mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 20:20:50 +02:00
tests: skip AES rounds-corruption checks under WOLFSSL_ARMASM
The aes.rounds-validity check that returns KEYUSAGE_E lives only in the pure-C block encrypt (AesEncryptBlocks_C). On ARMv8 with crypto extensions, --enable-all auto-enables WOLFSSL_ARMASM, whose asm wc_AesEncrypt bypasses that check, so corrupting aes.rounds no longer fails the op (returns 0). This broke the SetKey/CTR/CFB/OFB/CCM/CMAC rounds-corruption assertions on the arm64 CI runners. Extend WC_TEST_AES_ROUNDS_OFFLOADED to also cover WOLFSSL_ARMASM (joining WOLF_CRYPTO_CB_FIND / WOLF_CRYPTO_CB_ONLY_AES). MC/DC of that decision is still obtained from the pure-C configs in the variant union. x86 (incl. AES-NI, which does validate rounds) is unaffected.
This commit is contained in:
+12
-7
@@ -48,13 +48,18 @@
|
||||
#include <tests/api/test_aes.h>
|
||||
#include <tests/utils.h>
|
||||
|
||||
/* Several tests corrupt aes.rounds (or cmac.aes.rounds) to force the in-process
|
||||
* software AES to fail with KEYUSAGE_E. That is only observable when the
|
||||
* software AES actually runs and validates rounds. It does NOT when the op is
|
||||
* offloaded to a crypto callback: WOLF_CRYPTO_CB_FIND routes even INVALID_DEVID
|
||||
* to the callback, and WOLF_CRYPTO_CB_ONLY_AES strips the software AES entirely
|
||||
* (both make the corrupted struct irrelevant, so the op returns success). */
|
||||
#if defined(WOLF_CRYPTO_CB_FIND) || defined(WOLF_CRYPTO_CB_ONLY_AES)
|
||||
/* Several tests corrupt aes.rounds (or cmac.aes.rounds) to force KEYUSAGE_E from
|
||||
* the AES rounds-validity check. That check lives only in the pure-C block
|
||||
* encrypt (AesEncryptBlocks_C), so the corruption is only observable when that
|
||||
* path runs. It is NOT observable when:
|
||||
* - the op is offloaded to a crypto callback: WOLF_CRYPTO_CB_FIND routes even
|
||||
* INVALID_DEVID to the callback, and WOLF_CRYPTO_CB_ONLY_AES strips the
|
||||
* software AES entirely; or
|
||||
* - an asm/HW backend provides its own wc_AesEncrypt that skips the check
|
||||
* (e.g. WOLFSSL_ARMASM on ARMv8 with crypto extensions).
|
||||
* In all these cases the corrupted struct is ignored and the op returns 0. */
|
||||
#if defined(WOLF_CRYPTO_CB_FIND) || defined(WOLF_CRYPTO_CB_ONLY_AES) || \
|
||||
defined(WOLFSSL_ARMASM)
|
||||
#define WC_TEST_AES_ROUNDS_OFFLOADED
|
||||
#endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user