=no
@@ -938,9 +946,9 @@ then
DEF_FAST_MATH=no
fi
if test "$DEF_SP_MATH" = "yes" && (test "$enable_fastmath" = "yes" || test "$enable_fasthugemath" = "yes" || test "$enable_heapmath" = "yes")
if test "$DEF_SP_MATH_ALL" = "yes" && (test "$enable_fastmath" = "yes" || test "$enable_fasthugemath" = "yes" || test "$enable_heapmath" = "yes")
then
DEF_SP_MATH=no
DEF_SP_MATH_ALL=no
fi
# Single Precision maths implementation
@@ -953,7 +961,7 @@ AC_ARG_ENABLE([sp],
AC_ARG_ENABLE([sp-math-all],
[AS_HELP_STRING([--enable-sp-math-all],[Enable Single Precision math implementation for full algorithm suite (default: enabled)])],
[ ENABLED_SP_MATH_ALL=$enableval ],
[ ENABLED_SP_MATH_ALL=$DEF_SP_MATH ],
[ ENABLED_SP_MATH_ALL=$DEF_SP_MATH_ALL ],
)
# Single Precision maths (acceleration for common key sizes and curves)
@@ -985,7 +993,7 @@ then
fi
fi
# enable SP math assembly support automatically for x86_64 and aarch64 (except Linux kernel module)
# enable SP math assembly support automatically for x86_64 and aarch64 (except kernel modules)
SP_ASM_DEFAULT=no
if test "$ENABLED_SP_MATH" = "yes" && test "$KERNEL_MODE_DEFAULTS" = "no"
then
@@ -1272,7 +1280,7 @@ then
if test "$ENABLED_SP_MATH" != "yes"
then
# linuxkm is incompatible with opensslextra and its dependents.
# kernel modules are currently incompatible with opensslextra and its dependents.
if test "$KERNEL_MODE_DEFAULTS" != "yes"
then
test "$enable_opensslextra" = "" && enable_opensslextra=yes
@@ -1318,7 +1326,7 @@ if test "$ENABLED_ALL_OSP" = "yes"
then
if test "$KERNEL_MODE_DEFAULTS" = "yes"
then
AC_MSG_ERROR([--enable-all-osp is incompatible with --enable-linuxkm-defaults])
AC_MSG_ERROR([--enable-all-osp is incompatible with kernel mode defaults])
fi
test "$enable_tailscale" = "" && enable_tailscale=yes
@@ -1593,12 +1601,8 @@ then
# AFALG lacks AES-EAX
test "$enable_aeseax" = "" && test "$enable_afalg" != "yes" && enable_aeseax=yes
test "$enable_sakke" = "" && test "$enable_ecc" != "no" && enable_sakke=yes
if test "$KERNEL_MODE_DEFAULTS" != "yes"
then
test "$enable_cryptocb" = "" && enable_cryptocb=yes
test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
fi
test "$enable_cryptocb" = "" && enable_cryptocb=yes
test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
fi
if test "$ENABLED_FIPS" = "no" || test "$HAVE_FIPS_VERSION" -ge 6
+13 -1
View File
@@ -80,11 +80,21 @@ endif
HOST_EXTRACFLAGS += $(NOSTDINC_FLAGS) $(LINUXINCLUDE) $(KBUILD_CFLAGS) -static -fno-omit-frame-pointer
ifdef CONFIG_CC_IS_CLANG
HOST_EXTRACFLAGS += -mfunction-return=keep
endif
# "-mindirect-branch=keep -mfunction-return=keep" to avoid "undefined reference
# to `__x86_return_thunk'" on CONFIG_RETHUNK kernels (5.19.0-rc7)
ifdef CONFIG_CC_IS_GCC
ifeq "$(KERNEL_ARCH_X86)" "yes"
HOST_EXTRACFLAGS += -mindirect-branch=keep -mfunction-return=keep
endif
endif
ifdef CONFIG_CC_IS_CLANG
WOLFSSL_CFLAGS += -Wno-unused-parameter
endif
# this rule is needed to get build to succeed in 4.x (get_thread_size still doesn't get built)
$(obj)/linuxkm/get_thread_size: $(src)/linuxkm/get_thread_size.c
@@ -93,7 +103,9 @@ ifndef KERNEL_THREAD_STACK_SIZE
$(WOLFSSL_OBJ_TARGETS): | $(obj)/linuxkm/get_thread_size
KERNEL_THREAD_STACK_SIZE=$(shell test -x $(obj)/linuxkm/get_thread_size && $(obj)/linuxkm/get_thread_size || echo 16384)
endif
MAX_STACK_FRAME_SIZE=$(shell echo $$(( $(KERNEL_THREAD_STACK_SIZE) / 4)))
ifndef MAX_STACK_FRAME_SIZE
MAX_STACK_FRAME_SIZE=$(shell echo $$(( $(KERNEL_THREAD_STACK_SIZE) / 4)))
endif
$(LIBWOLFSSL_NAME)-y := $(WOLFSSL_OBJ_FILES) linuxkm/module_hooks.o linuxkm/module_exports.o
+8 -5
View File
@@ -82,7 +82,7 @@ static inline long find_reloc_tab_offset(
unsigned long hop;
if (seg_in_offset >= (size_t)reloc_tab[reloc_tab_len - 1].offset) {
RELOC_DEBUG_PRINTF("ERROR: %s failed.\n", __FUNCTION__);
RELOC_DEBUG_PRINTF("ERROR: %s failed.\n", __func__);
return BAD_FUNC_ARG;
}
@@ -113,7 +113,7 @@ static inline long find_reloc_tab_offset(
#ifdef DEBUG_LINUXKM_PIE_SUPPORT
if (ret < 0)
RELOC_DEBUG_PRINTF("ERROR: %s returning %ld.\n", __FUNCTION__, ret);
RELOC_DEBUG_PRINTF("ERROR: %s returning %ld.\n", __func__, ret);
#endif
return ret;
}
@@ -122,8 +122,11 @@ static inline long find_reloc_tab_offset(
* build and target host, but if we were, these macros would byte swap.
* Currently, we detect and fail early on endianness conflicts.
*/
#define wc_get_unaligned(v) ({ typeof(*(v)) _v_aligned; XMEMCPY((void *)&_v_aligned, (void *)(v), sizeof _v_aligned); _v_aligned; })
#define wc_put_unaligned(v, v_out) do { typeof(v) _v = (v); XMEMCPY((void *)(v_out), (void *)&_v, sizeof(typeof(*(v_out)))); } while (0)
#define wc_get_unaligned(v) (((const struct __attribute__((packed)) { typeof(*(v)) x; } *)(v))->x)
#define wc_put_unaligned(v, v_out) do { \
struct __attribute__((packed)) { typeof(*(v_out)) x; } *_pptr = (typeof(_pptr))(v_out); \
_pptr->x = (v); \
} while (0)
ssize_t wc_reloc_normalize_segment(
const byte *seg_in,
@@ -173,7 +176,7 @@ ssize_t wc_reloc_normalize_segment(
else
{
RELOC_DEBUG_PRINTF("ERROR: %s returning BAD_FUNC_ARG with span %llx-%llx versus text %llx-%llx and rodata %llx-%llx.\n",
__FUNCTION__,
__func__,
(unsigned long long)(uintptr_t)seg_in,
(unsigned long long)(uintptr_t)(seg_in + *seg_in_out_len),
(unsigned long long)seg_map->text_start,
+93 -13
View File
@@ -76,6 +76,31 @@
#define _GCC_STDINT_H
#define WC_PTR_TYPE uintptr_t
#ifdef __clang__
/* inhibit inclusion of LLVM stdint.h (included via LLVM stdatomic.h) to
* avoid conflicts with linux/types.h.
*/
#define __CLANG_STDINT_H
#define uint_least64_t uint64_t
#define int_least64_t int64_t
#define uint_least32_t uint32_t
#define int_least32_t int32_t
#define uint_least16_t uint16_t
#define int_least16_t int16_t
#define uint_least8_t uint8_t
#define int_least8_t int8_t
#define uint_fast64_t uint64_t
#define int_fast64_t int64_t
#define uint_fast32_t uint32_t
#define int_fast32_t int32_t
#define uint_fast16_t uint16_t
#define int_fast16_t int16_t
#define uint_fast8_t uint8_t
#define int_fast8_t int8_t
#define uintmax_t uint64_t
#define intmax_t int64_t
#endif
/* needed to suppress inclusion of stdio.h in wolfssl/wolfcrypt/types.h */
#define XSNPRINTF snprintf
@@ -192,6 +217,7 @@
enum wc_svr_flags {
WC_SVR_FLAG_NONE = 0,
WC_SVR_FLAG_INHIBIT = 1,
WC_SVR_FLAG_FUZZ
};
#if defined(WOLFSSL_AESNI) || defined(USE_INTEL_SPEEDUP) || \
@@ -319,6 +345,10 @@
_Pragma("GCC diagnostic ignored \"-Wcast-function-type\""); /* needed for kernel 4.14.336 */
_Pragma("GCC diagnostic ignored \"-Wformat-nonliteral\""); /* needed for kernel 4.9.282 */
_Pragma("GCC diagnostic ignored \"-Wattributes\"");
#ifdef __clang__
_Pragma("clang diagnostic ignored \"-Wshorten-64-to-32\"");
_Pragma("clang diagnostic ignored \"-Wframe-address\"");
#endif
#ifdef CONFIG_KASAN
#ifndef WC_SANITIZE_DISABLE
@@ -705,11 +735,7 @@
#endif
#endif
#ifndef CAN_SAVE_VECTOR_REGISTERS
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
#define CAN_SAVE_VECTOR_REGISTERS() (wc_can_save_vector_registers_x86() && (SAVE_VECTOR_REGISTERS2_fuzzer() == 0))
#else
#define CAN_SAVE_VECTOR_REGISTERS() wc_can_save_vector_registers_x86()
#endif
#define CAN_SAVE_VECTOR_REGISTERS() wc_can_save_vector_registers_x86()
#endif
#ifndef SAVE_VECTOR_REGISTERS
#define SAVE_VECTOR_REGISTERS(fail_clause) { \
@@ -721,12 +747,7 @@
#endif
#ifndef SAVE_VECTOR_REGISTERS2
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
#define SAVE_VECTOR_REGISTERS2() ({ \
int _fuzzer_ret = SAVE_VECTOR_REGISTERS2_fuzzer(); \
(_fuzzer_ret == 0) ? \
wc_save_vector_registers_x86(WC_SVR_FLAG_NONE) : \
_fuzzer_ret; \
})
#define SAVE_VECTOR_REGISTERS2() wc_save_vector_registers_x86(WC_SVR_FLAG_FUZZ)
#else
#define SAVE_VECTOR_REGISTERS2() wc_save_vector_registers_x86(WC_SVR_FLAG_NONE)
#endif
@@ -784,6 +805,28 @@
_Pragma("GCC diagnostic pop");
#define PTR_ERR(x) ((int)PTR_ERR(x))
#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(7,0,0) && !defined(NO_AES)
/* with CONFIG_FORTIFY_SOURCE we've seen false positive
* maybe-uninitialized on counter in AES_GCM_encrypt_C(). This is easy
* to mitigate with a grafted-on attribute.
*/
#if FIPS_VERSION3_LT(6,0,0)
struct Aes;
WOLFSSL_LOCAL void __attribute__((nonnull(1))) GHASH(struct Aes *aes, const unsigned char* a,
unsigned int aSz, const unsigned char* c,
unsigned int cSz, unsigned char* s, unsigned int sSz);
#else
struct Gcm;
WOLFSSL_LOCAL void __attribute__((nonnull(1))) GHASH(struct Gcm *gcm, const unsigned char* a,
unsigned int aSz, const unsigned char* c,
unsigned int cSz, unsigned char* s, unsigned int sSz);
#endif
/* Need to suppress the otherwise-warned nullness checks in old FIPS aes.c. */
_Pragma("GCC diagnostic ignored \"-Wnonnull-compare\"");
#endif
/* avoid -Wpointer-arith, encountered when -DCONFIG_FORTIFY_SOURCE */
#undef __is_constexpr
#define __is_constexpr(x) __builtin_constant_p(x)
@@ -896,6 +939,13 @@
extern struct WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap);
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef HAVE_OCSP
struct OcspResponse;
extern int CheckOcspResponder(struct OcspResponse *bs, unsigned char* subjectNameHash,
unsigned char* subjectKeyHash, unsigned char extExtKeyUsage, unsigned char* issuerNameHash,
unsigned char* issuerKeyHash);
#endif
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
#if defined(WC_CONTAINERIZE_THIS) && !defined(WC_SYM_RELOC_TABLES)
@@ -994,9 +1044,12 @@
#ifndef __ARCH_STRSTR_NO_REDIRECT
typeof(strstr) *strstr;
#endif
#if LINUX_VERSION_CODE < KERNEL_VERSION(7, 2, 0)
/* note strncpy() purged from kernel by 079a028d63 */
#ifndef __ARCH_STRNCPY_NO_REDIRECT
typeof(strncpy) *strncpy;
#endif
#endif /* LINUX_VERSION_CODE < KERNEL_VERSION(7, 2, 0) */
#ifndef __ARCH_STRNCAT_NO_REDIRECT
typeof(strncat) *strncat;
#endif
@@ -1190,8 +1243,8 @@
typeof(wolfCrypt_FIPS_ft_ro_sanity) *wolfCrypt_FIPS_ft_ro_sanity;
typeof(wolfCrypt_FIPS_f_ro_sanity) *wolfCrypt_FIPS_f_ro_sanity;
typeof(wc_RunAllCast_fips) *wc_RunAllCast_fips;
#endif
#endif
#endif /* FIPS_VERSION3_GE(6,0,0) */
#endif /* HAVE_FIPS */
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
typeof(GetCA) *GetCA;
@@ -1211,6 +1264,10 @@
typeof(wolfSSL_X509_NAME_new_ex) *wolfSSL_X509_NAME_new_ex;
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef HAVE_OCSP
typeof(CheckOcspResponder) *CheckOcspResponder;
#endif
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
typeof(dump_stack) *dump_stack;
@@ -1342,9 +1399,11 @@
#ifndef __ARCH_STRSTR_NO_REDIRECT
#define strstr WC_PIE_INDIRECT_SYM(strstr)
#endif
#if LINUX_VERSION_CODE < KERNEL_VERSION(7, 2, 0)
#ifndef __ARCH_STRNCPY_NO_REDIRECT
#define strncpy WC_PIE_INDIRECT_SYM(strncpy)
#endif
#endif
#ifndef __ARCH_STRNCAT_NO_REDIRECT
#define strncat WC_PIE_INDIRECT_SYM(strncat)
#endif
@@ -1504,6 +1563,10 @@
#define wolfSSL_X509_NAME_new_ex WC_PIE_INDIRECT_SYM(wolfSSL_X509_NAME_new_ex)
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef HAVE_OCSP
#define CheckOcspResponder WC_PIE_INDIRECT_SYM(CheckOcspResponder)
#endif
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
#define dump_stack WC_PIE_INDIRECT_SYM(dump_stack)
@@ -1748,6 +1811,23 @@
#endif /* BUILDING_WOLFSSL */
#if LINUX_VERSION_CODE >= KERNEL_VERSION(7, 2, 0)
/* note strncpy() purged from kernel by 079a028d63 */
static __always_inline char *wc_linuxkm_strncpy(char *dst, const char *src, size_t dsize) {
char *dstart = dst, *dend = dst + dsize;
while (dst < dend) {
if (*src == 0) {
*dst = 0;
/* don't bother zero-filling dst. */
break;
}
*dst++ = *src++;
}
return dstart;
}
#define strncpy wc_linuxkm_strncpy
#endif
#if !defined(BUILDING_WOLFSSL)
/* some caller code needs these. */
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS)
+20 -20
View File
@@ -1201,9 +1201,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
#endif
if (unlikely(IS_ERR(assoc))) {
err = (int)PTR_ERR(assoc);
pr_err("%s: scatterwalk_map failed: %ld\n",
pr_err("%s: scatterwalk_map failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
PTR_ERR(assoc));
(int)PTR_ERR(assoc));
assoc = NULL;
goto out;
}
@@ -1415,9 +1415,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
#endif
if (unlikely(IS_ERR(in_map))) {
err = (int)PTR_ERR(in_map);
pr_err("%s: scatterwalk_map failed: %ld\n",
pr_err("%s: scatterwalk_map failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
PTR_ERR(in_map));
(int)PTR_ERR(in_map));
in_map = NULL;
goto out;
}
@@ -1433,9 +1433,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
#endif
if (unlikely(IS_ERR(out_map))) {
err = (int)PTR_ERR(out_map);
pr_err("%s: scatterwalk_map failed: %ld\n",
pr_err("%s: scatterwalk_map failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
PTR_ERR(out_map));
(int)PTR_ERR(out_map));
out_map = NULL;
goto out;
}
@@ -1916,9 +1916,9 @@ static int AesCcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4309_p)
#endif
if (unlikely(IS_ERR(in_map))) {
err = (int)PTR_ERR(in_map);
pr_err("%s: scatterwalk_map failed: %ld\n",
pr_err("%s: scatterwalk_map failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
PTR_ERR(in_map));
(int)PTR_ERR(in_map));
in_map = NULL;
goto out;
}
@@ -1934,9 +1934,9 @@ static int AesCcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4309_p)
#endif
if (unlikely(IS_ERR(out_map))) {
err = (int)PTR_ERR(out_map);
pr_err("%s: scatterwalk_map failed: %ld\n",
pr_err("%s: scatterwalk_map failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
PTR_ERR(out_map));
(int)PTR_ERR(out_map));
out_map = NULL;
goto out;
}
@@ -3129,8 +3129,8 @@ static int linuxkm_test_aescbc(void)
tfm = crypto_alloc_skcipher(WOLFKM_AESCBC_NAME, 0, 0);
if (IS_ERR(tfm)) {
pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n",
WOLFKM_AESCBC_DRIVER, PTR_ERR(tfm));
pr_err("error: allocating AES skcipher algorithm %s failed: %d\n",
WOLFKM_AESCBC_DRIVER, (int)PTR_ERR(tfm));
tfm = NULL;
goto test_cbc_end;
}
@@ -3342,8 +3342,8 @@ static int linuxkm_test_aescfb(void)
tfm = crypto_alloc_skcipher(WOLFKM_AESCFB_NAME, 0, 0);
if (IS_ERR(tfm)) {
pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n",
WOLFKM_AESCFB_DRIVER, PTR_ERR(tfm));
pr_err("error: allocating AES skcipher algorithm %s failed: %d\n",
WOLFKM_AESCFB_DRIVER, (int)PTR_ERR(tfm));
tfm = NULL;
goto test_cfb_end;
}
@@ -3606,8 +3606,8 @@ static int linuxkm_test_aesgcm(void)
tfm = crypto_alloc_aead(WOLFKM_AESGCM_NAME, 0, 0);
if (IS_ERR(tfm)) {
pr_err("error: allocating AES aead algorithm %s failed: %ld\n",
WOLFKM_AESGCM_DRIVER, PTR_ERR(tfm));
pr_err("error: allocating AES aead algorithm %s failed: %d\n",
WOLFKM_AESGCM_DRIVER, (int)PTR_ERR(tfm));
tfm = NULL;
goto test_gcm_end;
}
@@ -3658,7 +3658,7 @@ static int linuxkm_test_aesgcm(void)
sg_init_table(dst, 2);
sg_set_buf(dst, assoc2, sizeof(assoc));
sg_set_buf(&dst[1], enc2, decryptLen);
sg_set_buf(&dst[1], enc2, (unsigned int)decryptLen);
aead_request_set_callback(req, 0, NULL, NULL);
aead_request_set_ad(req, sizeof(assoc));
@@ -3686,7 +3686,7 @@ static int linuxkm_test_aesgcm(void)
/* Now decrypt crypto request. Reverse src and dst. */
XMEMSET(dec2, 0, decryptLen);
aead_request_set_ad(req, sizeof(assoc));
aead_request_set_crypt(req, dst, src, decryptLen, iv);
aead_request_set_crypt(req, dst, src, (unsigned int)decryptLen, iv);
ret = crypto_aead_decrypt(req);
@@ -4209,7 +4209,7 @@ static int aes_xts_128_test(void)
tfm = crypto_alloc_skcipher(WOLFKM_AESXTS_NAME, 0, 0);
if (IS_ERR(tfm)) {
ret = PTR_ERR(tfm);
ret = (int)PTR_ERR(tfm);
pr_err("error: allocating AES skcipher algorithm %s failed: %d\n",
WOLFKM_AESXTS_DRIVER, ret);
tfm = NULL;
@@ -4706,7 +4706,7 @@ static int aes_xts_256_test(void)
tfm = crypto_alloc_skcipher(WOLFKM_AESXTS_NAME, 0, 0);
if (IS_ERR(tfm)) {
ret = PTR_ERR(tfm);
ret = (int)PTR_ERR(tfm);
pr_err("error: allocating AES skcipher algorithm %s failed: %d\n",
WOLFKM_AESXTS_DRIVER, ret);
tfm = NULL;
+2 -2
View File
@@ -2901,8 +2901,8 @@ static int linuxkm_test_kpp_driver(const char * driver,
* */
tfm = crypto_alloc_kpp(driver, 0, 0);
if (IS_ERR(tfm)) {
pr_err("error: allocating kpp algorithm %s failed: %ld\n",
driver, PTR_ERR(tfm));
pr_err("error: allocating kpp algorithm %s failed: %d\n",
driver, (int)PTR_ERR(tfm));
if (PTR_ERR(tfm) == -ENOMEM)
test_rc = MEMORY_E;
else
+4 -4
View File
@@ -911,15 +911,15 @@ static int linuxkm_test_ecdh_nist_driver(const char * driver,
#if defined(HAVE_FIPS) && defined(CONFIG_CRYPTO_MANAGER) && \
!defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
if ((PTR_ERR(tfm) == -ENOENT) && fips_enabled) {
pr_info("info: skipping unsupported kpp algorithm %s: %ld\n",
driver, PTR_ERR(tfm));
pr_info("info: skipping unsupported kpp algorithm %s: %d\n",
driver, (int)PTR_ERR(tfm));
test_rc = NOT_COMPILED_IN;
}
else
#endif
{
pr_err("error: allocating kpp algorithm %s failed: %ld\n",
driver, PTR_ERR(tfm));
pr_err("error: allocating kpp algorithm %s failed: %d\n",
driver, (int)PTR_ERR(tfm));
if (PTR_ERR(tfm) == -ENOMEM)
test_rc = MEMORY_E;
else
+4 -4
View File
@@ -749,15 +749,15 @@ static int linuxkm_test_ecdsa_nist_driver(const char * driver,
* in kernel crypto/testmgr.c, and the kernel will block
* its allocation if fips_enabled is set. */
if ((PTR_ERR(tfm) == -ENOENT) && fips_enabled) {
pr_info("info: skipping unsupported akcipher algorithm %s: %ld\n",
driver, PTR_ERR(tfm));
pr_info("info: skipping unsupported akcipher algorithm %s: %d\n",
driver, (int)PTR_ERR(tfm));
test_rc = NOT_COMPILED_IN;
}
else
#endif
{
pr_err("error: allocating akcipher algorithm %s failed: %ld\n",
driver, PTR_ERR(tfm));
pr_err("error: allocating akcipher algorithm %s failed: %d\n",
driver, (int)PTR_ERR(tfm));
if (PTR_ERR(tfm) == -ENOMEM)
test_rc = MEMORY_E;
else
+6 -6
View File
@@ -125,8 +125,8 @@ WC_MAYBE_UNUSED static int check_skcipher_driver_masking(struct crypto_skcipher
tfm = crypto_alloc_skcipher(alg_name, 0, 0);
}
if (IS_ERR(tfm)) {
pr_err("error: allocating skcipher algorithm %s failed: %ld\n",
alg_name, PTR_ERR(tfm));
pr_err("error: allocating skcipher algorithm %s failed: %d\n",
alg_name, (int)PTR_ERR(tfm));
return -EINVAL;
}
actual_driver_name = crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
@@ -158,8 +158,8 @@ WC_MAYBE_UNUSED static int check_aead_driver_masking(struct crypto_aead *tfm, co
tfm = crypto_alloc_aead(alg_name, 0, 0);
}
if (IS_ERR(tfm)) {
pr_err("error: allocating AEAD algorithm %s failed: %ld\n",
alg_name, PTR_ERR(tfm));
pr_err("error: allocating AEAD algorithm %s failed: %d\n",
alg_name, (int)PTR_ERR(tfm));
return -EINVAL;
}
actual_driver_name = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
@@ -191,8 +191,8 @@ WC_MAYBE_UNUSED static int check_shash_driver_masking(struct crypto_shash *tfm,
tfm = crypto_alloc_shash(alg_name, 0, 0);
}
if (IS_ERR(tfm)) {
pr_err("error: allocating shash algorithm %s failed: %ld\n",
alg_name, PTR_ERR(tfm));
pr_err("error: allocating shash algorithm %s failed: %d\n",
alg_name, (int)PTR_ERR(tfm));
return -EINVAL;
}
actual_driver_name = crypto_tfm_alg_driver_name(crypto_shash_tfm(tfm));
+6 -6
View File
@@ -2298,8 +2298,8 @@ static int linuxkm_test_rsa_driver(const char * driver, int nbits)
* */
tfm = crypto_alloc_akcipher(driver, 0, 0);
if (IS_ERR(tfm)) {
pr_err("error: allocating akcipher algorithm %s failed: %ld\n",
driver, PTR_ERR(tfm));
pr_err("error: allocating akcipher algorithm %s failed: %d\n",
driver, (int)PTR_ERR(tfm));
tfm = NULL;
goto test_rsa_end;
}
@@ -2722,8 +2722,8 @@ static int linuxkm_test_pkcs1pad_driver(const char * driver, int nbits,
skipped = 1;
}
else {
pr_err("error: allocating akcipher algorithm %s failed: %ld\n",
driver, PTR_ERR(tfm));
pr_err("error: allocating akcipher algorithm %s failed: %d\n",
driver, (int)PTR_ERR(tfm));
if (PTR_ERR(tfm) == -ENOMEM) {
test_rc = MEMORY_E;
}
@@ -3229,8 +3229,8 @@ static int linuxkm_test_pkcs1_driver(const char * driver, int nbits,
skipped = 1;
}
else {
pr_err("error: allocating sig algorithm %s failed: %ld\n",
driver, PTR_ERR(tfm));
pr_err("error: allocating sig algorithm %s failed: %d\n",
driver, (int)PTR_ERR(tfm));
if (PTR_ERR(tfm) == -ENOMEM) {
test_rc = MEMORY_E;
}
+28 -24
View File
@@ -1231,15 +1231,11 @@ static int wc_linuxkm_drbg_generate(struct wc_rng_bank *ctx,
continue;
if (unlikely(ret == WC_NO_ERR_TRACE(RNG_FAILURE_E))) {
if (slen > 0) {
ret = -EINVAL;
if (slen > 0)
break;
}
if (retried) {
ret = -EINVAL;
if (retried)
break;
}
retried = 1;
ret = wc_rng_bank_inst_reinit(ctx,
@@ -1248,20 +1244,21 @@ static int wc_linuxkm_drbg_generate(struct wc_rng_bank *ctx,
WC_RNG_BANK_FLAG_CAN_WAIT);
if (ret == 0) {
pr_warn("WARNING: reinitialized DRBG #%d after RNG_FAILURE_E from wc_RNG_GenerateBlock().\n", raw_smp_processor_id());
pr_warn_ratelimited("WARNING: reinitialized DRBG #%d after RNG_FAILURE_E from wc_RNG_GenerateBlock().\n", raw_smp_processor_id());
continue;
}
else {
pr_warn_once("ERROR: reinitialization of DRBG #%d after RNG_FAILURE_E failed with ret %d.\n", raw_smp_processor_id(), ret);
ret = -EINVAL;
pr_err_ratelimited("ERROR: reinitialization of DRBG #%d after RNG_FAILURE_E failed with ret %d.\n", raw_smp_processor_id(), ret);
break;
}
}
else {
pr_warn_once("ERROR: wc_linuxkm_drbg_generate() wc_RNG_GenerateBlock returned %d.\n",ret);
ret = -EINVAL;
else
break;
}
}
if (ret != 0) {
pr_err_ratelimited("ERROR: wc_linuxkm_drbg_generate() failing on wolfCrypt code %d.\n",ret);
ret = -EINVAL;
}
out:
@@ -1355,7 +1352,12 @@ static int wc_linuxkm_drbg_loaded = 0;
static int wc__get_random_bytes(void *buf, size_t len)
{
struct wc_rng_bank *current_default_wc_rng_bank;
int ret = wc_rng_bank_default_checkout(&current_default_wc_rng_bank);
int ret;
if (len > WC_MAX_UINT_OF(unsigned int))
return -EINVAL;
ret = wc_rng_bank_default_checkout(&current_default_wc_rng_bank);
if (ret) {
#ifdef WC_VERBOSE_RNG
pr_err_ratelimited("ERROR: wc_rng_bank_default_checkout() in wc__get_random_bytes() returned %d.\n", ret);
@@ -1364,7 +1366,7 @@ static int wc__get_random_bytes(void *buf, size_t len)
}
else {
ret = wc_linuxkm_drbg_generate(current_default_wc_rng_bank,
NULL, 0, buf, len);
NULL, 0, buf, (unsigned int)len);
(void)wc_rng_bank_default_checkin(&current_default_wc_rng_bank);
if (ret) {
pr_warn("BUG: wc__get_random_bytes falling through to native get_random_bytes with wc_linuxkm_drbg_default_instance_registered, ret=%d.\n", ret);
@@ -1377,14 +1379,14 @@ static int wc__get_random_bytes(void *buf, size_t len)
/* used by kernel >=5.14.0 */
static ssize_t wc_get_random_bytes_user(struct iov_iter *iter) {
struct wc_rng_bank *current_default_wc_rng_bank;
int ret;
ssize_t ret;
if (unlikely(!iov_iter_count(iter)))
return 0;
ret = wc_rng_bank_default_checkout(&current_default_wc_rng_bank);
if (ret) {
#ifdef WC_VERBOSE_RNG
pr_err_ratelimited("ERROR: wc_rng_bank_default_checkout() in wc_get_random_bytes_user() returned %d.\n", ret);
pr_err_ratelimited("ERROR: wc_rng_bank_default_checkout() in wc_get_random_bytes_user() returned %ld.\n", ret);
#endif
return -ECANCELED;
}
@@ -1396,7 +1398,7 @@ static ssize_t wc_get_random_bytes_user(struct iov_iter *iter) {
ret = wc_linuxkm_drbg_generate(current_default_wc_rng_bank,
NULL, 0, block, sizeof block);
if (unlikely(ret != 0)) {
pr_err("ERROR: wc_get_random_bytes_user() wc_linuxkm_drbg_generate() returned %d.\n", ret);
pr_err("ERROR: wc_get_random_bytes_user() wc_linuxkm_drbg_generate() returned %ld.\n", ret);
break;
}
@@ -1438,7 +1440,7 @@ static ssize_t wc_get_random_bytes_user(struct iov_iter *iter) {
/* used by kernel 4.9.0-5.13.x */
static ssize_t wc_extract_crng_user(void __user *buf, size_t nbytes) {
int ret;
ssize_t ret;
struct wc_rng_bank *current_default_wc_rng_bank;
if (unlikely(!nbytes))
return 0;
@@ -1446,7 +1448,7 @@ static ssize_t wc_extract_crng_user(void __user *buf, size_t nbytes) {
ret = wc_rng_bank_default_checkout(&current_default_wc_rng_bank);
if (ret) {
#ifdef WC_VERBOSE_RNG
pr_err_ratelimited("ERROR: wc_rng_bank_default_checkout() in wc_extract_crng_user() returned %d.\n", ret);
pr_err_ratelimited("ERROR: wc_rng_bank_default_checkout() in wc_extract_crng_user() returned %ld.\n", ret);
#endif
return -ECANCELED;
}
@@ -1458,11 +1460,13 @@ static ssize_t wc_extract_crng_user(void __user *buf, size_t nbytes) {
ret = wc_linuxkm_drbg_generate(current_default_wc_rng_bank,
NULL, 0, block, sizeof block);
if (unlikely(ret != 0)) {
pr_err("ERROR: wc_extract_crng_user() wc_linuxkm_drbg_generate() returned %d.\n", ret);
pr_err("ERROR: wc_extract_crng_user() wc_linuxkm_drbg_generate() returned %ld.\n", ret);
break;
}
this_copied = min(nbytes - total_copied, sizeof(block));
this_copied = nbytes - total_copied;
if (this_copied > sizeof(block))
this_copied = sizeof(block);
if (copy_to_user((byte *)buf + total_copied, block, this_copied)) {
ret = -EFAULT;
break;
@@ -1811,8 +1815,8 @@ static int wc_linuxkm_drbg_startup(void)
{
struct crypto_rng *tfm = crypto_alloc_rng(wc_linuxkm_drbg.base.cra_name, 0, 0);
if (IS_ERR(tfm)) {
pr_err("ERROR: allocating rng algorithm %s failed: %ld\n",
wc_linuxkm_drbg.base.cra_name, PTR_ERR(tfm));
pr_err("ERROR: allocating rng algorithm %s failed: %d\n",
wc_linuxkm_drbg.base.cra_name, (int)PTR_ERR(tfm));
ret = PTR_ERR(tfm);
tfm = NULL;
}
+8 -2
View File
@@ -265,7 +265,7 @@ static ssize_t dump_to_file(const char *path, const u8 *buf, size_t buf_len)
fp = filp_open(path, O_WRONLY | O_CREAT, 0644);
if (IS_ERR(fp)) {
pr_err("libwolfssl: cannot open %s: %ld\n", path, PTR_ERR(fp));
pr_err("libwolfssl: cannot open %s: %d\n", path, (int)PTR_ERR(fp));
return PTR_ERR(fp);
}
@@ -1412,9 +1412,11 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
#ifndef __ARCH_STRSTR_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strstr = strstr;
#endif
#if LINUX_VERSION_CODE < KERNEL_VERSION(7, 2, 0)
#ifndef __ARCH_STRNCPY_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strncpy = strncpy;
#endif
#endif
#ifndef __ARCH_STRNCAT_NO_REDIRECT
wolfssl_linuxkm_pie_redirect_table.strncat = strncat;
#endif
@@ -1689,6 +1691,10 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
wolfssl_linuxkm_pie_redirect_table.wolfSSL_X509_NAME_free = wolfSSL_X509_NAME_free;
wolfssl_linuxkm_pie_redirect_table.wolfSSL_X509_NAME_new_ex = wolfSSL_X509_NAME_new_ex;
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef HAVE_OCSP
wolfssl_linuxkm_pie_redirect_table.CheckOcspResponder = CheckOcspResponder;
#endif
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
wolfssl_linuxkm_pie_redirect_table.dump_stack = dump_stack;
@@ -1867,7 +1873,7 @@ static int updateFipsHash(void)
pr_err("ERROR: crypto_alloc_shash failed: target kernel is missing algorithm implementation for hash type %u\n", FIPS_IN_CORE_HASH_TYPE);
ret = NOT_COMPILED_IN;
} else {
pr_err("ERROR: crypto_alloc_shash failed with ret %ld\n",PTR_ERR(tfm));
pr_err("ERROR: crypto_alloc_shash failed with ret %d\n", (int)PTR_ERR(tfm));
ret = HASH_TYPE_E;
}
tfm = NULL;
+13
View File
@@ -323,6 +323,11 @@ WARN_UNUSED_RESULT int wc_can_save_vector_registers_x86(void)
}
}
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
if (SAVE_VECTOR_REGISTERS2_fuzzer() != 0)
return 0;
#endif
if ((preempt_count() == 0) || may_use_simd())
return 1;
else
@@ -423,6 +428,14 @@ WARN_UNUSED_RESULT int wc_save_vector_registers_x86(enum wc_svr_flags flags)
return 0;
}
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
if (flags & WC_SVR_FLAG_FUZZ) {
int ret = SAVE_VECTOR_REGISTERS2_fuzzer();
if (ret != 0)
return ret;
}
#endif
if ((preempt_count() == 0) || may_use_simd()) {
/* fpregs_lock() calls either local_bh_disable() or preempt_disable()
* depending on CONFIG_PREEMPT_RT -- we call both, explicitly.
-3
View File
@@ -109,7 +109,6 @@ endif
if BUILD_AESNI
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_x86_64_asm.S
if BUILD_X86_ASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
else
@@ -272,7 +271,6 @@ endif BUILD_PPC32_ASM
if BUILD_AESNI
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_x86_64_asm.S
if BUILD_X86_ASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
else
@@ -604,7 +602,6 @@ endif BUILD_PPC32_ASM
if BUILD_AESNI
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_x86_64_asm.S
if BUILD_X86_ASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
else
+26 -26
View File
@@ -14185,9 +14185,9 @@ static int test_wolfSSL_ECH_conn_ex(method_provider serverMeth,
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, WOLFSSL_FILETYPE_PEM));
tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL);
@@ -16358,8 +16358,8 @@ static int test_wolfSSL_sk_SSL_CIPHER(void)
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectNotNull(sk = SSL_get_ciphers(ssl));
ExpectNotNull(dupSk = sk_SSL_CIPHER_dup(sk));
@@ -16394,8 +16394,8 @@ static int test_wolfSSL_set1_curves_list(void)
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, eccCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
@@ -16553,8 +16553,8 @@ static int test_wolfSSL_set1_sigalgs_list(void)
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(NULL, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
@@ -16703,8 +16703,8 @@ static int test_wolfSSL_set_tlsext_status_type(void)
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_set_tlsext_status_type(ssl,TLSEXT_STATUSTYPE_ocsp),
SSL_SUCCESS);
@@ -16774,7 +16774,7 @@ static int test_wolfSSL_X509_ALGOR_get0(void)
const byte badObj[] = { 0x06, 0x00 };
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(alg = X509_get0_tbs_sigalg(x509));
/* Invalid case */
@@ -19807,7 +19807,7 @@ static int test_wolfSSL_X509_SEP(void)
#if 0
/* Use certificate with the extension here. */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
outSz = 0;
ExpectNotNull(out = wolfSSL_X509_get_device_type(x509, NULL, &outSz));
@@ -20592,7 +20592,7 @@ static int test_wolfSSL_CTX_ctrl(void)
SSL_FILETYPE_ASN1));
#else
ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_file(
cliEccCertFile, SSL_FILETYPE_PEM));
cliEccCertFile, WOLFSSL_FILETYPE_PEM));
#endif
ExpectNotNull(pkey = X509_get_pubkey(ecX509));
/* current ECC key is 256 bit (32 bytes) */
@@ -21022,9 +21022,9 @@ static int test_wolfSSL_OCSP_id_get0_info(void)
ASN1_INTEGER* x509Int = NULL;
ExpectNotNull(cert = wolfSSL_X509_load_certificate_file(svrCertFile,
SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caCertFile,
SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(id = OCSP_cert_to_id(NULL, cert, issuer));
ExpectNotNull(id2 = OCSP_cert_to_id(NULL, cert, issuer));
@@ -27379,7 +27379,7 @@ static int test_wolfSSL_crypto_policy_certs_and_keys(void)
if (ctx != NULL) {
/* 1024 RSA */
rc = SSL_CTX_use_PrivateKey_file(ctx, key1024,
SSL_FILETYPE_PEM);
WOLFSSL_FILETYPE_PEM);
if (is_legacy) {
ExpectIntEQ(rc, WOLFSSL_SUCCESS);
@@ -27390,7 +27390,7 @@ static int test_wolfSSL_crypto_policy_certs_and_keys(void)
/* 2048 RSA */
rc = SSL_CTX_use_PrivateKey_file(ctx, key2048,
SSL_FILETYPE_PEM);
WOLFSSL_FILETYPE_PEM);
if (!is_future) {
ExpectIntEQ(rc, WOLFSSL_SUCCESS);
@@ -27401,17 +27401,17 @@ static int test_wolfSSL_crypto_policy_certs_and_keys(void)
/* 3072 RSA */
rc = SSL_CTX_use_PrivateKey_file(ctx, key3072,
SSL_FILETYPE_PEM);
WOLFSSL_FILETYPE_PEM);
ExpectIntEQ(rc, WOLFSSL_SUCCESS);
/* 256 ecc */
rc = SSL_CTX_use_PrivateKey_file(ctx, key256,
SSL_FILETYPE_PEM);
WOLFSSL_FILETYPE_PEM);
ExpectIntEQ(rc, WOLFSSL_SUCCESS);
/* 384 ecc */
rc = SSL_CTX_use_PrivateKey_file(ctx, key384,
SSL_FILETYPE_PEM);
WOLFSSL_FILETYPE_PEM);
ExpectIntEQ(rc, WOLFSSL_SUCCESS);
/* cleanup */
@@ -27867,9 +27867,9 @@ static int test_wolfSSL_SSL_in_init(void)
#endif
if ((testCertFile != NULL) && (testKeyFile != NULL)) {
ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
}
ExpectNotNull(ssl = SSL_new(ctx));
@@ -28192,9 +28192,9 @@ static int test_wolfSSL_set_psk_use_session_callback(void)
#endif
if ((testCertFile != NULL) && (testKeyFile != NULL)) {
ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
}
ExpectNotNull(ssl = SSL_new(ctx));
@@ -28413,9 +28413,9 @@ static int test_SSL_CIPHER_get_xxx(void)
#endif
if (testCertFile != NULL && testKeyFile != NULL) {
ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
SSL_FILETYPE_PEM));
WOLFSSL_FILETYPE_PEM));
}
ExpectNotNull(ssl = SSL_new(ctx));
+5 -5
View File
@@ -1291,22 +1291,22 @@ int test_dtls_rtx_across_epoch_change(void)
/* CH0 */
wolfSSL_SetLoggingPrefix("client:");
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), SSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* HRR */
wolfSSL_SetLoggingPrefix("server:");
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), SSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* CH1 */
wolfSSL_SetLoggingPrefix("client:");
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), SSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* SH ... FINISHED */
wolfSSL_SetLoggingPrefix("server:");
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), SSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* we should have now SH ... FINISHED messages in the buffer*/
ExpectIntGE(test_ctx.c_msg_count, 2);
@@ -1319,7 +1319,7 @@ int test_dtls_rtx_across_epoch_change(void)
/* Read the SH */
wolfSSL_SetLoggingPrefix("client:");
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), SSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* trigger client timeout */
ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+4 -4
View File
@@ -1530,19 +1530,19 @@ int test_dtls13_min_rtx_interval(void)
/* CH0 */
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), SSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* HRR */
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), SSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* CH1 */
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), SSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* SH ... FINISHED */
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), SSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* We should have SH ... FINISHED messages in the buffer */
ExpectIntGE(test_ctx.c_msg_count, 2);
+184 -74
View File
@@ -110,6 +110,8 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
* WOLFSSL_HW_METRICS: Track hardware acceleration usage default: off
*/
#define _WC_BUILDING_AES_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#if !defined(NO_AES)
@@ -827,6 +829,30 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#if !defined(NO_AVX512_SUPPORT) && !defined(HAVE_INTEL_AVX512)
#define HAVE_INTEL_AVX512
#endif
/* Below this threshold the narrower path (AVX1 / AES-NI) is faster on
* Zen 4 than the wide VAES/AVX512 path. Verify and tune
* per-microarchecture.
*/
#ifndef WC_VAES_MIN_BLOCKS
#define WC_VAES_MIN_BLOCKS 8
#elif WC_VAES_MIN_BLOCKS < 1
#error Invalid WC_VAES_MIN_BLOCKS
#endif
/* CFB/ECB: wide ECB setup (key broadcast) doesn't pay off below this. */
#ifndef WC_VAES_ECB_MIN_BLOCKS
#define WC_VAES_ECB_MIN_BLOCKS WC_VAES_MIN_BLOCKS
#elif WC_VAES_ECB_MIN_BLOCKS < 1
#error Invalid WC_VAES_ECB_MIN_BLOCKS
#endif
/* GCM one-shot: AVX2 faster than wide below this (layout/setup, not
* amortization); pure GMAC (sz==0) routes to AVX2 by construction.
*/
#ifndef WC_VAES_GCM_MIN_BLOCKS
#define WC_VAES_GCM_MIN_BLOCKS WC_VAES_MIN_BLOCKS
#elif WC_VAES_GCM_MIN_BLOCKS < 1
#error Invalid WC_VAES_GCM_MIN_BLOCKS
#endif
#endif
void AES_CTR_encrypt_AESNI(const unsigned char* in, unsigned char* out,
@@ -885,13 +911,15 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
unsigned char* out, word32 sz, const unsigned char* key, int nr)
{
#ifdef HAVE_INTEL_AVX512
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_ECB_encrypt_avx512(in, out, sz, key, nr);
}
else
#endif
#ifdef HAVE_INTEL_VAES
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_ECB_encrypt_vaes(in, out, sz, key, nr);
}
else
@@ -912,13 +940,15 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
unsigned char* out, word32 sz, const unsigned char* key, int nr)
{
#ifdef HAVE_INTEL_AVX512
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_ECB_decrypt_avx512(in, out, sz, key, nr);
}
else
#endif
#ifdef HAVE_INTEL_VAES
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_ECB_decrypt_vaes(in, out, sz, key, nr);
}
else
@@ -941,13 +971,15 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
const unsigned char* key, int nr)
{
#ifdef HAVE_INTEL_AVX512
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_CBC_encrypt_avx512(in, out, iv, sz, key, nr);
}
else
#endif
#ifdef HAVE_INTEL_VAES
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_CBC_encrypt_vaes(in, out, iv, sz, key, nr);
}
else
@@ -970,13 +1002,15 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
const unsigned char* key, int nr)
{
#ifdef HAVE_INTEL_AVX512
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_CBC_decrypt_avx512(in, out, iv, sz, key, nr);
}
else
#endif
#ifdef HAVE_INTEL_VAES
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_CBC_decrypt_vaes(in, out, iv, sz, key, nr);
}
else
@@ -998,13 +1032,15 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
unsigned char* ctr)
{
#ifdef HAVE_INTEL_AVX512
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_CTR_encrypt_avx512(in, out, sz, key, nr, ctr);
}
else
#endif
#ifdef HAVE_INTEL_VAES
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_ECB_MIN_BLOCKS) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_CTR_encrypt_vaes(in, out, sz, key, nr, ctr);
}
else
@@ -7959,6 +7995,63 @@ static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
#endif
#if !defined(NO_INLINE) && defined(__GNUC__) && !defined(__cplusplus)
/* Inline for callers here in aes.c, but a callable local function for outside
* callers. Don't use WC_INLINE unconditionally, because we can't count on
* correct behavior beyond gcc/clang, and we don't want the the WC_MAYBE_UNUSED
* attribute in NO_INLINE builds.
*/
WC_INLINE
#endif
int wc_local_AesGcmCheckTagSz(word32 authTagSz) {
#ifdef WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH
#ifdef HAVE_FIPS
#error WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH not allowed with FIPS 140.
#endif
wc_static_assert(WOLFSSL_MIN_AUTH_TAG_SZ >= 4);
if ((authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
(authTagSz > WC_AES_BLOCK_SIZE))
{
WOLFSSL_MSG("AES-GCM unsupported authTagSz");
return BAD_FUNC_ARG;
}
else
return 0;
#else
/* A switch is actually better for the optimizer than most hand-rolled
* equivalents, because it hands the compiler the exact value set and lets
* it pick the best lowering per WOLFSSL_MIN_AUTH_TAG_SZ configuration.
*/
switch (authTagSz) {
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 4
case 4:
#endif
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 8
case 8:
#endif
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 12
case 12:
#endif
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 13
case 13:
#endif
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 14
case 14:
#endif
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 15
case 15:
#endif
#if WOLFSSL_MIN_AUTH_TAG_SZ <= 16
case 16:
#endif
return 0;
default:
WOLFSSL_MSG("AES-GCM unsupported authTagSz");
return BAD_FUNC_ARG;
}
#endif
}
#if defined(WOLFSSL_RISCV_ASM)
/* implemented in wolfcrypt/src/port/risc-v/riscv-64-aes.c */
@@ -8476,10 +8569,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
word32 blocks, partial;
byte* h;
if (gcm == NULL) {
return;
}
h = gcm->H;
XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
@@ -8811,10 +8900,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
byte scratch[WC_AES_BLOCK_SIZE];
word32 blocks, partial;
if (gcm == NULL) {
return;
}
XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
/* Hash in A, the Additional Authentication Data */
@@ -9303,10 +9388,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
byte scratch[WC_AES_BLOCK_SIZE];
word32 blocks, partial;
if (gcm == NULL) {
return;
}
XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
/* Hash in A, the Additional Authentication Data */
@@ -9459,10 +9540,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
word32 blocks, partial;
word64 bigH[2];
if (gcm == NULL) {
return;
}
XMEMCPY(bigH, gcm->H, WC_AES_BLOCK_SIZE);
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords64(bigH, bigH, WC_AES_BLOCK_SIZE);
@@ -9776,10 +9853,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
word32 blocks, partial;
word32 bigH[4];
if (gcm == NULL) {
return;
}
XMEMCPY(bigH, gcm->H, WC_AES_BLOCK_SIZE);
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords(bigH, bigH, WC_AES_BLOCK_SIZE);
@@ -10168,14 +10241,13 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
word32 keySize;
/* argument checks */
if (aes == NULL || authTagSz > WC_AES_BLOCK_SIZE || ivSz == 0) {
if (aes == NULL || ivSz == 0) {
return BAD_FUNC_ARG;
}
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
return BAD_FUNC_ARG;
}
status = wc_local_AesGcmCheckTagSz(authTagSz);
if (status != 0)
return status;
status = wc_AesGetKeySize(aes, &keySize);
if (status)
@@ -10699,16 +10771,15 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
* out are don't cares (GMAC case), matching wc_AesGcmDecrypt. */
if (aes == NULL || iv == NULL || ivSz == 0 ||
(sz != 0 && (in == NULL || out == NULL)) ||
authTag == NULL || authTagSz > WC_AES_BLOCK_SIZE ||
authTag == NULL ||
((authInSz > 0) && (authIn == NULL)))
{
return BAD_FUNC_ARG;
}
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
return BAD_FUNC_ARG;
}
ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret != 0)
return ret;
#ifdef WOLF_CRYPTO_CB
#ifndef WOLF_CRYPTO_CB_FIND
@@ -10837,7 +10908,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
#ifdef WOLFSSL_AESNI
if (aes->use_aesni) {
#ifdef HAVE_INTEL_AVX512
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_GCM_MIN_BLOCKS) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_GCM_encrypt_avx512(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
authTagSz, (const byte*)aes->key, (int)aes->rounds);
ret = 0;
@@ -10845,7 +10917,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
else
#endif
#ifdef HAVE_INTEL_VAES
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_GCM_MIN_BLOCKS) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_GCM_encrypt_vaes(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
authTagSz, (const byte*)aes->key, (int)aes->rounds);
ret = 0;
@@ -10904,13 +10977,16 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
/* If the sz is non-zero, both in and out must be set. If sz is 0,
* in and out are don't cares, as this is is the GMAC case. */
if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
authTag == NULL || authTagSz > WC_AES_BLOCK_SIZE ||
authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ || ivSz == 0 ||
authTag == NULL || ivSz == 0 ||
((authInSz > 0) && (authIn == NULL)))
{
return BAD_FUNC_ARG;
}
ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret != 0)
return ret;
ret = wc_AesGetKeySize(aes, &keySize);
if (ret != 0) {
return ret;
@@ -11470,12 +11546,15 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
/* If the sz is non-zero, both in and out must be set. If sz is 0,
* in and out are don't cares, as this is is the GMAC case. */
if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
authTag == NULL || authTagSz > WC_AES_BLOCK_SIZE ||
authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ || ivSz == 0) {
authTag == NULL || ivSz == 0)
{
return BAD_FUNC_ARG;
}
ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret != 0)
return ret;
#ifdef WOLF_CRYPTO_CB
#ifndef WOLF_CRYPTO_CB_FIND
if (aes->devId != INVALID_DEVID)
@@ -11611,7 +11690,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
#ifdef WOLFSSL_AESNI
if (aes->use_aesni) {
#ifdef HAVE_INTEL_AVX512
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_GCM_MIN_BLOCKS) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_GCM_decrypt_avx512(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
if (res == 0)
@@ -11622,7 +11702,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
else
#endif
#ifdef HAVE_INTEL_VAES
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_AES_BLOCK_SIZE * WC_VAES_GCM_MIN_BLOCKS) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_GCM_decrypt_vaes(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
if (res == 0)
@@ -12094,14 +12175,16 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
if (blocks > 0) {
/* GHASH full blocks now. */
#ifdef HAVE_INTEL_AVX512
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_GCM_aad_update_avx512(a, blocks * WC_AES_BLOCK_SIZE,
AES_TAG(aes), aes->gcm.H);
}
else
#endif
#ifdef HAVE_INTEL_VAES
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_GCM_aad_update_vaes(a, blocks * WC_AES_BLOCK_SIZE,
AES_TAG(aes), aes->gcm.H);
}
@@ -12268,7 +12351,8 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
if (blocks > 0) {
/* Encrypt and GHASH full blocks now. */
#ifdef HAVE_INTEL_AVX512
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_GCM_encrypt_update_avx512((byte*)aes->key, (int)aes->rounds,
c, p, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
AES_COUNTER(aes));
@@ -12276,7 +12360,8 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
else
#endif
#ifdef HAVE_INTEL_VAES
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_GCM_encrypt_update_vaes((byte*)aes->key, (int)aes->rounds,
c, p, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
AES_COUNTER(aes));
@@ -12593,7 +12678,8 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
if (blocks > 0) {
/* Decrypt and GHASH full blocks now. */
#ifdef HAVE_INTEL_AVX512
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_GCM_decrypt_update_avx512((byte*)aes->key, (int)aes->rounds,
p, c, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
AES_COUNTER(aes));
@@ -12601,7 +12687,8 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
else
#endif
#ifdef HAVE_INTEL_VAES
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((blocks >= WC_VAES_GCM_MIN_BLOCKS) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_GCM_decrypt_update_vaes((byte*)aes->key, (int)aes->rounds,
p, c, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
AES_COUNTER(aes));
@@ -13487,11 +13574,13 @@ int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag, word32 authTagSz)
int ret = 0;
/* Check validity of parameters. */
if ((aes == NULL) || (authTag == NULL) || (authTagSz > WC_AES_BLOCK_SIZE) ||
(authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ)) {
if ((aes == NULL) || (authTag == NULL)) {
ret = BAD_FUNC_ARG;
}
if (ret == 0)
ret = wc_local_AesGcmCheckTagSz(authTagSz);
/* Check key has been set. */
if ((ret == 0) && (!aes->gcmKeySet)) {
ret = MISSING_KEY;
@@ -13629,11 +13718,13 @@ int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, word32 authTagSz)
int ret = 0;
/* Check validity of parameters. */
if ((aes == NULL) || (authTag == NULL) || (authTagSz > WC_AES_BLOCK_SIZE) ||
(authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ)) {
if ((aes == NULL) || (authTag == NULL)) {
ret = BAD_FUNC_ARG;
}
if (ret == 0)
ret = wc_local_AesGcmCheckTagSz(authTagSz);
/* Check key has been set. */
if ((ret == 0) && (!aes->gcmKeySet)) {
ret = MISSING_KEY;
@@ -13886,6 +13977,9 @@ int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len)
}
/* Note, wc_GmacUpdate() is not a streaming API, it's a one-shot calculation of
* the authTag.
*/
int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz)
@@ -15446,19 +15540,29 @@ static WARN_UNUSED_RESULT int AesCfbDecrypt_C(Aes* aes, byte* out,
!defined(WOLFSSL_PIC32MZ_CRYPT) && \
(defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_ARMASM))
{
ALIGN16 byte tmp[4 * WC_AES_BLOCK_SIZE];
while (sz >= 4 * WC_AES_BLOCK_SIZE) {
#ifndef WC_AES_CFB_DEC_BUF_BLOCKS
#define WC_AES_CFB_DEC_BUF_BLOCKS 32
#elif WC_AES_CFB_DEC_BUF_BLOCKS < 2
#error Invalid WC_AES_CFB_DEC_BUF_BLOCKS
#endif
ALIGN16 byte tmp[WC_AES_CFB_DEC_BUF_BLOCKS * WC_AES_BLOCK_SIZE];
while (sz >= 2 * WC_AES_BLOCK_SIZE) {
word32 blocks = sz / WC_AES_BLOCK_SIZE;
word32 nbytes;
if (blocks > WC_AES_CFB_DEC_BUF_BLOCKS)
blocks = WC_AES_CFB_DEC_BUF_BLOCKS;
nbytes = blocks * WC_AES_BLOCK_SIZE;
XMEMCPY(tmp, aes->reg, WC_AES_BLOCK_SIZE);
XMEMCPY(tmp + WC_AES_BLOCK_SIZE, in, 3 * WC_AES_BLOCK_SIZE);
XMEMCPY(aes->reg, in + 3 * WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
ret = wc_AesEcbEncrypt(aes, tmp, tmp, 4 * WC_AES_BLOCK_SIZE);
XMEMCPY(tmp + WC_AES_BLOCK_SIZE, in, nbytes - WC_AES_BLOCK_SIZE);
XMEMCPY(aes->reg, in + nbytes - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
ret = wc_AesEcbEncrypt(aes, tmp, tmp, nbytes);
if (ret != 0) {
break;
}
xorbufout(out, in, tmp, 4 * WC_AES_BLOCK_SIZE);
out += 4 * WC_AES_BLOCK_SIZE;
in += 4 * WC_AES_BLOCK_SIZE;
sz -= 4 * WC_AES_BLOCK_SIZE;
xorbufout(out, in, tmp, nbytes);
out += nbytes;
in += nbytes;
sz -= nbytes;
}
}
#endif
@@ -16753,7 +16857,8 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
if (aes->use_aesni) {
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#if defined(HAVE_INTEL_AVX512)
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_XTS_encrypt_avx512(in, out, sz, i,
(const byte*)aes->key,
(const byte*)xaes->tweak.key,
@@ -16763,7 +16868,8 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
else
#endif
#if defined(HAVE_INTEL_VAES)
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_XTS_encrypt_vaes(in, out, sz, i,
(const byte*)aes->key,
(const byte*)xaes->tweak.key,
@@ -16988,7 +17094,8 @@ static int AesXtsEncryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 s
if (aes->use_aesni) {
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#if defined(HAVE_INTEL_AVX512)
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_XTS_encrypt_update_avx512(in, out, sz,
(const byte*)aes->key,
stream->tweak_block,
@@ -17292,7 +17399,8 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
if (aes->use_aesni) {
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#if defined(HAVE_INTEL_AVX512)
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_XTS_decrypt_avx512(in, out, sz, i,
(const byte*)aes->key,
(const byte*)xaes->tweak.key,
@@ -17522,7 +17630,8 @@ static int AesXtsDecryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 s
if (aes->use_aesni) {
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#if defined(HAVE_INTEL_AVX512)
if (IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
IS_INTEL_AVX512(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_XTS_decrypt_update_avx512(in, out, sz,
(const byte*)aes->key,
stream->tweak_block,
@@ -17532,7 +17641,8 @@ static int AesXtsDecryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 s
else
#endif
#if defined(HAVE_INTEL_VAES)
if (IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
if ((sz >= WC_VAES_ECB_MIN_BLOCKS * WC_AES_BLOCK_SIZE) &&
IS_INTEL_AVX2(intel_flags) && IS_INTEL_VAES(intel_flags)) {
AES_XTS_decrypt_update_vaes(in, out, sz,
(const byte*)aes->key,
stream->tweak_block,
+3 -3
View File
@@ -15340,10 +15340,10 @@ int GetFormattedTime_ex(void* currTime, byte* buf, word32 len, byte format)
if (format == ASN_UTC_TIME) {
/* UTC Time */
if (ts->tm_year >= 50 && ts->tm_year < 100) {
year = ts->tm_year;
year = (int)ts->tm_year;
}
else {
year = ts->tm_year - 100;
year = (int)ts->tm_year - 100;
}
mon = ts->tm_mon + 1;
day = ts->tm_mday;
@@ -15360,7 +15360,7 @@ int GetFormattedTime_ex(void* currTime, byte* buf, word32 len, byte format)
}
else {
/* GeneralizedTime */
year = ts->tm_year + 1900;
year = (int)ts->tm_year + 1900;
mon = ts->tm_mon + 1;
day = ts->tm_mday;
hour = ts->tm_hour;
+2
View File
@@ -19,6 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define _WC_BUILDING_CMAC_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef WOLFSSL_QNX_CAAM
+3 -1
View File
@@ -29,7 +29,9 @@
* secret. Requires CURVE25519_SMALL. Default: off.
*/
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#define _WC_BUILDING_CURVE25519_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef NO_CURVED25519_X64
#undef USE_INTEL_SPEEDUP
+2
View File
@@ -37,6 +37,8 @@
* default: off
*/
#define _WC_BUILDING_CURVE448_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef HAVE_CURVE448
+2
View File
@@ -19,6 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define _WC_BUILDING_DH_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifndef NO_DH
+2
View File
@@ -19,6 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define _WC_BUILDING_ECC_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef WOLFSSL_ECC_NO_SMALL_STACK
+2
View File
@@ -28,6 +28,8 @@
* Check that the private key didn't change during the signing operations.
*/
#define _WC_BUILDING_ED25519_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef HAVE_ED25519
+2
View File
@@ -30,6 +30,8 @@
* Check that the private key didn't change during the signing operations.
*/
#define _WC_BUILDING_ED448_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef HAVE_ED448
+2
View File
@@ -35,6 +35,8 @@
* WOLFSSL_KCAPI_HMAC: Linux kernel crypto API for HMAC default: off
*/
#define _WC_BUILDING_HMAC_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifndef NO_HMAC
+2
View File
@@ -19,6 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define _WC_BUILDING_KDF_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifndef NO_KDF
+20 -3
View File
@@ -15262,9 +15262,26 @@ authenv_atrbend:
}
if (ret == 0 &&
(encOID == AES128GCMb || encOID == AES192GCMb ||
encOID == AES256GCMb) &&
authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("AuthEnvelopedData GCM authTag too small");
encOID == AES256GCMb)) {
#if (defined(HAVE_FIPS) && FIPS_VERSION3_LT(7,0,0)) || \
defined(HAVE_SELFTEST) || !defined(HAVE_AESGCM)
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("AuthEnvelopedData GCM authTag too small");
ret = ASN_PARSE_E;
}
#else
ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret != 0) {
ret = ASN_PARSE_E;
WOLFSSL_MSG("AuthEnvelopedData GCM authTag invalid size");
}
#endif
}
if (ret == 0 &&
(encOID == AES128CCMb || encOID == AES192CCMb ||
encOID == AES256CCMb) &&
authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("AuthEnvelopedData CCM authTag too small");
ret = ASN_PARSE_E;
}
@@ -354,10 +354,9 @@ int wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
return BAD_FUNC_ARG;
}
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
return BAD_FUNC_ARG;
}
ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret != 0)
return ret;
if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
+6 -16
View File
@@ -584,15 +584,10 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
WOLFSSL_MSG("IV size not supported on system");
return BAD_FUNC_ARG;
}
if (authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ) {
WOLFSSL_MSG("Authentication tag size not supported on system");
return BAD_FUNC_ARG;
}
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
return BAD_FUNC_ARG;
}
ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret != 0)
return ret;
if (aes->alFd == WC_SOCK_NOTSET) {
WOLFSSL_MSG("AF_ALG GcmEncrypt called with alFd unset");
@@ -796,15 +791,10 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
WOLFSSL_MSG("IV size not supported on system");
return BAD_FUNC_ARG;
}
if (authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ) {
WOLFSSL_MSG("Authentication tag size not supported on system");
return BAD_FUNC_ARG;
}
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
return BAD_FUNC_ARG;
}
ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret != 0)
return ret;
if (aes->rdFd == WC_SOCK_NOTSET) {
aes->dir = AES_DECRYPTION;
+7 -4
View File
@@ -357,10 +357,9 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
return BAD_FUNC_ARG;
}
int ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret != 0)
return ret;
return wc_DevCrypto_AesGcm(aes, out, (byte*)in, sz, iv, ivSz,
authTag, authTagSz, authIn, authInSz,
@@ -374,6 +373,10 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
int ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret != 0)
return ret;
return wc_DevCrypto_AesGcm(aes, out, (byte*)in, sz, iv, ivSz,
(byte*)authTag, authTagSz, authIn, authInSz,
COP_DECRYPT);
+4 -8
View File
@@ -246,10 +246,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
ret = BAD_FUNC_ARG;
}
if ((ret == 0) && (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ)) {
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
ret = BAD_FUNC_ARG;
}
if (ret == 0)
ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret == 0) {
ret = kcapi_aead_init(&aes->handle, WC_NAME_AESGCM, 0);
@@ -361,10 +359,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
ret = BAD_FUNC_ARG;
}
if ((ret == 0) && (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ)) {
WOLFSSL_MSG("GcmDecrypt authTagSz too small error");
ret = BAD_FUNC_ARG;
}
if (ret == 0)
ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret == 0) {
ret = kcapi_aead_init(&aes->handle, WC_NAME_AESGCM, 0);
+10 -19
View File
@@ -4552,7 +4552,6 @@ static WC_INLINE void FlattenSzInBits(byte* buf, word32 sz)
void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
byte* s, word32 sSz)
{
if (gcm != NULL) {
ALIGN8 byte x[WC_AES_BLOCK_SIZE];
ALIGN8 byte scratch[WC_AES_BLOCK_SIZE];
byte* h = gcm->H;
@@ -4688,7 +4687,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
/* Copy the result into s. */
XMEMCPY(s, x, sSz);
}
}
#define HAVE_GHASH
@@ -5295,7 +5293,6 @@ static void ghash_blocks(byte* x, byte* y, const byte* in, word32 blocks)
void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
byte* s, word32 sSz)
{
if (gcm != NULL) {
ALIGN8 byte x[WC_AES_BLOCK_SIZE];
ALIGN8 byte scratch[WC_AES_BLOCK_SIZE];
word32 blocks, partial;
@@ -5343,7 +5340,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
/* Copy the result into s. */
XMEMCPY(s, x, sSz);
}
}
#define HAVE_GHASH
@@ -6932,11 +6928,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
ret = BAD_FUNC_ARG;
}
if ((ret == 0) && ((tagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
(tagSz > WC_AES_BLOCK_SIZE))) {
WOLFSSL_MSG("GcmEncrypt tagSz error");
ret = BAD_FUNC_ARG;
}
if (ret == 0)
ret = wc_local_AesGcmCheckTagSz(tagSz);
if (ret == 0) {
switch (aes->rounds) {
@@ -8572,13 +8565,15 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
/* sanity checks */
if ((aes == NULL) || (nonce == NULL) || (tag == NULL) ||
(tagSz > WC_AES_BLOCK_SIZE) || (tagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
((aad == NULL) && (aadSz > 0)) || (nonceSz == 0) ||
((sz != 0) && ((in == NULL) || (out == NULL)))) {
WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
return BAD_FUNC_ARG;
}
if (ret == 0)
ret = wc_local_AesGcmCheckTagSz(tagSz);
if (ret == 0) {
switch (aes->rounds) {
#ifdef WOLFSSL_AES_128
@@ -8721,7 +8716,6 @@ static WC_INLINE void GMULT(byte *x, byte m[32][WC_AES_BLOCK_SIZE])
void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
byte* s, word32 sSz)
{
if (gcm != NULL) {
ALIGN8 byte x[WC_AES_BLOCK_SIZE];
ALIGN8 byte scratch[WC_AES_BLOCK_SIZE];
word32 blocks, partial;
@@ -8770,7 +8764,6 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
/* Copy the result into s. */
XMEMCPY(s, x, sSz);
}
}
#endif /* !HAVE_GHASH */
@@ -8835,12 +8828,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
ret = BAD_FUNC_ARG;
}
if ((ret == 0) && ((tagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
(tagSz > WC_AES_BLOCK_SIZE))) {
WOLFSSL_MSG("GcmEncrypt tagSz error");
ret = BAD_FUNC_ARG;
}
if (ret == 0)
ret = wc_local_AesGcmCheckTagSz(tagSz);
if (ret == 0) {
if (nonceSz == GCM_NONCE_MID_SZ) {
@@ -8931,13 +8920,15 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
/* Validate parameters. */
if ((aes == NULL) || (nonce == NULL) || (tag == NULL) ||
(tagSz > WC_AES_BLOCK_SIZE) || (tagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
((aad == NULL) && (aadSz > 0)) || (nonceSz == 0) ||
((sz != 0) && ((in == NULL) || (out == NULL)))) {
WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
ret = BAD_FUNC_ARG;
}
if (ret == 0)
ret = wc_local_AesGcmCheckTagSz(tagSz);
if (ret == 0) {
if (nonceSz == GCM_NONCE_MID_SZ) {
/* Counter is IV with bottom 4 bytes set to: 0x00,0x00,0x00,0x01. */
+4 -3
View File
@@ -687,9 +687,10 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
return BAD_FUNC_ARG;
}
int ret = wc_local_AesGcmCheckTagSz(authTagSz);
if (ret != 0)
return ret;
return AesAuthEncrypt(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
authIn, authInSz, AES_CFG_MODE_GCM_HY0CALC);
}
+2
View File
@@ -19,6 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define _WC_BUILDING_PWDBASED_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifndef NO_PWDBASED
+4 -2
View File
@@ -102,6 +102,8 @@ This library contains implementation for the random number generator.
* WOLFSSL_XILINX_CRYPT_VERSAL: Xilinx Versal crypto RNG default: off
*/
#define _WC_BUILDING_RANDOM_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
/* on HPUX 11 you may need to install /dev/random see
@@ -553,7 +555,7 @@ static int Hash_df(DRBG_internal* drbg, byte* out, word32 outSz, byte type,
#ifdef WC_VERBOSE_RNG
if (ret != 0)
WOLFSSL_DEBUG_PRINTF("ERROR: %s failed with err = %d", __FUNCTION__,
WOLFSSL_DEBUG_PRINTF("ERROR: %s failed with err = %d", __func__,
ret);
#endif
@@ -1146,7 +1148,7 @@ static int Hash512_df(DRBG_SHA512_internal* drbg, byte* out, word32 outSz,
#ifdef WC_VERBOSE_RNG
if (ret != 0)
WOLFSSL_DEBUG_PRINTF("ERROR: %s failed with err = %d", __FUNCTION__,
WOLFSSL_DEBUG_PRINTF("ERROR: %s failed with err = %d", __func__,
ret);
#endif
+2
View File
@@ -27,6 +27,8 @@ RSA keys can be used to encrypt, decrypt, sign and verify data.
*/
#define _WC_BUILDING_RSA_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifndef NO_RSA
+2
View File
@@ -39,6 +39,8 @@
* PSOC6_HASH_SHA1: PSoC6 hardware SHA-1 default: off
*/
#define _WC_BUILDING_SHA_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef DEBUG_WOLFSSL_VERBOSE
+2
View File
@@ -38,6 +38,8 @@ on the specific device platform.
*/
#define _WC_BUILDING_SHA256_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
/*
+95 -30
View File
@@ -38,6 +38,8 @@
* PSOC6_HASH_SHA3: PSoC6 hardware SHA-3 default: off
*/
#define _WC_BUILDING_SHA3_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef WC_SHA3_NO_ASM
@@ -798,12 +800,26 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
word32 check = 0;
word32 total_check = 0;
#endif
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
if (SHA3_BLOCK == sha3_block_avx2) {
SAVE_VECTOR_REGISTERS(return _svr_ret;);
}
#ifdef USE_INTEL_SPEEDUP
#ifdef WC_C_DYNAMIC_FALLBACK
void (*sha3_block)(word64 *s) = SHA3_BLOCK;
void (*sha3_block_n)(word64 *s, const byte* data, word32 n,
word64 c) = SHA3_BLOCK_N;
#endif
if (sha3_block == sha3_block_avx2) {
int ret = SAVE_VECTOR_REGISTERS2();
if (ret != 0) {
#ifdef WC_C_DYNAMIC_FALLBACK
sha3_block = BlockSha3;
sha3_block_n = NULL;
#else
return ret;
#endif
}
}
#endif /* USE_INTEL_SPEEDUP */
if (sha3->i > 0) {
byte *t;
byte l = (byte)(p * 8 - sha3->i);
@@ -846,7 +862,7 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
#endif
#endif
#ifdef SHA3_FUNC_PTR
(*SHA3_BLOCK)(sha3->s);
(*sha3_block)(sha3->s);
#else
BlockSha3(sha3->s);
#endif
@@ -855,8 +871,8 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
}
blocks = len / (p * 8U);
#ifdef SHA3_FUNC_PTR
if ((SHA3_BLOCK_N != NULL) && (blocks > 0)) {
(*SHA3_BLOCK_N)(sha3->s, data, blocks, p * 8U);
if ((sha3_block_n != NULL) && (blocks > 0)) {
(*sha3_block_n)(sha3->s, data, blocks, p * 8U);
len -= blocks * (p * 8U);
data += blocks * (p * 8U);
blocks = 0;
@@ -882,7 +898,7 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
#endif
#endif
#ifdef SHA3_FUNC_PTR
(*SHA3_BLOCK)(sha3->s);
(*sha3_block)(sha3->s);
#else
BlockSha3(sha3->s);
#endif
@@ -894,8 +910,8 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
return BAD_COND_E;
}
#endif
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
if (SHA3_BLOCK == sha3_block_avx2) {
#ifdef USE_INTEL_SPEEDUP
if (sha3_block == sha3_block_avx2) {
RESTORE_VECTOR_REGISTERS();
}
#endif
@@ -925,6 +941,9 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
#ifdef WC_SHA3_FAULT_HARDEN
int check = 0;
#endif
#if defined(WC_C_DYNAMIC_FALLBACK) && defined(USE_INTEL_SPEEDUP)
void (*sha3_block)(word64 *s) = SHA3_BLOCK;
#endif
#if !defined(BIG_ENDIAN_ORDER) && !defined(WC_SHA3_FAULT_HARDEN)
xorbuf(sha3->s, sha3->t, sha3->i);
@@ -960,14 +979,22 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
#endif
#endif
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
if (SHA3_BLOCK == sha3_block_avx2)
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#ifdef USE_INTEL_SPEEDUP
if (sha3_block == sha3_block_avx2) {
int ret = SAVE_VECTOR_REGISTERS2();
if (ret != 0) {
#ifdef WC_C_DYNAMIC_FALLBACK
sha3_block = BlockSha3;
#else
return ret;
#endif
}
}
#endif
for (j = 0; l - j >= rate; j += rate) {
#ifdef SHA3_FUNC_PTR
(*SHA3_BLOCK)(sha3->s);
(*sha3_block)(sha3->s);
#else
BlockSha3(sha3->s);
#endif
@@ -979,7 +1006,7 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
}
if (j != l) {
#ifdef SHA3_FUNC_PTR
(*SHA3_BLOCK)(sha3->s);
(*sha3_block)(sha3->s);
#else
BlockSha3(sha3->s);
#endif
@@ -988,8 +1015,8 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
#endif
XMEMCPY(hash + j, sha3->s, l - j);
}
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
if (SHA3_BLOCK == sha3_block_avx2) {
#ifdef USE_INTEL_SPEEDUP
if (sha3_block == sha3_block_avx2) {
RESTORE_VECTOR_REGISTERS();
}
#endif
@@ -1950,16 +1977,34 @@ int wc_Shake128_Absorb(wc_Shake* shake, const byte* data, word32 len)
*/
int wc_Shake128_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
{
#if defined(WC_C_DYNAMIC_FALLBACK) && defined(USE_INTEL_SPEEDUP)
void (*sha3_block)(word64 *s);
#endif
if ((shake == NULL) || (out == NULL && blockCnt != 0)) {
return BAD_FUNC_ARG;
}
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
if (SHA3_BLOCK == sha3_block_avx2)
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#ifdef USE_INTEL_SPEEDUP
#ifdef WC_C_DYNAMIC_FALLBACK
sha3_block = SHA3_BLOCK;
#endif
if (sha3_block == sha3_block_avx2) {
int ret = SAVE_VECTOR_REGISTERS2();
if (ret != 0) {
#ifdef WC_C_DYNAMIC_FALLBACK
sha3_block = BlockSha3;
#else
return ret;
#endif
}
}
#endif /* USE_INTEL_SPEEDUP */
for (; (blockCnt > 0); blockCnt--) {
#ifdef SHA3_FUNC_PTR
(*SHA3_BLOCK)(shake->s);
(*sha3_block)(shake->s);
#else
BlockSha3(shake->s);
#endif
@@ -1970,8 +2015,9 @@ int wc_Shake128_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
#endif
out += WC_SHA3_128_COUNT * 8;
}
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
if (SHA3_BLOCK == sha3_block_avx2)
#ifdef USE_INTEL_SPEEDUP
if (sha3_block == sha3_block_avx2)
RESTORE_VECTOR_REGISTERS();
#endif
@@ -2191,16 +2237,34 @@ int wc_Shake256_Absorb(wc_Shake* shake, const byte* data, word32 len)
*/
int wc_Shake256_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
{
#if defined(WC_C_DYNAMIC_FALLBACK) && defined(USE_INTEL_SPEEDUP)
void (*sha3_block)(word64 *s);
#endif
if ((shake == NULL) || (out == NULL && blockCnt != 0)) {
return BAD_FUNC_ARG;
}
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
if (SHA3_BLOCK == sha3_block_avx2)
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#ifdef USE_INTEL_SPEEDUP
#ifdef WC_C_DYNAMIC_FALLBACK
sha3_block = SHA3_BLOCK;
#endif
if (sha3_block == sha3_block_avx2) {
int ret = SAVE_VECTOR_REGISTERS2();
if (ret != 0) {
#ifdef WC_C_DYNAMIC_FALLBACK
sha3_block = BlockSha3;
#else
return ret;
#endif
}
}
#endif /* USE_INTEL_SPEEDUP */
for (; (blockCnt > 0); blockCnt--) {
#ifdef SHA3_FUNC_PTR
(*SHA3_BLOCK)(shake->s);
(*sha3_block)(shake->s);
#else
BlockSha3(shake->s);
#endif
@@ -2211,8 +2275,9 @@ int wc_Shake256_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
#endif
out += WC_SHA3_256_COUNT * 8;
}
#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
if (SHA3_BLOCK == sha3_block_avx2)
#ifdef USE_INTEL_SPEEDUP
if (sha3_block == sha3_block_avx2)
RESTORE_VECTOR_REGISTERS();
#endif
+2
View File
@@ -54,6 +54,8 @@
* WOLFSSL_RENESAS_RSIP: Renesas RSIP SHA acceleration default: off
*/
#define _WC_BUILDING_SHA512_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#if (defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)) && \
+2
View File
@@ -19,6 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define _WC_BUILDING_WC_LMS_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#if defined(WOLFSSL_HAVE_LMS)
+2
View File
@@ -37,6 +37,8 @@
* Enable when memory is limited.
*/
#define _WC_BUILDING_WC_LMS_IMPL_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#include <wolfssl/wolfcrypt/wc_lms.h>
+8
View File
@@ -135,6 +135,8 @@
* shift equivalent.
*/
#define _WC_BUILDING_WC_MLDSA_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#if FIPS_VERSION3_GE(2,0,0)
@@ -148,6 +150,12 @@
#if defined(WOLFSSL_HAVE_MLDSA)
#if defined(WC_MLDSA_NO_ASM) || defined(WC_SHA3_NO_ASM)
#undef USE_INTEL_SPEEDUP
#undef WOLFSSL_ARMASM
#undef WOLFSSL_RISCV_ASM
#endif
/* Pull in the legacy compatibility shim. wc_mldsa.h pulls in dilithium.h
* itself for the forward arm of the sub-config gate translation (so the
* canonical WOLFSSL_MLDSA_* gates are visible to wc_mldsa.h's own
+2
View File
@@ -70,6 +70,8 @@
* Cannot be used with WOLFSSL_NO_MALLOC.
*/
#define _WC_BUILDING_WC_MLKEM_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef WC_MLKEM_NO_ASM
+2
View File
@@ -67,6 +67,8 @@
* some platforms and is smaller in code size.
*/
#define _WC_BUILDING_WC_MLKEM_POLY_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef WC_MLKEM_NO_ASM
+5 -1
View File
@@ -19,6 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define _WC_BUILDING_WC_SLHDSA_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#if FIPS_VERSION3_GE(2,0,0)
@@ -47,7 +49,7 @@
#include <wolfssl/wolfcrypt/hmac.h>
#endif
#ifdef WC_SLHDSA_NO_ASM
#if defined(WC_SLHDSA_NO_ASM) || defined(WC_SHA3_NO_ASM)
#undef USE_INTEL_SPEEDUP
#undef WOLFSSL_ARMASM
#undef WOLFSSL_RISCV_ASM
@@ -3281,6 +3283,8 @@ static int slhdsakey_wots_pkgen_chain_c(SlhDsaKey* key, const byte* sk_seed,
WC_ALLOC_VAR_EX(sk, byte, (SLHDSA_MAX_MSG_SZ + 3) * SLHDSA_MAX_N,
key->heap, DYNAMIC_TYPE_SLHDSA, ret = MEMORY_E);
if (ret == 0)
XMEMSET(sk, 0, (SLHDSA_MAX_MSG_SZ + 3) * SLHDSA_MAX_N);
if (ret == 0) {
/* Step 4. len consecutive addresses. */
for (i = 0; i < len; i++) {
+2
View File
@@ -19,6 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define _WC_BUILDING_WC_XMSS_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#ifdef WOLFSSL_HAVE_XMSS
+2
View File
@@ -29,6 +29,8 @@
* (https://ece.engr.uvic.ca/~raltawy/SAC2021/9.pdf)
*/
#define _WC_BUILDING_WC_XMSS_IMPL_C
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#include <wolfssl/wolfcrypt/wc_xmss.h>
+39 -19
View File
@@ -1127,7 +1127,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cts_test(void);
do { \
ret = (err); \
ESP_LOGE(ESPIDF_TAG, "Failed: Error = %d during %s, line %d", \
err, __FUNCTION__, __LINE__); \
err, __func__, __LINE__); \
ESP_LOGI(ESPIDF_TAG, "Extended system info:"); \
esp_ShowExtendedSystemInfo(); \
ESP_LOGW(ESPIDF_TAG, "Paused for %d seconds! " \
@@ -19580,9 +19580,24 @@ static wc_test_ret_t aesgcm_non12iv_test(Aes* enc, Aes* dec)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif /* HAVE_AES_DECRYPT */
for (tlen = WOLFSSL_MIN_AUTH_TAG_SZ; tlen < 16; tlen++) {
for (tlen = WOLFSSL_MIN_AUTH_TAG_SZ; tlen <= WC_AES_BLOCK_SIZE; tlen++) {
int ii;
#ifndef WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH
switch (tlen) {
case 4:
case 8:
case 12:
case 13:
case 14:
case 15:
case 16:
break;
default:
continue;
}
#endif
XMEMSET(resultT, 0, sizeof(resultT));
wc_AesGcmSetKey(enc, k3, (word32)k3Sz);
/* AES-GCM encrypt and decrypt both use AES encrypt internally */
@@ -57775,7 +57790,7 @@ static wc_test_ret_t slhdsa_keygen_kat(enum SlhDsaParam param,
DYNAMIC_TYPE_TMP_BUFFER, return WC_TEST_RET_ENC_EC(MEMORY_E));
XMEMSET(key, 0, sizeof(*key));
ret = wc_SlhDsaKey_Init(key, param, NULL, INVALID_DEVID);
ret = wc_SlhDsaKey_Init(key, param, NULL, devId);
if (ret != 0) {
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
}
@@ -58058,30 +58073,30 @@ static wc_test_ret_t slhdsa_id_label_test(void)
/* NULL key rejected. */
ret = wc_SlhDsaKey_Init_id(NULL, param, id, (int)sizeof(id), HEAP_HINT,
INVALID_DEVID);
devId);
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
return WC_TEST_RET_ENC_EC(ret);
/* (id == NULL, len > 0) is the silent-contradiction case the original
* review flagged; must be rejected. */
ret = wc_SlhDsaKey_Init_id(&key, param, NULL, 8, HEAP_HINT, INVALID_DEVID);
ret = wc_SlhDsaKey_Init_id(&key, param, NULL, 8, HEAP_HINT, devId);
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
return WC_TEST_RET_ENC_EC(ret);
/* Length over the cap rejected with BUFFER_E. */
ret = wc_SlhDsaKey_Init_id(&key, param, id, SLHDSA_MAX_ID_LEN + 1,
HEAP_HINT, INVALID_DEVID);
HEAP_HINT, devId);
if (ret != WC_NO_ERR_TRACE(BUFFER_E))
return WC_TEST_RET_ENC_EC(ret);
/* Negative length rejected. */
ret = wc_SlhDsaKey_Init_id(&key, param, id, -1, HEAP_HINT, INVALID_DEVID);
ret = wc_SlhDsaKey_Init_id(&key, param, id, -1, HEAP_HINT, devId);
if (ret != WC_NO_ERR_TRACE(BUFFER_E))
return WC_TEST_RET_ENC_EC(ret);
/* Successful init copies the id and stores its length. */
ret = wc_SlhDsaKey_Init_id(&key, param, id, (int)sizeof(id), HEAP_HINT,
INVALID_DEVID);
devId);
if (ret != 0)
return WC_TEST_RET_ENC_EC(ret);
if (key.idLen != (int)sizeof(id))
@@ -58094,7 +58109,7 @@ static wc_test_ret_t slhdsa_id_label_test(void)
XMEMSET(&key, 0, sizeof(key));
/* (id != NULL, len == 0) is accepted as a no-op. */
ret = wc_SlhDsaKey_Init_id(&key, param, id, 0, HEAP_HINT, INVALID_DEVID);
ret = wc_SlhDsaKey_Init_id(&key, param, id, 0, HEAP_HINT, devId);
if (ret != 0)
return WC_TEST_RET_ENC_EC(ret);
if (key.idLen != 0)
@@ -58112,7 +58127,7 @@ static wc_test_ret_t slhdsa_id_label_test(void)
for (i = 0; i < SLHDSA_MAX_ID_LEN; i++)
id_max[i] = (unsigned char)(0x40 + i);
ret = wc_SlhDsaKey_Init_id(&key, param, id_max, SLHDSA_MAX_ID_LEN,
HEAP_HINT, INVALID_DEVID);
HEAP_HINT, devId);
if (ret != 0)
return WC_TEST_RET_ENC_EC(ret);
if (key.idLen != SLHDSA_MAX_ID_LEN)
@@ -58128,22 +58143,22 @@ static wc_test_ret_t slhdsa_id_label_test(void)
/* Init_label: NULL label / NULL key rejected. */
ret = wc_SlhDsaKey_Init_label(NULL, param, label, HEAP_HINT,
INVALID_DEVID);
devId);
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
return WC_TEST_RET_ENC_EC(ret);
ret = wc_SlhDsaKey_Init_label(&key, param, NULL, HEAP_HINT,
INVALID_DEVID);
devId);
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
return WC_TEST_RET_ENC_EC(ret);
/* Empty label is rejected. */
ret = wc_SlhDsaKey_Init_label(&key, param, "", HEAP_HINT, INVALID_DEVID);
ret = wc_SlhDsaKey_Init_label(&key, param, "", HEAP_HINT, devId);
if (ret != WC_NO_ERR_TRACE(BUFFER_E))
return WC_TEST_RET_ENC_EC(ret);
/* Successful init copies the label and stores its length. */
ret = wc_SlhDsaKey_Init_label(&key, param, label, HEAP_HINT,
INVALID_DEVID);
devId);
if (ret != 0)
return WC_TEST_RET_ENC_EC(ret);
if (key.labelLen != (int)XSTRLEN(label))
@@ -58167,7 +58182,7 @@ static wc_test_ret_t slhdsa_id_label_test(void)
label_max[i] = 'L';
label_max[SLHDSA_MAX_LABEL_LEN] = '\0';
ret = wc_SlhDsaKey_Init_label(&key, param, label_max, HEAP_HINT,
INVALID_DEVID);
devId);
if (ret != 0)
return WC_TEST_RET_ENC_EC(ret);
if (key.labelLen != SLHDSA_MAX_LABEL_LEN)
@@ -59234,7 +59249,7 @@ wc_test_ret_t slhdsa_test(void)
#endif
#ifndef WOLFSSL_SLHDSA_VERIFY_ONLY
ret = wc_SlhDsaKey_Init(key, SLHDSA_SHAKE128S, NULL, INVALID_DEVID);
ret = wc_SlhDsaKey_Init(key, SLHDSA_SHAKE128S, NULL, devId);
if (ret != 0) {
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
}
@@ -74914,11 +74929,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void)
*
* Only enforce when slhdsa_test() actually runs a cb-routed op:
* !VERIFY_ONLY runs slhdsa_test_param (uses devId), or
* PARAM_128S enables the in-tree KAT verify (also uses devId). */
* PARAM_128S enables the in-tree KAT verify (also uses devId).
*
* The FIPS wrappers force the devId to FIPS_INVALID_DEVID, so we skip
* the check for FIPS.
*/
int baseline = myCtx.exampleVar;
ret = slhdsa_test();
#if !defined(WOLFSSL_SLHDSA_VERIFY_ONLY) || \
defined(WOLFSSL_SLHDSA_PARAM_128S)
#if (!defined(WOLFSSL_SLHDSA_VERIFY_ONLY) || \
defined(WOLFSSL_SLHDSA_PARAM_128S)) && \
!defined(HAVE_FIPS)
if ((ret == 0) && (myCtx.exampleVar == baseline))
ret = WC_TEST_RET_ENC_NC;
#endif
+2
View File
@@ -74,9 +74,11 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp
OcspEntry *entry, OcspRequest *ocspRequest,
void* heap);
#ifndef CheckOcspResponder
WOLFSSL_LOCAL int CheckOcspResponder(OcspResponse *bs, byte* subjectNameHash,
byte* subjectKeyHash, byte extExtKeyUsage, byte* issuerNameHash,
byte* issuerKeyHash);
#endif
/* Allocates and initializes a WOLFSSL_OCSP object */
WOLFSSL_API WOLFSSL_OCSP* wc_NewOCSP(WOLFSSL_CERT_MANAGER* cm);
+4 -2
View File
@@ -70,8 +70,9 @@ WOLFSSL_LOCAL void GenerateM0(Gcm* gcm);
!defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
WOLFSSL_LOCAL void GMULT(byte* X, byte* Y);
#endif
WOLFSSL_LOCAL void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
word32 cSz, byte* s, word32 sSz);
WOLFSSL_LOCAL void WC_ARG_NOT_NULL(1) GHASH(Gcm* gcm, const byte* a,
word32 aSz, const byte* c,
word32 cSz, byte* s, word32 sSz);
#endif
#ifndef NO_AES
@@ -614,6 +615,7 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
#endif
#ifdef HAVE_AESGCM
WOLFSSL_LOCAL int wc_local_AesGcmCheckTagSz(word32 authTagSz);
#ifdef WOLFSSL_XILINX_CRYPT
WOLFSSL_API int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
word32 kup);
+1 -1
View File
@@ -728,7 +728,7 @@ int StackSizeHWMReset(void)
#if defined(__GNUC__) || defined(__clang__)
#define STACK_SIZE_INIT() \
(void)StackSizeSetOffset(__FUNCTION__, __builtin_frame_address(0))
(void)StackSizeSetOffset(__func__, __builtin_frame_address(0))
#endif
#endif /* HAVE_STACK_SIZE_VERBOSE */
+20 -12
View File
@@ -356,9 +356,6 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
#ifndef WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED
#define WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED 0
#endif
#ifndef CAN_SAVE_VECTOR_REGISTERS
#define CAN_SAVE_VECTOR_REGISTERS() (SAVE_VECTOR_REGISTERS2_fuzzer() == 0)
#endif
#endif
#ifdef DEBUG_VECTOR_REGISTER_ACCESS
@@ -385,7 +382,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
fprintf(stderr, \
("%s() %s @ L %d : incr : " \
"wc_svr_count %d (last op %s L %d)\n"), \
__FUNCTION__, \
__func__, \
__FILE__, \
__LINE__, \
wc_svr_count, \
@@ -408,7 +405,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
fprintf(stderr, \
("%s() %s @ L %d : incr : " \
"wc_svr_count %d (last op %s L %d)\n"), \
__FUNCTION__, \
__func__, \
__FILE__, \
__LINE__, \
wc_svr_count, \
@@ -420,15 +417,26 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
} while (0)
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
#ifndef CAN_SAVE_VECTOR_REGISTERS
#define CAN_SAVE_VECTOR_REGISTERS() \
((wc_svr_count > 0) ? 1 : \
SAVE_VECTOR_REGISTERS2_fuzzer() == 0)
#endif
#define SAVE_VECTOR_REGISTERS2(...) ({ \
int _svr2_val = SAVE_VECTOR_REGISTERS2_fuzzer(); \
int _svr2_val; \
if (wc_svr_count > 0) \
_svr2_val = 0; \
else \
_svr2_val = SAVE_VECTOR_REGISTERS2_fuzzer(); \
if (_svr2_val == 0) { \
++wc_svr_count; \
if (wc_svr_count > 5) { \
fprintf(stderr, \
("%s() %s @ L %d : incr : " \
"wc_svr_count %d (last op %s L %d)\n"), \
__FUNCTION__, \
__func__, \
__FILE__, \
__LINE__, \
wc_svr_count, \
@@ -452,7 +460,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
fprintf(stderr, \
("%s() %s @ L %d : incr : " \
"wc_svr_count %d (last op %s L %d)\n"), \
__FUNCTION__, \
__func__, \
__FILE__, \
__LINE__, \
wc_svr_count, \
@@ -467,7 +475,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
fprintf(stderr, \
("%s() %s @ L %d : incr : " \
"wc_svr_count %d (last op %s L %d)\n"), \
__FUNCTION__, \
__func__, \
__FILE__, \
__LINE__, \
wc_svr_count, \
@@ -489,7 +497,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
fprintf(stderr, \
("ASSERT_SAVED_VECTOR_REGISTERS : %s() %s @ L %d : " \
"wc_svr_count %d (last op %s L %d)\n"), \
__FUNCTION__, \
__func__, \
__FILE__, \
__LINE__, \
wc_svr_count, \
@@ -503,7 +511,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
fprintf(stderr, \
("ASSERT_RESTORED_VECTOR_REGISTERS : %s() %s @ L %d" \
" : wc_svr_count %d (last op %s L %d)\n"), \
__FUNCTION__, \
__func__, \
__FILE__, \
__LINE__, \
wc_svr_count, \
@@ -519,7 +527,7 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
fprintf(stderr, \
("%s() %s @ L %d : decr : " \
"wc_svr_count %d (last op %s L %d)\n"), \
__FUNCTION__, \
__func__, \
__FILE__, \
__LINE__, \
wc_svr_count, \
+61 -17
View File
@@ -1641,14 +1641,14 @@
#if (defined(DEBUG_WOLFSSL) || defined(DEBUG_WOLFSSL_MALLOC))
#define XMALLOC(s, h, type) \
((void)(h), (void)(type), wc_debug_pvPortMalloc( \
(s), (__FILE__), (__LINE__), (__FUNCTION__) ))
s, __FILE__, __LINE__, __func__))
#else
#define XMALLOC(s, h, type) \
((void)(h), (void)(type), wc_pvPortMalloc((s))) /* native heap */
((void)(h), (void)(type), wc_pvPortMalloc(s)) /* native heap */
#endif
#else
#define XMALLOC(s, h, type) \
((void)(h), (void)(type), pvPortMalloc((s))) /* native heap */
((void)(h), (void)(type), pvPortMalloc(s)) /* native heap */
#endif
/* XFREE */
@@ -1656,14 +1656,14 @@
#if (defined(DEBUG_WOLFSSL) || defined(DEBUG_WOLFSSL_MALLOC))
#define XFREE(p, h, type) \
((void)(h), (void)(type), wc_debug_pvPortFree( \
(p), (__FILE__), (__LINE__), (__FUNCTION__) ))
p, __FILE__, __LINE__, __func__))
#else
#define XFREE(p, h, type) \
((void)(h), (void)(type), wc_pvPortFree((p)))
((void)(h), (void)(type), wc_pvPortFree(p))
#endif
#else
#define XFREE(p, h, type) \
((void)(h), (void)(type), vPortFree((p))) /* native heap */
((void)(h), (void)(type), vPortFree(p)) /* native heap */
#endif
/* XREALLOC */
@@ -1671,19 +1671,19 @@
#if (defined(DEBUG_WOLFSSL) || defined(DEBUG_WOLFSSL_MALLOC))
#define XREALLOC(p, n, h, t) \
((void)(h), (void)(t), wc_debug_pvPortRealloc( \
(p), (n),(__FILE__), (__LINE__), (__FUNCTION__) ))
p, n, __FILE__, __LINE__, __func__))
#else
/* In the Espressif EDP-IDF, realloc(p, n) is equivalent to
* heap_caps_realloc(p, s, MALLOC_CAP_8BIT)
* There's no pvPortRealloc available, use native heap: */
#define XREALLOC(p, n, h, t) \
((void)(h), (void)(t), wc_pvPortRealloc((p), (n)))
((void)(h), (void)(t), wc_pvPortRealloc(p, n))
#endif
#elif defined(USE_INTEGER_HEAP_MATH) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_ALL)
/* FreeRTOS pvPortRealloc() implementation can be found here:
* https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
#define XREALLOC(p, n, h, t) ((void)(h), (void)(t), pvPortRealloc((p), (n)))
#define XREALLOC(p, n, h, t) ((void)(h), (void)(t), pvPortRealloc(p, n))
#else
/* no XREALLOC available */
#endif
@@ -3558,6 +3558,12 @@
#error WOLFSSL_MIN_AUTH_TAG_SZ must be at least 1
#endif
#if defined(HAVE_FIPS) && FIPS_VERSION3_GE(7, 0, 0)
/* No short (<96 bit) tags per SP 800-38D 2026 revision in process. */
#if WOLFSSL_MIN_AUTH_TAG_SZ < 12
#error WOLFSSL_MIN_AUTH_TAG_SZ must be >= 12 per SP 800-38D Rev 1
#endif
#endif
/* sniffer requires:
* static RSA cipher suites
@@ -3998,8 +4004,31 @@
#undef HAVE_PUBLIC_FFDHE
#endif
#undef WOLFSSL_MIN_AUTH_TAG_SZ
#define WOLFSSL_MIN_AUTH_TAG_SZ 4
#if defined(HAVE_FIPS)
#if FIPS_VERSION3_LT(7, 0, 0)
/* support RFC 4106 IPsec ESP 64 bit tags */
#undef WOLFSSL_MIN_AUTH_TAG_SZ
#define WOLFSSL_MIN_AUTH_TAG_SZ 8
#else
/* No short (<96 bit) tags per SP 800-38D 2026 revision in process. */
#if WOLFSSL_MIN_AUTH_TAG_SZ < 12
#undef WOLFSSL_MIN_AUTH_TAG_SZ
#define WOLFSSL_MIN_AUTH_TAG_SZ 12
#endif
#endif
#elif defined(CONFIG_CRYPTO_MANAGER_EXTRA_TESTS) || defined(CONFIG_CRYPTO_SELFTESTS_FULL)
/* The Linux kernel native crypto fuzzer expects small AES-GCM tag sizes to succeed. */
#if WOLFSSL_MIN_AUTH_TAG_SZ > 4
#undef WOLFSSL_MIN_AUTH_TAG_SZ
#define WOLFSSL_MIN_AUTH_TAG_SZ 4
#endif
#else
/* support RFC 4106 IPsec ESP */
#if WOLFSSL_MIN_AUTH_TAG_SZ > 8
#undef WOLFSSL_MIN_AUTH_TAG_SZ
#define WOLFSSL_MIN_AUTH_TAG_SZ 8
#endif
#endif
#if defined(LINUXKM_LKCAPI_REGISTER) && !defined(WOLFSSL_ASN_INT_LEAD_0_ANY)
/* kernel 5.10 crypto manager tests key(s) that fail unless leading
@@ -4011,9 +4040,9 @@
#define WOLFSSL_AARCH64_PRIVILEGE_MODE
#endif
/* USE_INTEL_SPEEDUP currently gives wrong results for ML-KEM in linuxkm. */
#if !defined(WC_MLKEM_NO_ASM) && !defined(WC_MLKEM_KERNEL_ASM)
#define WC_MLKEM_NO_ASM
#ifndef WC_SIPHASH_NO_ASM
/* siphash asm produces wrong results in kernel mode. */
#define WC_SIPHASH_NO_ASM
#endif
#endif /* WOLFSSL_LINUXKM */
@@ -4094,8 +4123,10 @@
#define WOLFSSL_HAVE_MAX
#endif /* WOLFSSL_BSDKM */
/* Common setup for kernel mode builds */
#ifdef WOLFSSL_KERNEL_MODE
/* Common setup for kernel mode builds, also compatible with user library via
* WOLFSSL_KERNEL_MODE_DEFAULTS.
*/
#if defined(WOLFSSL_KERNEL_MODE) || defined(WOLFSSL_KERNEL_MODE_DEFAULTS)
#ifndef WOLFSSL_API_PREFIX_MAP
#define WOLFSSL_API_PREFIX_MAP
#endif
@@ -4149,7 +4180,11 @@
#undef WOLFSSL_GENERAL_ALIGNMENT
#define WOLFSSL_GENERAL_ALIGNMENT SIZEOF_LONG
#endif
#endif /* WOLFSSL_KERNEL_MODE */
#ifndef WOLFSSL_SMALL_STACK_STATIC
#define WOLFSSL_SMALL_STACK_STATIC
#endif
#endif /* WOLFSSL_KERNEL_MODE || WOLFSSL_KERNEL_MODE_DEFAULTS */
#if defined(WC_SYM_RELOC_TABLES) && defined(HAVE_FIPS) && \
!defined(WC_PIE_RELOC_TABLES)
@@ -4189,6 +4224,15 @@
#endif
#endif
/* SHA-3 low level state can't alternate freely between C and intelasm. */
#if (defined(_WC_BUILDING_WC_MLKEM_POLY_C) || \
defined(_WC_BUILDING_WC_MLDSA_C) || \
defined(_WC_BUILDING_WC_SLHDSA_C)) && \
defined(DEBUG_VECTOR_REGISTER_ACCESS_FUZZING) && \
!defined(DEBUG_FORCE_VECTOR_REGISTER_ACCESS_FUZZING)
#undef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
#endif
/* Make sure setting OPENSSL_ALL also sets OPENSSL_EXTRA. */
#if defined(OPENSSL_ALL) && !defined(OPENSSL_EXTRA)
#define OPENSSL_EXTRA
-4
View File
@@ -433,10 +433,6 @@ enum {
#endif
#endif
#if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
#define INLINE WC_INLINE
#endif
/* set up rotate style */
#if ((defined(_MSC_VER) && !defined(WOLFSSL_NOT_WINDOWS_API)) || \
defined(__BCPLUSPLUS__)) && !defined(WOLFSSL_SGX) && \
+9 -3
View File
@@ -106,7 +106,10 @@
#endif
#endif /* !WC_DEPRECATED */
/* use inlining if compiler allows */
/* Use inlining if compiler allows -- omit the static attribute here, so that
* WC_INLINE can be used on functions that are instantiated both inline in the
* TU, and callable from outside the TU.
*/
#ifndef WC_INLINE
#ifndef NO_INLINE
#ifdef _MSC_VER
@@ -143,6 +146,10 @@
#endif
#endif
#if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
#define INLINE WC_INLINE
#endif
#ifndef WC_NO_INLINE
#ifdef noinline
#define WC_NO_INLINE noinline
@@ -549,8 +556,7 @@
* should not be included. Use FreeBSD <machine/atomic.h> instead.
* definitions are in bsdkm/bsdkm_wc_port.h */
#elif defined(HAVE_C___ATOMIC) && defined(WOLFSSL_HAVE_ATOMIC_H) && \
!defined(__cplusplus) && \
!(defined(__clang__) && defined(WOLFSSL_KERNEL_MODE))
!defined(__cplusplus)
/* Default C Implementation */
#include <stdatomic.h>
typedef atomic_int wolfSSL_Atomic_Int;